Config as code
Export, review, and import your workspace governance as a versioned JSON document.
Your workspace's governance (policies, card and inbound policies, custom detectors, response rules) round-trips through one versioned JSON document. Review changes in git, promote a staging workspace's rules to production, or keep a disaster-recovery copy next to your infrastructure code.
CLI
npm install -g @axiorank/cli
export AXIORANK_API_KEY=axr_live_...
axiorank config export --file axiorank.config.json
axiorank config diff --file axiorank.config.json
axiorank config import --file axiorank.config.jsondiff shows the plan (creates, updates, deletes) without changing anything;
import prints the same plan and then applies it. --prune additionally
deletes workspace entries that are absent from the file; without it imports
never delete.
API
The CLI is a thin client over two endpoints:
GET /api/workspace/configreturns{ config, excluded }.POST /api/workspace/configwith{ dryRun, prune, config }.dryRundefaults to true and returns the per-section diff;dryRun: falseapplies it.
Authenticate with a dashboard session (admin) or an API key: policies:read
exports and diffs, policies:write imports.
Semantics
- Entries are keyed by name within each section; names must be unique. Rename an entry and an import sees a create (plus, with prune, a delete).
- Imports land on the Config Changes page like any dashboard edit, so the audit trail is identical either way.
- A re-imported export is a no-op: the diff is computed against fresh state on every call.
What the document excludes
Notification channels and webhook endpoints (their configs carry secrets), per-agent egress allowlists, and per-property inbound policies stay outside the document. The export response lists the exclusions so a round-trip is never silently lossy.
Next steps
- Policies: what the entries mean.
- GitHub Action: gate pull requests on the same governance.