Getting Started
Quick Start: Identity Provider
Run your own DDISA Identity Provider in 3 minutes.
Run Your Own Identity Provider
Prerequisites
- Node.js 22+
1. Create Project
npx @openape/apes init --idp my-idp
cd my-idp
The wizard asks for your domain, storage backend, and admin email. It generates all secrets automatically.
2. Start
npm run dev
3. Test
Open http://localhost:3000/admin. You're the admin — create a registration URL, register your first user with a passkey, and log in.
Done
Your IdP is running locally with in-memory storage. Users authenticate with WebAuthn passkeys.
Production Checklist
- DNS — Add a TXT record:
_ddisa.yourdomain.com TXT "v=ddisa1 idp=https://id.yourdomain.com" - Storage — Switch from
memorytofsors3innuxt.config.ts - Domain — Update
RP_ID,RP_ORIGIN, andISSUERin.envto your production domain - Deploy —
vercel deployor any Node.js hosting
What's Next?
- Enroll an AI agent — give agents identity on your IdP
- Configure DNS for your domain — connect your domain
- How DDISA works — understand the protocol
Auto-Registered Pages
Your IdP comes with these pages out of the box:
| Page | Purpose |
|---|---|
/login | WebAuthn passkey login |
/register?token=... | Passkey registration via invitation link |
/account | Device & credential management |
/admin | User, agent & grant administration |
/enroll | Agent enrollment |