DocsPlatformCore

Core

The RootCX Core is a Rust daemon. It manages your entire fleet of Applications, AI Agents, Integrations, and MCP Servers. It enforces authentication and RBAC, runs backend processes, and serves the REST API.

When you create a project on rootcx.com, a dedicated Core instance is provisioned for you automatically. You can also run the Core yourself -- see Self-Hosting.

What the Core Does

Every request, every tool call, every data mutation flows through the Core:

Auth: validates JWTs, manages sessions (Argon2id hashing, HS256 tokens), OIDC Single Sign-On.
RBAC: resolves role assignments, walks inheritance, enforces namespaced permission policies before SQL runs.
Data API: auto-generates CRUD endpoints from your manifest. Schema Sync Engine handles migrations automatically.
Backend & RPC: spawns and supervises backend processes (Bun), proxies RPC calls via JSON-line IPC.
Job Queue: durable queue backed by pgmq (PostgreSQL extension).
Secret Vault: AES-256-GCM encrypted key-value store. Secrets injected as env vars.
Audit Log: PostgreSQL triggers capture every INSERT/UPDATE/DELETE. Immutable.
Real-time Logs: captures stdout/stderr from backends, broadcasts via SSE.
MCP: auto-generates MCP tools for every Application's entities.
Channels: connects messaging platforms (Telegram) to AI agents.

PostgreSQL

The Core requires an external PostgreSQL 16+ instance with the pgmq extension. The connection is configured via the DATABASE_URL environment variable.

For self-hosting, a Docker Compose setup with the ghcr.io/rootcx/postgresql:16-pgmq image is provided. See Self-Hosting for the full setup.

For RootCX Studio desktop users, Studio manages a local Docker container automatically when you choose "Run locally".

Platforms

The rootcx-core binary is available for:

Platform	Architecture
macOS	Apple Silicon (arm64)
macOS	Intel (x86_64)
Linux	x86_64
Linux	ARM64
Windows	x86_64

Health Check

curl https://<your-ref>.rootcx.com/health
# {"status":"ok"}

# Full status (JSON with subsystem details)
curl https://<your-ref>.rootcx.com/api/v1/status

When self-hosting, the Core listens on localhost:9100 by default. See Self-Hosting.

PreviousDeploying NextAuthentication

Core

When you create a project on rootcx.com, a dedicated Core instance is provisioned for you automatically. You can also run the Core yourself -- see Self-Hosting.

What the Core Does

Every request, every tool call, every data mutation flows through the Core:

Auth: validates JWTs, manages sessions (Argon2id hashing, HS256 tokens), OIDC Single Sign-On.

RBAC: resolves role assignments, walks inheritance, enforces namespaced permission policies before SQL runs.

Data API: auto-generates CRUD endpoints from your manifest. Schema Sync Engine handles migrations automatically.

Backend & RPC: spawns and supervises backend processes (Bun), proxies RPC calls via JSON-line IPC.

Job Queue: durable queue backed by pgmq (PostgreSQL extension).

Secret Vault: AES-256-GCM encrypted key-value store. Secrets injected as env vars.

Audit Log: PostgreSQL triggers capture every INSERT/UPDATE/DELETE. Immutable.

Real-time Logs: captures stdout/stderr from backends, broadcasts via SSE.

MCP: auto-generates MCP tools for every Application's entities.

Channels: connects messaging platforms (Telegram) to AI agents.

PostgreSQL

The Core requires an external PostgreSQL 16+ instance with the pgmq extension. The connection is configured via the DATABASE_URL environment variable.

For self-hosting, a Docker Compose setup with the ghcr.io/rootcx/postgresql:16-pgmq image is provided. See Self-Hosting for the full setup.

For RootCX Studio desktop users, Studio manages a local Docker container automatically when you choose "Run locally".

Platform

Architecture

macOS

Apple Silicon (arm64)

macOS

Intel (x86_64)

Linux

x86_64

Linux

ARM64

Windows

x86_64

Core

What the Core Does

PostgreSQL

Platforms

Health Check

On this page

Core

What the Core Does

PostgreSQL

Platforms

Health Check

On this page