Access for controlled operations.

Authenticate once to reach records, knowledge spaces, private rooms and network access across the operational stack.

Authorized access only This portal never asks for passwords. Sign in only inside the linked services and use approved credentials.

Knowledge

Library

Operational library and onboarding records. Access is handled through Kritical Access SSO.

Open Library

Rooms

Matrix

Private operations messaging. Use a Matrix client and set the homeserver to the public endpoint.

Matrix guide

Network

VPN / Headscale

Device access for approved operators. The web entrypoint is a setup guide; the actual login happens in the Tailscale client.

VPN setup

Records

Vault

Password vault for authorized accounts. Service credentials remain separate from the human SSO password.

Open Vault

DNS

AdGuard DNS

DNS administration console. Uses its own service-admin credential, not Kritical Access SSO or the email login.

Open DNS

Security

No public secrets

Administrative tokens, recovery keys and service secrets are intentionally not documented here.

No public action

Completion target: portal, SSO, Matrix landing and public health checks green; VPN client enrollment remains a separate evidence gate. Matrix homeserver: https://matrix.kriticalgroup.com