AEGIS Documentation

Complete guide to using the AEGIS AI platform

Quick Navigation

Overview

AEGIS is a production-hardened AI agent platform for teams that need strong automation without giving up control. The product ships with 90+ registered agent tools, per-conversation Autonomy Modes (Chat, Safe, Standard, Full), multi-agent orchestration and delegation, and security patterns aligned with regulated environments. Deploy as managed cloud, desktop, or your own infrastructure — the same core capabilities follow you across every option.

What is new and expanded

  • Richer tool surface — Document conversion, scrape-to-export pipelines, spreadsheet formulas and charts, fillable PDFs and signing, archive extraction, QR generation, watermark tools, avatar-style video helpers, browser sessions (navigate, act, research), and an in-app camera capture request flow for vision-assisted tasks.
  • Delegation and sub-agents — Create and manage child agents, delegate work, list and clear task queues, and run parallel agent workstreams from a single conversation.
  • Uploaded asset workflows — Plan and execute multi-step workflows over files the user provides (orchestrated planning plus execution tools).
  • Capability reference — Built-in tooling so the agent can summarize what it is allowed to do in the current mode and profile.
  • Scheduler depth — Create and manage scheduled jobs, detect conflicts, and cancel or update runs.
  • Stricter SaaS policy — On shared cloud deployments, high-risk capabilities (shell, arbitrary code, unrestricted HTTP, local Playwright drivers) are disabled by default; Firecrawl cloud browser (Standard/Full) is available with a Firecrawl key. Desktop and trusted self-host can enable the full local stack via AEGIS_DESKTOP_MODE / AEGIS_ENABLE_UNSAFE_LOCAL_TOOLS.
  • Browser trust reference — See docs/BROWSER_TRUST_MODEL.md in the repository for SaaS vs desktop, operator allowlists, and audit logging.

Key capabilities

  • Large integrated toolbox — Communication, calendars, files, media generation, web research, data work, automation triggers, and administration — exposed consistently to the agent.
  • Autonomous agents — Multi-step tool loops with parallel sub-agent execution where appropriate.
  • Multiple model backends — Swap providers and models from Settings or natural language; bring your own keys on private installs.
  • Privacy-oriented layouts — Desktop and self-hosted deployments keep processing under your control.
  • Flexible deployment — Managed cloud, desktop (Windows, macOS, Linux), or containerized on your VPS.
  • Autonomy modes — Chat (schedules + search), Safe (curated tools, no live browser), Standard (Safe + Firecrawl live browser), Full (widest capability where policy allows), enforced server-side.
  • Fast onboarding — Short wizard for default model, tone, and optional channels.
  • Enterprise-style controls — Audit-friendly event logging, idle session limits, strong password hashing, persistent JWT signing material, and default-deny access rules.
  • Subscriptions and desktop licensing — Cloud plans plus hardware-aware desktop licenses for offline-friendly use.
  • Automation webhooks — Fire outbound webhooks from chat so you can chain AEGIS into broader automation stacks.

Getting Started

Pick the path that matches how you want to run the product:

Managed cloud

  1. Connect the repository to your managed hosting provider and deploy using the included container build.
  2. Set the required environment variables in the host dashboard (see Hosted deployment).
  3. The platform builds the API and web UI; open your assigned URL, finish administrator setup, and add model credentials.

Cloud SaaS (aegisaiagent.com)

  1. Sign up at /setup
  2. Complete the administrator setup wizard and add your first model API key
  3. On first login, follow the in-app onboarding wizard to pick defaults, personality, and optional email and messaging connectors
  4. Start using AEGIS immediately — no installation required

Desktop app (strongest isolation)

  1. Go to Download and choose Windows, macOS, or Linux
  2. Purchase a license from pricing
  3. Run the installer — the desktop app bundles the backend and frontend
  4. Enter your license key on first run; complete the same onboarding flow as cloud for models, personality, and optional connectors

Self-hosted containers / VPS

  1. Clone the repo and copy .env.example.env
  2. Set AEGIS_SECRET_KEY, front-end URLs, model keys, and billing or email variables as needed
  3. Run docker compose -f docker-compose.production.yml up -d
  4. Serve the app on your hostname behind TLS; see your reverse proxy documentation for routing to the bundled services

Desktop Download

Installers live at /download. The package is self-contained. Windows: run .exe; macOS: drag to Applications; Linux: AppImage or .deb/.rpm. Operators can override download targets with AEGIS_DESKTOP_WIN_URL, AEGIS_DESKTOP_MAC_URL, and AEGIS_DESKTOP_LINUX_URL in environment configuration.

Hosted deployment configuration

On managed hosts, everything is driven by environment variables. The table below lists the highest-signal entries; your full template is in backend/.env.example.

VariableRequiredDescription
AEGIS_SECRET_KEYYes (production)Long random secret for signing session tokens. Example: python -c "import secrets; print(secrets.token_urlsafe(64))"
AEGIS_FRONTEND_URL / AEGIS_APP_URLYesPublic URLs the browser uses to reach the UI and API
Model gateway keysRecommendedOne or more entries from the template so chat can reach your chosen models
Billing integrationIf you chargeSecret key and webhook signing secret — exact names are in the environment template
Outbound mailIf you send mailAPI or SMTP settings from the template for welcome, reset, and billing messages
Single sign-onOptionalOAuth client credentials when you enable social login (field names in the template)

Exact variable names and optional alternates are listed in the shipped environment templates and internal runbooks. Store secrets in your host’s secret manager, not in source control.

Containers and VPS

Development: docker compose up -d. Production with cache and workers: docker compose -f docker-compose.production.yml up -d. Mirror the same environment keys from the hosted section inside a .env next to your compose file.

Integrated tools

The agent runtime registers 90+ tools at startup — bundled with the product, no separate plugin store. Availability depends on autonomy mode, tool profile, and whether you are on shared cloud (where high-risk tools stay off by default) versus desktop or a trusted self-hosted profile.

Communication and collaboration

  • Email — Send, receive, search, and thread mail over standard mail protocols
  • SMS and voice — Outbound messaging and calls when telephony credentials are configured
  • Meetings — Schedule and manage conferencing when a calendar integration is linked
  • Team chat connectors — Wire popular chat apps through the integrations panel so the agent can post and respond

Development, automation, and the web

  • Shell — Execute host commands where policy allows (typically desktop or locked-down private installs)
  • Code execution — Run supported languages in a controlled executor where enabled
  • Advanced code assistance — Lint, format, diff, and refactor project files
  • HTTP client — Call REST endpoints when egress is permitted for your deployment
  • Automation webhooks — POST to signed URLs to hand off work to external automation flows
  • Browser sessions — Create sessions, navigate, perform actions, run structured research, and tear down cleanly
  • Legacy browser helpers — Older navigate/scrape/login flows remain available on trusted runtimes

Documents, files, and data

  • Office documents — Create and edit word-processing and presentation files
  • Spreadsheets — Read and write workbooks, including formulas, charts, and pivots
  • PDFs — Generate fillable forms, convert, and apply signatures
  • Conversion — Convert between common document and image formats
  • Archives — Extract packaged assets safely inside the workspace sandbox
  • Data analysis — Inspect CSV, JSON, Excel, and similar structured sources
  • Scrape and export — Pull structured data from the web and save to spreadsheet or document outputs

Media generation and vision

  • Images — Generate and transform images, including background removal and watermark handling when configured
  • Audio — Speech synthesis, music and SFX stubs, transcription, and stem-style isolation helpers
  • Video — Generate clips, stitch timelines, trim, subtitle burn-in, and related post-processing
  • Camera capture — Request a one-time webcam frame from the user for visual reasoning tasks
  • QR and lightweight assets — Generate QR codes and similar outputs for campaigns or ops

Calendar, tasks, and time

  • Calendar — Create and query events when a calendar connector is present
  • Scheduling — Cron-style jobs plus list/update/cancel flows and conflict checks

Orchestration and governance

  • Sub-agents — Spawn parallel child agents with capped concurrency
  • Delegation toolkit — Delegate work, track child tasks, and clean up queues
  • Capability introspection — Summarize enabled tools and integration health from inside the chat
  • Uploaded assets — Plan and execute multi-step workflows on user-supplied files
  • Autonomy controls — Chat, Safe, and Full profiles with server-side enforcement

Workspace and settings

  • Filesystem — Read, write, and enumerate files inside per-user workspace boundaries
  • Model and key management — Switch models, store credentials, and validate connectivity
  • Personality and memory — Tune tone and persist user-specific facts with forget controls
  • Integration setup helpers — Guided configuration for mail, telephony, chat, and media credentials

Deployment options

AEGIS offers three deployment options to fit your needs:

Cloud SaaS

Best for: Teams who want instant setup and zero maintenance

  • Instant setup in minutes
  • Automatic updates and patches
  • High-availability architecture with 99.9% uptime target
  • Global CDN for fast access
  • Integrated subscription and usage management
  • Pricing: Starting at $30/month

Desktop App

Best for: Individuals and professionals who prioritize privacy

  • Complete privacy and control
  • Offline capable operation
  • No data leaves your machine
  • Annual license model
  • Bring your own API keys
  • Available for Windows, macOS, and Linux
  • Pricing: Starting at $299/year

Private VPS

Best for: Enterprises with strict compliance requirements

  • Full control over data and infrastructure
  • Custom domain and branding
  • HIPAA/SOC 2 compliant
  • White-label option available
  • Dedicated support team
  • Pricing: Custom (contact sales)

Security and compliance

AEGIS is built to enterprise security standards from the ground up:

Authentication and identity

  • JWT authentication — Stable signing material persisted in the database; avoids surprise session invalidation on restart
  • Argon2id password hashing — Memory-hard password storage
  • Brute-force protection — Repeated failures trigger temporary lockouts
  • Rate limiting — Per-IP limits on authentication and recovery endpoints
  • Optional SSO — Social login when OAuth credentials are configured

Regulatory-style controls

  • Audit trails — Logins, logouts, password resets, and security events record severity, user, source address, and time
  • Idle session timeout — Automatic logout after inactivity (tunable)
  • Default-deny access — Non-admin users start without privileges; grants are explicit
  • Least privilege — Permission resolution prefers exact scopes before wildcards or inherited roles
  • Encrypted integration storage — Connector secrets are encrypted at rest

Transport and headers

  • HSTS — Strict-Transport-Security enforced on all responses
  • CSP — Content-Security-Policy prevents XSS and injection attacks
  • X-Frame-Options: DENY — Blocks clickjacking
  • X-Content-Type-Options: nosniff — Prevents MIME-type sniffing

Desktop Licensing

  • Hardware-Bound Licenses — Tied to device Machine ID; device limits per tier (Personal: 1, Professional: 3, Team: 10)
  • 24h Online Check / 7-day Offline Grace — Works offline; auto-revokes on sustained connectivity with invalid license
  • Admin-Only License Generation — Only platform admins can issue desktop licenses

API Documentation

AEGIS is primarily used through the web and desktop UI, but it also exposes a focused HTTP and WebSocket API for advanced integrations.

Authentication

All API requests to your deployment require a valid user JWT. Include it in the Authorization header:

Authorization: Bearer YOUR_JWT

Base URL

  • Cloud SaaS: https://app.aegisaiagent.com/api
  • Desktop App: http://127.0.0.1:8766/api (embedded backend)
  • Private VPS: https://your-domain.com/api

Chat Endpoints

The same chat engine that powers the UI is available programmatically.

Send a Chat Message (HTTP)

POST /chat/send
Content-Type: application/json

{
  "message": "Summarize my last 5 unread emails.",
  "conversation_id": null,
  "tools_enabled": true,
  "tool_profile": "safe",  // "chat" | "safe" | "full"
  "timezone": "America/Chicago",
  "current_datetime": "Tuesday, March 3, 2026, 10:15:00 AM CST"
}

The response includes the assistant message content and the conversation_id to reuse on the next call.

Streaming Chat (WebSocket)

GET /chat/ws?token=YOUR_JWT

// Send over the WebSocket:
{
  "message": "Write a summary of my week based on email.",
  "conversation_id": null,
  "tools_enabled": true,
  "tool_profile": "full"
}

Messages stream back as JSON chunks including partial content, final content, tool calls, and artifacts so you can build your own custom UI.

Frequently Asked Questions

What AI models does AEGIS support?

You can connect multiple commercial and self-hosted model backends. Defaults are tuned for strong general quality on the hosted service, and you can change provider or model from Settings or by asking the agent. Local deployments can run entirely on models you host.

Can I use my own API keys?

Yes. Desktop and private installs support bring-your-own credentials so usage and spend stay inside the accounts you control.

Is my data secure?

AEGIS follows a privacy-first design. On desktop, workloads stay on the device. On cloud, data is encrypted in transit and protected with the controls described in this document, including strong password hashing and persistent signing keys for sessions.

Can I cancel my subscription anytime?

Yes, you can cancel your subscription at any time. For Cloud SaaS, you'll retain access until the end of your billing period. See our Refund Policy for details.

Do you offer custom integrations?

Yes! Business and Enterprise plans include custom integrations. Contact our sales team to discuss your specific needs.

What kind of support do you provide?

  • Starter: Email support (24-48 hour response)
  • Pro: Priority email support (12-24 hour response)
  • Business: Phone and email support (4-8 hour response)
  • Enterprise: Dedicated support team (custom SLAs available in enterprise contracts)

Can I upgrade or downgrade my plan?

Yes, you can change your plan at any time. Upgrades take effect immediately, while downgrades take effect at the start of your next billing cycle.

Do you offer educational or non-profit discounts?

Yes! We offer 50% discounts for educational institutions and registered non-profit organizations. Contact info@eactivenet.com with proof of status.

Ready to Get Started?

Start the Starter plan’s 7-day trial (card on file via Stripe) or download the desktop app.

View pricing Download Desktop Contact Sales