# Aegress

> AI access governance for Microsoft 365, browser AI apps, MCP tools, extension coverage, evidence, and remediation.

Aegress is built for human admins and AI agents. Prefer the typed,
tenant-scoped surfaces below instead of scraping console HTML. Tenant data
requires an authenticated admin session, service token, extension token, SCIM
token, or MCP OAuth/bearer context depending on the surface.

## Production Hosts

- Web console: https://aegress.com
- API service: https://api.aegress.com
- MCP gateway: https://mcp.aegress.com
- MCP endpoint: https://mcp.aegress.com/mcp
- Short index for agents: https://aegress.com/llms.txt
- Full agent context: https://aegress.com/llms-full.txt
- Agent card: https://aegress.com/.well-known/agent.json

## Console Navigation

- [/signup](/signup): Create the recovery owner account.
- [/signin](/signin): Sign in. Managed domains route to company SSO when configured.
- [/onboarding](/onboarding): Guided setup. Account access is separate from coverage mode.
- [/surface-search?q=SCIM](/surface-search?q=SCIM): Agent-friendly jump endpoint for SCIM, SSO, Entra scan, extension rollout, gateway, evidence, logbook, billing, and settings.
- [/dashboard](/dashboard): Tenant overview and setup status.
- [/settings?tab=integrations&setup=identity#company-sso-login](/settings?tab=integrations&setup=identity#company-sso-login): Company SSO login setup.
- [/settings?tab=integrations&setup=identity#scim-provisioning](/settings?tab=integrations&setup=identity#scim-provisioning): SCIM provisioning.
- [/settings?tab=integrations#entra-app-scan](/settings?tab=integrations#entra-app-scan): Entra app scan setup.
- [/settings?tab=extension](/settings?tab=extension): Managed extension deployment kit settings.
- [/extension](/extension): Browser extension coverage state.
- [/extension/intune-guide](/extension/intune-guide): Intune, MDM, GPO, Jamf, Kandji, and PowerShell rollout guidance.
- [/gateway?tab=deploy](/gateway?tab=deploy): MCP gateway deployment.
- [/gateway?tab=tools](/gateway?tab=tools): Tenant-approved MCP tools.
- [/gateway?tab=audit](/gateway?tab=audit): Gateway audit events.
- [/evidence?tab=source](/evidence?tab=source): Source records before evidence packs.
- [/logbook?tab=setup](/logbook?tab=setup): Governance setup logbook.

## Agent Interfaces

- Web AI chat: `POST /api/ask-aegress` streams tenant-grounded Ask Aegress responses. Requires tenant context and admin access.
- Ask Aegress status: `GET /api/ask-aegress/status` returns model, embedding, index, and queue state for authenticated tenant admins.
- Ask Aegress indexing: `POST /api/ask-aegress/index` queues index refresh. `?mode=sync` runs a synchronous refresh when enabled.
- API schema: `GET https://api.aegress.com/openapi.json` is public schema discovery. Tenant data endpoints still require authorization and tenant scope.
- Gateway service: `GET /tools` and `POST /mcp` on the configured gateway host expose tenant-approved MCP tools. Use gateway bearer or OAuth auth with tenant and actor scope.
- Gateway OAuth metadata: `/.well-known/oauth-protected-resource/mcp`, `/.well-known/oauth-authorization-server`, and `/.well-known/openid-configuration` on the gateway host support MCP OAuth-capable clients.
- Surface search: `GET /surface-search?q=<term>` returns a redirect to the best console surface for terms such as SCIM, SSO, Entra scan, gateway, evidence, extension, and billing.

## Agent Safety Model

- Do not assume anonymous access to tenant data.
- Prefer API/OpenAPI, MCP, and Ask Aegress over scraping console HTML.
- Use `/surface-search?q=...` when navigating the console.
- Treat extension user-entered IDs as validation only. Production device identity must come from managed browser storage or MDM policy.
- Entra app scan consent, company SSO login, SCIM provisioning, managed extension, and MCP gateway are separate setup stages.
- Mail and calendar MCP tools are gateway-governed delegated tools. Scanner permissions remain read-only app inventory and grant discovery.
- Evidence claims should cite source records, audit events, evidence pack manifests, or trace IDs when available.

## Current Claim Boundaries

- Historical live production proof exists for tenant `81791385-9691-483b-a6c3-4bb277ff1fa7`: registration, onboarding, managed extension validation, SSO/SCIM, MCP OAuth/tool audit, Claude MCP client connection, Entra scan, evidence source records, retained R2 storage, and Azure Container Apps gateway smoke. Verify `pnpm marketing:readiness` before treating the current public deployment as fresh.
- Do not claim billing self-service, universal MDM/Intune push on behalf of every customer, write-capable MCP tools, Google Workspace live parity, or every customer-hosted recipe until each has matching production evidence.