Prerequisites
You need a modern browser environment, a Linux host at your edge that terminates the browser's connection, and a few credentials Octet issues you. Nothing else.
Everything below is a one-time check. If all four boxes are ticked, the Quick Start takes about fifteen minutes.
1. End-user browser
The collector runs in your end users' browsers. It targets ES2020+ and uses only standard, widely-supported Web APIs. There is nothing for your users to install.
| Requirement | Why |
|---|---|
| HTTPS (secure context) | The collector and its latency channel run over secure connections only. |
| WebSocket support | Used for a short latency measurement against your edge. |
| ES2020+ engine | Any current Chrome, Edge, Firefox, or Safari. Older engines degrade gracefully. |
The collector never requests a permission prompt. It does not use geolocation, camera, or microphone. Users see nothing.
2. A Linux edge host
You run the Octet edge binary (a small Go service) in front of your web app. There is exactly one hard infrastructure rule:
The edge reads connection-level network signals (source IP, headers, network timing) that are only accurate when it is the hop that terminates the browser's TCP connection. If a TLS-terminating CDN or load balancer sits in front of it, those signals describe that intermediary — not the browser — and confidence drops. See Deploy the Edge and the per-server guides.
| Requirement | Detail |
|---|---|
| OS | Linux (x86-64). The binary is a static linux/amd64 build. |
| Position | Connection-terminating hop for browser traffic (see above). |
| Outbound | Can reach Octet's inference API over HTTPS. (Mutual TLS is planned hardening, not yet required.) |
3. Credentials from Octet
Octet provisions you with a small set of credentials. These let the edge talk to Octet, and let your backend read verdicts. See What Octet Provides for the full list.
- A license key — supplied to the edge connector (authorizes the edge → Octet channel).
- A partner key — used by your backend to read verdicts (authorizes the backend → Octet channel).
- (Planned) an mTLS client certificate + key and Octet's CA certificate, once mutual TLS is enabled for the edge → Octet channel — not required today.
- The Octet API URL — the edge forwards to it, and your backend reads verdicts from it.
4. Your backend
You read the verdict with a single server-to-server call from your own backend (any language). See Fetch the Verdict. No SDK is required on the backend — it is one authenticated HTTP request.
Requirements on Octet's side
You do not provision or operate anything on Octet's side — Octet runs the inference API and hands you the credentials above. All verdict computation happens on Octet's infrastructure. For the partner-facing summary of what that entails, see What Octet Provides.
Where to go next
- Quick Start. The end-to-end happy path.
- How It Works. The mental model before you wire anything.