Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.truthlocks.com/llms.txt

Use this file to discover all available pages before exploring further.

The observability dashboard gives you a real-time view of your Truthlocks environment directly in the console. Use it to track attestation activity, monitor service health, spot latency trends, and check plan usage — all without leaving the browser. The dashboard is available in two views: a platform observability dashboard for platform administrators, and a tenant observability dashboard for tenant users.
The tenant observability dashboard is available on Business and Enterprise plans. If you are on a Free or Starter plan, you will see an upgrade prompt when you navigate to the dashboard. The platform observability dashboard is available to all platform administrators. See billing for plan details.

Platform observability

Navigate to Observability in the platform console sidebar. The dashboard presents SLO performance, service health, error distribution, and cloud infrastructure links in a single page with interactive charts.

KPI row

Four cards with colored left-border accents display top-level metrics:
CardAccent colorWhat it shows
GatewayCyanCurrent gateway status (e.g. “operational”)
ServicesGreenHealthy services out of total (e.g. “9/10”)
SLO StatusPurpleOverall SLO status badge — green, amber, or red
Recent ErrorsRedCount of recent grouped errors

SLO performance

When SLO data is available, the dashboard displays three visualizations:

Availability gauge

A radial bar gauge showing the current availability percentage. The gauge is color-coded:
ColorAvailability
Green99.9% or higher
Amber99.0% – 99.9%
RedBelow 99.0%
The error budget consumed is displayed below the gauge.

SLO scorecards

Two scorecards show:
  • Availability — the current percentage against the 99.9% target.
  • p99 Latency — the worst-case response time against the 200 ms target.
Each scorecard is color-coded — green when within target, amber when approaching the threshold, and red when the target is breached.

SLO trend charts

Two seven-day line charts show the historical trend for availability and p99 latency. A dashed amber reference line marks the SLO target on each chart. Use these to spot whether your SLOs are trending toward or away from target.

Service health

The services section includes three views:
  • Service health donut — a compact radial chart showing the ratio of healthy, degraded, and unknown services.
  • Service latency chart — a horizontal bar chart showing each service’s response time in milliseconds. Bars are color-coded by latency (green under 50 ms, cyan under 200 ms, amber under 500 ms, red above). A dashed reference line at 200 ms marks the SLA threshold.
  • Service detail cards — expandable cards for each backend service showing status, target URL, response time with a proportional progress bar, and links to logs and traces.
The platform dashboard monitors the following services:
ServiceDescription
API GatewayMain API endpoint for all inbound requests
Trust RegistryIdentity, issuers, keys, and governance
Attestation ServiceCredential minting and lifecycle
Signing ServiceCryptographic key management and signing
Transparency LogTamper-evident append-only Merkle tree
Verification ServiceCredential verification and validation
Audit ServiceTamper-proof audit trail with hash chaining
Billing ServiceUsage metering and subscription management
Machine IdentityAgent registration, sessions, and trust scoring
AI CMOAI content moderation and orchestration
Each service displays its current status (healthy, degraded, or down). A service is marked degraded when it responds but takes longer than 2 seconds, and down when it fails to respond within the 5-second timeout.

Error distribution

A bar chart breaks down recent grouped errors by signature, color-coded for quick identification. Below the chart, each error group shows its count, source, and sample trace IDs. Links to CloudWatch Logs Insights and X-Ray Service Map are provided when available.

CloudWatch launchers

Quick-launch buttons for your cloud monitoring tools — Dashboard, Metrics, Logs Insights, X-Ray, and Alarms. These open directly in your AWS console.

Trace lookup

Enter a trace ID to get a direct link to AWS X-Ray (or your OTLP backend) for that specific request. Press Enter or click Look up to resolve the trace.

Auto-refresh

The dashboard polls all data sources every 30 seconds. Toggle auto-refresh on or off from the header. A countdown shows when the next refresh will occur. Click Refresh at any time to fetch the latest data immediately.

Tenant observability

Navigate to Observability in the tenant console sidebar. The tenant dashboard is organized into four tabs with interactive charts.

Dashboard tabs

TabWhat it shows
OverviewTop-level stats, performance gauges, attestation lifecycle charts, and a latency trend chart
ServicesPer-service health, SLA compliance bars, uptime percentages, latency details, and a multi-service latency trend
Usage & QuotasConsumption of mints, verifications, storage, and other metered resources with a horizontal bar chart
SecurityCryptographic integrity, tenant isolation, and audit trail posture cards with detailed control tables

Overview

The overview tab displays four primary stat cards:
  • Total attestations — active, revoked, and superseded counts.
  • Active issuers — how many of your issuers are currently trusted.
  • Audit events — total events recorded with hash-chain integrity.
  • System health — how many backend services are healthy out of the total monitored.
Below the stat cards, three performance gauges show:
  • Average latency across all services.
  • P95 latency — the worst-case response time for the slowest service.
  • Health checks performed since the page was opened.

Attestation lifecycle chart

A donut chart breaks down your total attestations into active (green), revoked (red), and other (gray) categories. A companion bar chart shows the same data with counts and percentages for each category.

Latency trend chart

An area chart overlays response times for all monitored services over recent health checks. Each service is color-coded with its own gradient fill. A legend below the chart identifies each service. The SLA thresholds are noted: green under 200 ms, yellow under 500 ms, red at 1000 ms or above.

Services

The services tab shows the health of each monitored backend service:
ServiceDescription
API GatewayMain API endpoint for all inbound requests
Trust RegistryIdentity, issuers, keys, and governance
Attestation ServiceCredential minting and lifecycle
Signing ServiceCryptographic key management and signing
Transparency LogTamper-evident append-only Merkle tree
Verification ServiceCredential verification and validation
Audit ServiceTamper-proof audit trail with hash chaining
Billing ServiceUsage metering and subscription management
Machine IdentityAgent registration, sessions, and trust scoring
AI CMOAI content moderation and orchestration
Each service displays its current status (healthy, degraded, or down), response time, and session uptime percentage. An SLA compliance bar compares each service’s uptime against the 99.9% target.
Uptime percentages shown on the services tab are session-scoped — they reset each time you open the dashboard. For historical uptime data, visit the public status page or query the status API.

Usage and quotas

The usage tab displays a horizontal bar chart showing each metered resource’s consumption as a percentage of its plan limit. Bars are color-coded:
ColorUsage level
CyanNormal (under 80%)
AmberHigh (80% or above)
RedAt limit (100%)
Unlimited meters are listed separately below the chart. Hover over any bar to see the exact count and limit.
If a usage meter is approaching its limit, consider upgrading your plan or contacting support for a custom quota. Once a limit is reached, API requests for that operation return HTTP 402. See rate limits for details.

Security

The security tab gives you a live view of your environment’s security posture across three dimensions. At the top, three posture cards summarize overall strength:
Posture cardWhat it measures
Cryptographic integrityEd25519 signatures, SHA-256 audit hashing, and Merkle tree transparency.
Tenant isolationPostgreSQL row-level security, per-tenant keys, and gateway-level enforcement.
Audit trailHash-chained event count with integrity verification status. Shows “Attention” until your first audit event is recorded.
Below the posture cards, individual security controls are grouped into three categories:

Cryptographic controls

ControlAlgorithmDescription
Attestation signingEd25519 (EdDSA)Every attestation is cryptographically signed with an Ed25519 key.
Audit hash chainSHA-256Audit events are chained with SHA-256 hashes so tampering is detectable.
Auth / JWKSES256 (ECDSA P-256)JWT tokens and JWKS keys use ES256 for authentication.
Transparency logMerkle tree / SHA-256A tamper-evident Merkle tree provides public auditability.

Access controls

ControlMechanismDescription
Row-level securityPostgreSQL RLSAll database tables enforce tenant isolation at the row level.
RBACRole-based access controlGranular permissions scoped to your defined roles.
API gatewaynginx + rate limitingPer-IP and per-tenant rate limits enforced at the gateway.
Service authInternal service keysService-to-service communication is authenticated with shared keys.

Data protection controls

ControlMechanismDescription
Tenant isolationMulti-tenant RLSComplete data segregation between tenants at the database level.
Audit immutabilityAppend-only + hash chainEvents cannot be deleted or modified after creation. Shows “Attention” until your first event is recorded.
Key rotationPer-issuer key lifecycleKeys can be rotated and superseded without losing historical attestations.
Each control shows an Enforced badge when active or an Attention badge when it requires action (for example, if no audit events have been recorded yet).

Tenant dashboard charts

The main tenant dashboard (Home page in the console sidebar) includes three attestation insight charts when you have at least one attestation:
ChartTypeWhat it shows
Attestation statusDonut (pie)Breakdown of active, revoked, and other attestations with a color-coded legend
Issuer coverageBar chartActive issuers versus total issuers configured
Platform healthRadial gaugePercentage of attestations that are currently active, displayed as a half-circle gauge
These charts provide a quick visual summary of your attestation portfolio health without navigating to the full observability dashboard.

Programmatic monitoring

For machine-readable health data outside the console, use the status API or the billing usage endpoint. These endpoints let you integrate Truthlocks metrics into your own dashboards or alerting pipelines.

Next steps

Health and readiness

Health endpoints, status page, and monitoring integrations.

Billing usage

Track mints, verifications, and storage via the API.

Rate limits

Plan quotas and how to handle 429 and 402 responses.

Audit logs

Query and export your audit trail.