> ## Documentation Index
> Fetch the complete documentation index at: https://altostrat.io/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Glossary

> Definitions for common Altostrat SDX terms used across documentation, the portal, and operational workflows.

Use this glossary when you need a precise meaning for SDX terms.

| Term                    | Meaning                                                                                                                                           |
| ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- |
| API user                | The `altostrat-api` RouterOS user SDX uses for scheduled and synchronous automation tasks. Its logins are restricted by the control plane policy. |
| Authorization           | A workflow authorization that lets workflows perform SDX actions on behalf of a user.                                                             |
| Authorizer              | A workflow configuration that validates inbound JWTs for synchronous workflow requests.                                                           |
| Captive portal instance | A guest access configuration with strategy, session lifetime, theme, sites, and subnets.                                                          |
| Control plane policy    | A centrally managed policy that controls router management services, trusted networks, ports, and management-plane filtering.                     |
| Fault                   | A normalized operational event such as site offline, site online, WAN offline, or WAN packet loss.                                                |
| Heartbeat               | A recurring check-in from a managed router that SDX uses to assess site health and deliver pending work.                                          |
| Management VPN          | The SDX OpenVPN management tunnel used for remote management and platform operations.                                                             |
| Peer                    | A managed VPN endpoint, such as a site peer or client peer.                                                                                       |
| Site                    | The SDX representation of a managed MikroTik router or branch location.                                                                           |
| Site peer               | A managed VPN peer that connects an SDX site and advertises selected subnets.                                                                     |
| Transient access        | Time-limited remote access for WinBox, SSH, or port access without leaving permanent broad exposure in place.                                     |
| Vault                   | Encrypted workflow secret storage for API keys, tokens, passwords, and signing material.                                                          |
| WAN tunnel              | One managed WAN failover link associated with a site interface and gateway.                                                                       |
| Workflow run            | One execution of a workflow, including status, trigger context, node logs, and output.                                                            |
| Workspace               | The administrative container for users, sites, policies, workflows, billing, and resources.                                                       |