Get Started with Lelu
Send your first confidence-aware authorization request and see the decision in seconds. This guide will walk you through starting the engine, making an API call, and using the SDK.
Start the engine
The fastest way to get Lelu running is with Docker. This starts the engine, platform, UI, and database in one command.
# Pull and start all services
docker pull leluauth/lelu-engine:latest
curl -O https://raw.githubusercontent.com/lelu-auth/lelu/main/docker-compose.production.yml
docker-compose -f docker-compose.production.yml up -dCall the API
Use the agent authorization endpoint and include a confidence score. In this example, the agent is 85% confident it should delete an S3 object.
curl -X POST http://localhost:8083/v1/agent/authorize \
-H "Content-Type: application/json" \
-d '{
"actor": "agent-123",
"action": "s3:DeleteObject",
"resource": { "bucket": "prod-data" },
"confidence": 0.85,
"acting_for": "user-42",
"scope": "storage:write"
}'Inspect the decision
The engine evaluates the request against your Rego policies. If the confidence meets the threshold, it's allowed. Otherwise, it might require human review.
{
"allowed": true,
"reason": "Confidence threshold met",
"trace_id": "tr_7f30c2...",
"requires_human_review": false,
"confidence_used": 0.85
}View audit logs
Use the built-in CLI to view audit logs and manage policies directly from your terminal.
# Install and view audit logs
npm install -g @lelu-auth/lelu
npx @lelu-auth/lelu audit-log
# Manage policies
npx @lelu-auth/lelu policies list
npx @lelu-auth/lelu policies get authUse the SDK
For production applications, use our official SDKs to integrate Lelu directly into your codebase.
import { LeluClient } from "@lelu-auth/lelu";
const client = new LeluClient({
baseUrl: "http://localhost:8083",
});
const decision = await client.agentAuthorize({
actor: "agent-123",
action: "s3:DeleteObject",
resource: { bucket: "prod-data" },
confidence: 0.85,
});