iamserver

func EnforceSandboxOriginGuard ¶ added in v1.2.12

func EnforceSandboxOriginGuard()

EnforceSandboxOriginGuard runs at boot. If SANDBOX_GLOBAL_OTP is set, the configured origin MUST be on the sandbox allowlist or IAM panics. This prevents copy-paste of devnet manifests to mainnet from silently disabling MFA across every account. See finding A in red review 2026-04-30.

func Init ¶ added in v1.2.4

func Init() int

Init runs the full IAM bootstrap (config, DB, controllers, filters, background loops) but does NOT bind a listener. It returns the configured HTTP port from app.conf.

This is the entry point for in-process embedding (see github.com/hanzoai/iam/pkg/iam.Embed). The standalone iamd binary uses Run, which is Init + web.Run.

func Run ¶

func Run()

Run starts the IAM Beego server. This is the body of the original main().

Sessions use the beego `memory` provider. Multi-pod IAM is intentionally not supported — every cluster runs IAM at a single replica and per-org persistent state lives in SQLite under DATA_DIR (replicated by Base Network quasar when that flips on). There is no external cache.