Cloud offering
The IllusionVibe cloud offering should be the managed path for teams that want the TCTDX Identity model without operating the infrastructure themselves.
Cloud promise
The promise is not “more IAM.” The promise is fewer moving parts for teams building products and agents:
- hosted issuers,
- custom domains,
- managed signing keys,
- tenant isolation,
- app and agent registration,
- hosted consent and recovery flows,
- audit history,
- abuse controls,
- deployment-safe defaults.
Planned product layers
Developer control plane
CLI-first and docs-first workflows for creating clients, agents, tool permissions, redirect URIs, and environments.
Managed assurance
Passkeys, TOTP, email proofing, recovery proofing, session step-up, and account lifecycle controls.
Agent access layer
Delegated grants, tool-aware scopes, agent sessions, audit trails, and revocation.
Operations layer
Key rotation, rate limits, abuse detection, backups, incident workflows, and compliance evidence.
Platform relationship
This docs site lives at identity.tctdx.com. The managed service should live under the IllusionVibe platform on illusionvibe.com, with tenant issuers and product workflows configured there.