Axiom Core
Cloud & Security

Axiom Cloud

The central management plane for secure API contracts.

Axiom Cloud is the hosted management plane for your API contracts. While Axiom Core can operate entirely offline for local development, the Cloud provides the infrastructure required for Cryptographic Signing, Contract Versioning, and Cross-Team Collaboration.

Why use Axiom Cloud?

Secure Signing

Only Axiom Cloud can sign your contracts with your project's private key, ensuring frontend integrity.

Audit & Versioning

Track exactly when a contract was built, what changed, and revert to previous versions if needed.

Team Handoff

Frontend teams pull verified contracts directly from the cloud without needing access to backend source code.

Zero-Config CI/CD (Coming soon)

Automatically push and sign contracts as part of your deployment pipeline.

Authentication

To interact with Axiom Cloud, you must authenticate your CLI. Axiom uses a secure, browser-based OAuth flow that stores your session tokens locally.

axiom login

This command will open your default browser to complete the login process.

Project Management

Axiom Cloud organizes contracts into Projects. A project acts as a namespace that holds your contract history and your cryptographic public keys.

1. Creating a Project

You can create a new project directly from your terminal:

axiom project create --name "Netflix-Dispatch" --description "API for the dispatch service"

2. Listing Projects

To see all projects you have access to, along with their unique IDs:

axiom project list

3. Linking your Directory

Axiom needs to know which cloud project your local backend code belongs to. Use the link command to create this association:

axiom project link

The CLI will display an interactive list of your projects. Selecting one will link the current directory, allowing future builds to be automatically pushed and signed.

The Cloud Workflow

  1. Backend Developer links the folder and runs axiom build --release. The CLI sends the contract IR to Axiom Cloud.
  2. Axiom Cloud verifies the developer's identity, signs the IR with the project's private key, and stores the artifact.
  3. Frontend Developer runs axiom pull. The CLI fetches the latest signed .axiom file and the corresponding trust-axiom.json (containing the public key) to the client project.

This workflow ensures that even if your backend infrastructure is compromised, your client applications will only trust contracts that have been explicitly signed by your authorized team members through Axiom Cloud.

Rich Error Handling

Using the deterministic error model to build resilient UIs.

Signed Contracts

Ensuring contract integrity and security.

On this page

Why use Axiom Cloud?AuthenticationProject Management1. Creating a Project2. Listing Projects3. Linking your DirectoryThe Cloud Workflow