---
title: ARX Documentation
description: AI Workforce Governance docs — onboard, supervise, evaluate, record, and terminate the digital workforce.
---

# ARX Documentation

ARX is **AI Workforce Governance** — the operating model under every AI agent your enterprise hires. Workday-shaped, not SIEM-shaped. Governance is the category; workforce infrastructure is the implementation. This site is organized so a CEO/CHRO/CFO/CISO buyer, a customer engineering team, and a partner builder all land on the right material in the first three clicks.

## Start Here

If you are new to ARX, read in this order:

1. [What is AI Workforce Governance?](getting-started/ai-workforce-infrastructure) — the category. Why this is a Workday-shaped product, not a SIEM-shaped product.
2. [What is ARX?](getting-started/what-is-arx) — how the platform implements the five governance pillars.
3. [Key Concepts](getting-started/concepts) — vocabulary: Cell, Shape, Cohort, Atlas, Manager Queue, Personnel Record, Termination Attestation.
4. [FAQ](getting-started/faq) — buyer Q&A, including "isn't this just policy gates?" and "what about CISOs?"
5. [72-Hour Deployment Runbook](deployment/72-hour-runbook) — the operational playbook for taking 10K-20K agents from manifest set to live.

## Role-Based Onboarding

- **CEO / CHRO / CFO path** (the buyer): [CEO Brief](briefs/ceo-brief) → [What is AI Workforce Governance?](getting-started/ai-workforce-infrastructure) → [Value-Based Pricing](pricing/value-based-pricing) → [72-Hour Runbook](deployment/72-hour-runbook).
- **CISO path** (the validator): [Atlas Spec](atlas/atlas-spec) → [Per-Agent Credentials](credentials/per-agent-auth-integration) → [Audit Trail](compliance/audit-trail).
- **Engineering leader path** (the customer's IT/CIO): [What is ARX?](getting-started/what-is-arx) → [Architecture](getting-started/architecture) → [Enterprise Reference Architecture](getting-started/enterprise-reference-architecture) → [Onboarding Guide](getting-started/onboarding).
- **Agent builder path** (customer engineering, partner): [SDK Overview](sdk/README) → [Research / Production / Coordination worked examples](sdk/research-shape-worked-example) → [Manifest framework](https://github.com/gethammerpath/project-agent/blob/main/reference-agents/MANIFEST_FRAMEWORK.md).

## Documentation Sections

### Briefs

- [CEO Brief](briefs/ceo-brief) — 4-minute decision-oriented brief for the CEO; the engagement signing decision in one page.

### Start Here

- [What is ARX?](getting-started/what-is-arx)
- [FAQ](getting-started/faq)
- [Onboarding Paths](getting-started/onboarding-paths)
- [Onboarding Guide](getting-started/onboarding)
- [Quickstart](getting-started/quickstart)
- [End-to-End Tutorial](getting-started/e2e-tutorial)
- [Architecture](getting-started/architecture)
- [Enterprise Reference Architecture](getting-started/enterprise-reference-architecture)
- [Key Concepts](getting-started/concepts)

### Build & Integrate

- [SDK Installation](sdk/installation)
- [AI Client Integration](sdk/ai-client-integration)
- [MCP Server Setup](sdk/mcp-setup)
- [Using Connectors](sdk/using-connectors)
- [Agent Routing Patterns](sdk/agent-routing)
- [Workflow Customization](sdk/workflow-customization)
- [ARXClient Reference](sdk/client-reference)
- [Error Handling](sdk/error-handling)
- [API Overview](api/overview)

### The Five Governance Pillars

Onboarding, Supervision, Evaluation, Records, Termination — the operating model underneath every digital employee. AI workforce governance is structurally enforced by the five pillars together, not by any single one. The runtime mechanism — policy engine, approval gates, audit chain — lives inside the **Supervision and Records pillars** and is documented below.

#### Supervision (manager-bound approval gating)

- [Policy Engine](governance/policy-engine)
- [Approval Gates](governance/approval-gates)
- [Approval Workflow Guide](governance/approval-workflow-guide)
- [Escalation Policy Matrix](governance/escalation-policy-matrix)
- [Risk Scoring](governance/risk-scoring)
- [Intent Manifests](governance/intent-manifests)
- [Drift Detection](governance/drift-detection)

#### Records (hash-chained personnel record + customer-side verification)

- [Audit Trail](compliance/audit-trail)
- [Compliance Packages](compliance/packages)
- [SOC 2 Mapping](compliance/soc2-mapping)
- [Evidence Export](compliance/evidence-export)
- [Per-Agent Credentials (Onboarding pillar)](credentials/per-agent-auth-integration)

#### Atlas (the CEO-aide layer over all five pillars)

- [Atlas Spec](atlas/atlas-spec)
- [Atlas Network Policy](atlas/network-policy.yaml)

### Platform Administration

- [Authentication Overview](admin/auth-overview)
- [SAML 2.0 Setup](admin/auth-saml)
- [OIDC SSO](admin/auth-oidc)
- [Supabase Auth Setup](admin/auth-supabase)
- [SCIM Provisioning](admin/scim)
- [API Keys](admin/api-keys)
- [RBAC & Roles](admin/rbac)
- [IP Allowlisting](admin/ip-allowlist)
- [Rate Limiting](admin/rate-limiting)
- [Notifications](admin/notifications)
- [Webhooks](admin/webhooks)
- [CMEK](admin/cmek)
- [SIEM Export](admin/siem-export)

### Connector Reference

- [Connector Overview](connectors/overview)
- [Integration Catalog](connectors/catalog)
- [EDR / XDR](connectors/edr-xdr/index)
- [SIEM / Log Management](connectors/siem/index)
- [Cloud Security](connectors/cloud-security/index)
- [Identity / PAM](connectors/identity/index)
- [AppSec / Vulnerability](connectors/appsec/index)
- [Network / Email](connectors/network-email/index)
- [Threat Intelligence](connectors/threat-intel/index)
- [ITSM / Communications](connectors/itsm/index)
- [GRC / Compliance](connectors/grc/index)
- [Secrets / Vaults](connectors/secrets-vaults/index)

### Operate & Troubleshoot

- [Deployment Guide](deployment-guide)
- [72-Hour Deployment Runbook](deployment/72-hour-runbook)
- [Testing Guide](testing-guide)
- [Troubleshooting](troubleshooting)
- [Status Page Setup](ops/status-page-setup)
- [Disaster Recovery](ops/disaster-recovery)
- [Load Test Results](ops/load-test-results)

### Security & Trust

- [Incident Response](security/incident-response)
- [Supply Chain Security](security/supply-chain)
- [Vulnerability Disclosure](security/vulnerability-disclosure)

### Integrations and Updates

- [Mendix Integration](integrations/mendix-integration)
- [Changelog](changelog)

## First Value Milestone

The first deployment milestone is the 72-hour runbook end-to-end. The shorter pilot version: instantiate one cohort of 50-200 agents from one Atlas-produced manifest, prove the five pillars, then flip one wave live.

1. **Onboarding** — every agent gets a per-agent credential issued at instantiation; the Roster shows them all bound to a named manager.
2. **Supervision** — the manager queue receives a synthetic approval; the manager responds within SLA; auto-escalation fires for non-responders.
3. **Evaluation** — the cohort runs in shadow-mode for 24h; drift surfaces against the manifest.
4. **Records** — the audit chain bootstraps; the customer's auditor verifies it on their laptop with `arxctl verify-chain`.
5. **Termination** — one cohort is terminated end-to-end; every agent's credentials revoke atomically; the exit attestation lands in the personnel record.

If all five pillars are observable, the platform is working as designed. The next 9,800-19,800 agents flow through the same five pillars at the same operational cost.

## Support

- Product support: `support@arxsec.io`
- Security issues: `security@arxsec.io`
- Status page: [status.arxsec.io](https://status.arxsec.io)