CoreSDK Cloud
Connect to the CoreSDK Cloud managed control plane for zero-ops policy management, audit logging, and enterprise SLAs.
CoreSDK Cloud
Phase 2. The CoreSDK Cloud managed control plane ships Phase 2. Join the waitlist at app.coresdk.io.
CoreSDK Cloud is the fully managed control plane hosted by the CoreSDK team. You point your SDKs at our endpoints, and we handle availability, policy distribution, JWKS caching, and audit log storage — so you ship features instead of operating infrastructure.
Getting an API Key
- Sign in at app.coresdk.io.
- Navigate to Settings → API Keys → New Key.
- Choose a scope (
read,write, oradmin) and an optional expiry. - Copy the key — it is shown only once.
API keys follow the format csk_live_<32 chars> for production and csk_test_<32 chars> for sandbox environments.
Connecting the SDK
Point the SDK at CoreSDK Cloud by setting your tenant and API key. The control plane URL defaults to https://api.coresdk.io and does not need to be set explicitly.
use coresdk_engine::prelude::*;
let sdk = Engine::from_env()?
.tenant("acme")
.api_key(std::env::var("CORESDK_API_KEY").unwrap())
// control_plane_url defaults to https://api.coresdk.io
.build()
.await?;import os
from coresdk import CoreSDKClient, SDKConfig
_sdk = CoreSDKClient(SDKConfig(
sidecar_addr="[::1]:50051",
tenant_id="acme-corp",
fail_mode="open",
))
# Point the sidecar at CoreSDK Cloud via env var:
# CORESDK_API_KEY=csk_live_xxxxxxxxxxxxxxxx
# CORESDK_CONTROL_PLANE_URL defaults to https://api.coresdk.ioimport (
sdk "github.com/coresdk-dev/sdk-go"
"os"
)
s := sdk.New(sdk.Config{
Tenant: "acme",
APIKey: os.Getenv("CORESDK_API_KEY"),
// ControlPlaneURL defaults to https://api.coresdk.io
})import { CoreSDK } from "@coresdk/node";
const sdk = new CoreSDK({
tenant: "acme",
apiKey: process.env.CORESDK_API_KEY,
// controlPlaneUrl defaults to https://api.coresdk.io
});Set these environment variables and the SDK will configure itself automatically — no code changes needed.
CORESDK_TENANT=acme
CORESDK_API_KEY=csk_live_xxxxxxxxxxxxxxxx
# CORESDK_CONTROL_PLANE_URL is optional; defaults to https://api.coresdk.ioCentralized Policy Management
With CoreSDK Cloud, policies are managed from the dashboard and pushed to all connected SDK instances in real time — no restarts, no redeployments.
Push a policy via CLI
# Authenticate the CLI
core login --api-key csk_live_xxxxxxxxxxxxxxxx
# Deploy a policy to all services under a tenant
core policy push ./policies/orders.rego --tenant acme
# List active policies
core policy list --tenant acme
# Roll back to a previous revision
core policy rollback --tenant acme --revision 14Policy Environments
Policies are scoped per environment (production, staging, sandbox). Promote a policy set from staging to production without touching code:
core policy promote \
--from staging \
--to production \
--tenant acmeAudit Log Streaming
Every authorization decision, JWT verification, and policy evaluation is recorded as a structured audit event. In the dashboard, navigate to Audit Logs to:
- Filter by tenant, service, user, action, or outcome
- Set a time range (up to 90 days on Pro, unlimited on Enterprise)
- Download logs as NDJSON or CSV
Stream to your SIEM
Forward audit events to an external destination in real time:
# Stream to stdout for local inspection
core audit stream --tenant acme
# Pipe to your SIEM (e.g. Splunk HTTP Event Collector)
core audit stream --tenant acme \
| curl -X POST https://splunk.example.com:8088/services/collector \
-H "Authorization: Splunk <HEC_TOKEN>" \
-d @-You can also configure a push destination from the dashboard under Settings → Audit → Stream Destinations (supports HTTP webhooks, S3, and Google Cloud Storage).
SLA and Availability
| Tier | Uptime SLA | Support Response | Policy Push Latency |
|---|---|---|---|
| Free | No SLA | Community | < 30 s |
| Pro | 99.9% monthly | 8 h business hours | < 5 s |
| Enterprise | 99.99% monthly | 1 h, 24/7 | < 1 s |
All tiers use multi-region active-active deployments. Enterprise customers can request dedicated regional endpoints (EU, US, APAC) for data residency compliance.
Data Residency
By default, CoreSDK Cloud stores tenant data in us-east-1. Enterprise plans support:
# Point the SDK at the EU regional endpoint
CORESDK_CONTROL_PLANE_URL=https://eu.api.coresdk.io
CORESDK_TENANT=acme
CORESDK_API_KEY=csk_live_xxxxxxxxxxxxxxxxContact sales@coresdk.io to enable a dedicated regional endpoint.
Next Steps
- Docker & Kubernetes — deploy the sidecar in your cluster
- Self-Hosted Control Plane — keep everything on-prem
- Authentication — configure JWKS for JWT verification