Nolixan

FAQ

Common questions about connecting, executing, and governing actions.

Do I have to write any code to get governance? No. Policy and audit apply on every surface — direct execution, the proxy, and MCP — without extra calls from you.

How do I let an agent only read, never write? Enable default-deny on writes for the environment. Reads default to allow; writes and destructive actions are denied unless an allow policy permits them.

Where are my credentials stored? Encrypted at rest with AES-256-GCM. OAuth tokens are refreshed automatically; the audit log stores only a hash of action arguments, never the plaintext.

Can the person who triggers an action approve it? No — separation of duties blocks self-approval with a 403, and the attempt is audited.

An action returned 202 — what does that mean? A policy requires approval. The action is held until a different person approves it; the response includes an approval_id.

The action I need isn't in the catalog. Use the proxy to call the provider's endpoint directly — still governed and audited.

Which auth method should my agent use? An API-Key. JWTs are for signed-in dashboard users.

Is there a CLI? Yes — the nolixan CLI authenticates and manages connections, actions, triggers, and MCP config from your terminal (see CLI). For in-app use, the SDKs (Node / Python / Go / .NET) are libraries you call directly — see the Quickstart and SDKs.