Your First Mandate

Step 1: Authenticate

truss auth login

Authenticate with your Truss account. This stores your session token locally.

Step 2: Register an Agent

truss agent create my-agent ed25519_pub_key_here

Create an agent — an entity that will perform actions under a mandate. The public key binds the agent's identity to cryptographic signatures.

Step 3: Issue a Mandate

truss mandate create \
  --agent my-agent \
  --action "access:document" \
  --resource "doc-123"

A mandate grants the agent permission to perform a specific action on a specific resource. Every action the agent takes must fall within the mandate's scope.

Step 4: Record an Action

truss action record \
  --mandate-id <id> \
  --action-type access:document \
  --input-hash sha256:abc \
  --output-hash sha256:def

Record a cryptographically verifiable action under the mandate. Input and output hashes provide an immutable audit trail.

Step 5: Verify

truss verify mandate <mandate-id>
truss evidence generate <mandate-id>
truss verify package <package-id>

Verify the mandate is valid and active, generate an evidence package for the mandate's action log, then verify the package's cryptographic integrity.

PreviousCross-Organizational Evidence SharingNextFAQ