Agent bootstrap process
The Agent bootstrap process establishes the initial secure connection to NetFoundry's network.
For steps on bootstrapping your agent, see Getting started with Frontdoor.
Enrollment token generation
Before installing an Agent, you must generate an enrollment token using the UI or Agent API. These enrollment tokens serve as unique, time-limited credentials that provide the initial authentication for the Agent bootstrapping process. For security purposes, each token includes both an expiration time and a maximum attempt limit, and can only be used once during the enrollment process.
Agent enrollment
During enrollment, the Agent does the following:
- Validates Token: Verifies the enrollment token is valid and not expired
- Establishes Identity: Creates cryptographic identity for secure communication
- Registers Environment: Automatically creates an Environment associated with your Frontdoor account
- Configures Connectivity: Establishes ongoing secure connection to NetFoundry infrastructure
Post-bootstrap operation
After successfully bootstrapping, the Agent maintains persistent, encrypted connections to NetFoundry while the bootstrap tokens are consumed and cannot be reused. The Agent then operates independently without requiring further manual configuration, making Environments available for creating Shares.
More info
- Learn how to create Environments using your Agents
- Explore Share creation to expose your services
- Review Frontend configuration for public access