Developer Guides

Welcome to the Kest Developer Guide. This section takes you from zero to a fully secured, policy-enforced, cryptographically audited microservice in Python.

This guide walks you through securing your first Python function with Kest — from installation to a fully working policy-enforced, cryptographically signed exec

The `@kest_verified` decorator is the primary entry point for securing any Python function with Kest. It orchestrates identity verification, trust evaluation, p

For Kest's Merkle DAG lineage to survive across microservice boundaries, the cryptographic state (Passport and lineage root) must be extracted from outgoing req

Kest implements **Continuous Adaptive Risk and Trust Assessment (CARTA)** — a model where trust is not a static binary (authenticated/unauthenticated) but a **d

Configure identity providers and pass user, agent, task, and resource attributes for fine-grained ABAC policy enforcement.

Understanding the non-fungible audit trail of a distributed request can be complex when looking at raw cryptographic hashes and signatures. Kest provides built-

Kest provides a comprehensive testing strategy spanning unit tests with mocks to fully orchestrated integration tests in a Docker-based lab environment. This se

A deep dive into the kest-lab showcase: Docker Compose architecture, SPIRE identities, OPA/Cedar policy sidecars, Keycloak, and the 17 integration tests that validate v0.3.0 compliance.

This example demonstrates Kest's ability to maintain and verify cryptographic lineage across three distinct distributed services. This scenario was validated in

A step-by-step walkthrough of the most complete Zero Trust delegation flow Kest supports: human → agent → gateway → task, with token contents, policy context, and signed audit entries shown at every hop.