NOMOS
Get started
Get started

Install the dashboard

Hosted (recommended), Docker on your laptop, or self-host in your cloud. Pick one.

You don't install Nomos — you sign up for the hosted control plane, run a local Docker stack for dev, or self-host. All three options use the same @auto-nomos/* npm packages and the same dashboard.

Pick a path

PathBest forSetup time
HostedTrying it out, side projects, most production2 min
Docker (laptop)Local dev, offline demos, contributing back10 min
Self-host (terraform)Regulated industries, VPC-only, customer edge1–2 hours

Path 1 — Hosted (recommended)

  1. 1
    Create an account

    Visit app.auto-nomos.com/sign-up. Email + password or sign in with GitHub. Verify your email when prompted.

    Sign-up form on app.auto-nomos.com
    The hosted control plane is at app.auto-nomos.com.
  2. 2
    Enroll a passkey

    Step-up approvals require a passkey. The dashboard walks you through enrollment on first login — pick TouchID, FaceID, or a hardware key. Skip and you'll be prompted again when an agent's first risky call lands.

    Passkey enrollment screen
    One passkey per teammate. Hardware keys, biometrics, or platform keys all work.
  3. 3
    Note your control-plane URL

    Hosted uses https://control.auto-nomos.com. You'll paste this into the SDK + MCP server config. There's no per-tenant subdomain.

That's it.

Skip to Connect your first provider. The rest of this page covers Docker + self-host.

Path 2 — Docker (laptop)

For local dev, contributing, or offline demos. Runs the full stack — Postgres, control plane, PDP, dashboard — in one docker-compose up.

Before you start

  • Docker Desktop 4.20+ (or Colima / Orbstack on macOS).
  • Node.js 22 + pnpm 11.
  • A free port: 5433 (Postgres), 3000 (dashboard), 8787 (PDP), 8788 (control plane).
  1. 1
    Clone the repo
    bash
    git clone https://github.com/varendra007/agent-credential-broker.git
cd agent-credential-broker
pnpm install
  2. 2
    Start Postgres
    bash
    docker compose -f infrastructure/docker/docker-compose.yml up -d

    Postgres listens on localhost:5433 (not 5432, to avoid clashing with existing installs). The first boot runs all Drizzle migrations.

  3. 3
    Generate keys + start the stack
    bash
    pnpm gen-keys                 # writes .env.local with fresh signing + encryption keys
pnpm dev                      # runs control plane, PDP, dashboard concurrently

    Open http://localhost:3000, sign up, and enroll a passkey.

Verify it worked

  • Dashboard loads at http://localhost:3000.
  • curl http://localhost:8787/health returns {"ok":true} (PDP).
  • curl http://localhost:8788/health returns {"ok":true} (control plane).
  • docker compose ps shows postgres running.

Path 3 — Self-host with Terraform

Run Nomos inside your VPC. Three Terraform modules ship — pick the cloud you operate in.

Full walkthrough lives in Self-host with Terraform.

Hosted vs self-host: not a one-way door.

Connections, policies, apps, and audit history all export as JSON from the dashboard. Start hosted; migrate later if compliance requires it.

Next →Connect your first providerGitHub OAuth in three clicks.Next →Self-host with TerraformFull module-by-module walkthrough.