CLI reference
norviq is the command-line client for the Norviq API. Use it for the first login, password recovery,
and day-to-day operations (policies, audit, agent trust, the red-team suite, fleet).
Install
Section titled “Install”The CLI ships in the norviq Python package. It isn’t on PyPI yet — install it straight from the
public repository:
pip install "norviq @ git+https://github.com/norviq-dev/norviq.git"norviq --helpGlobal options
Section titled “Global options”Every command accepts these (they also read environment variables):
| Option | Env var | Default | Purpose |
|---|---|---|---|
--api-url |
NRVQ_API_URL |
http://127.0.0.1:8080 |
Base URL of the Norviq API |
--token |
NRVQ_API_TOKEN |
— | Bearer token for authenticated calls |
-o, --output |
— | table |
table or json output |
norviq --api-url https://norviq.internal --token "$NRVQ_API_TOKEN" policy listGet a token with norviq login (below), or from the console under API keys.
First login
Section titled “First login”norviq login mints a short-lived admin token inside the cluster via kubectl exec — the signing
key never leaves the API pod and is never printed. It returns a ready-to-use console sign-in link, so you
can reach the console on a fresh install with no identity provider configured.
norviq login -n norviq --console-url http://localhost:8080| Option | Default | Purpose |
|---|---|---|
-n, --namespace |
norviq |
Kubernetes namespace of the Norviq release |
--context |
current | kubectl context to use |
--ttl |
3600 |
Token lifetime, in seconds |
--console-url |
http://localhost:8080 |
Where you reach the console (port-forward / ingress) |
It prints a …/login#access_token=… deep link (click to sign in, no password) and the raw token (paste it
into the console login’s Advanced field, or export it as NRVQ_API_TOKEN for the CLI). Requires
kubectl access to the cluster.
Recover a lost password
Section titled “Recover a lost password”norviq admin reset-password resets a local user’s password from inside the cluster — a no-egress
recovery path with no email or SMTP. It sets a fresh one-time password and forces a change on the next
login. Nothing leaves the cluster; you already have kubectl access, and that is the authorization.
norviq admin reset-password -n norviq --username admin| Option | Default | Purpose |
|---|---|---|
-n, --namespace |
norviq |
Kubernetes namespace of the release |
--context |
current | kubectl context |
-u, --username |
admin |
Local user to reset |
--console-url |
http://localhost:8080 |
Console URL for the sign-in hint |
It prints a one-time username / password — sign in with them and the console immediately forces you to
set a new password.
Status
Section titled “Status”norviq status # engine + API health, versions, connected clusterPolicies
Section titled “Policies”norviq policy list # every policy, all namespacesnorviq policy get <namespace> <agent-class> # one policy + its metadatanorviq policy create -f guard.rego -n prod -c chatbot --mode block # block | audit | escalatenorviq policy dry-run -f guard.rego -n prod -c chatbot # replay against recent traffic, no writenorviq policy versions <namespace> <agent-class> # version historynorviq policy rollback <namespace> <agent-class> 3 # restore version 3norviq policy apply <namespace> <agent-class> --target-ns prod --target-type agent_class --mode blocknorviq policy delete <namespace> <agent-class> # prompts for confirmation--mode picks the enforcement mode the generated policy emits (block / audit / escalate);
dry-run evaluates a draft against real recent calls before you commit it. See
Writing policies.
norviq audit list -n prod -d block -t execute_sql --range 24h --limit 50norviq audit stats --range 7d -n prod # totals by decisionnorviq audit top-blocked --range 24h # most-blocked tools-d filters by decision (allow / block / escalate / audit); --range takes a time window such as 1h, 24h, 7d, or 30d.
Agents & trust
Section titled “Agents & trust”norviq agent list # agents with trust score + violationsnorviq agent get <spiffe-id> # one agent's trust detailnorviq agent reset-trust <spiffe-id> --score 0.8norviq agent freeze <spiffe-id> # kill switch — every call from this agent is blockedRed-team suite
Section titled “Red-team suite”Prove a policy actually blocks — run the built-in adversarial attacks against a target.
norviq redteam catalog # list the attack catalognorviq redteam run --namespace prod --agent chatbot # run the suitenorviq redteam run --category prompt_injection # one categorynorviq redteam run --agent chatbot -o markdown # markdown reportnorviq redteam single <attack-id> # run a single attacknorviq redteam run accepts -o table / json / markdown (the markdown format is specific to
the red-team report — the global --output only offers table/json).
Red-team HTTP API
Section titled “Red-team HTTP API”The CLI wraps these endpoints — use them directly to drive the red team from CI or the console. All
are under the /api/v1 prefix and require an admin bearer token.
| Method & path | Purpose |
|---|---|
POST /api/v1/redteam/run?attack_id=<id>&target_agent=<class>&target_namespace=<ns> |
Run one attack against the chosen target identity. Returns the result row (decision, rule_id, latency) + trust score. |
POST /api/v1/redteam/suite?target_agent=<class>&target_namespace=<ns> |
Run the full suite against each seeded class in the namespace (target_agent optional). Returns a run_id; 409 (with the in-flight run_id) if a suite is already running for that namespace. |
GET /api/v1/redteam/catalog |
The attack catalog — each entry mapped to its MITRE ATLAS technique + OWASP LLM control. |
GET /api/v1/redteam/targets?namespace=<ns> |
The agent classes seeded in a namespace, for target selection. |
GET /api/v1/redteam/results/latest?namespace=<ns> |
The most recent durable run + efficacy roll-up ({"has_run": false} when none exist). |
GET /api/v1/redteam/results?namespace=<ns>&limit=<n>&offset=<n> |
Paginated run history. |
GET /api/v1/redteam/results/{run_id} |
One run’s full result set. |
GET /api/v1/redteam/report/{run_id} |
A report for a run. |
# run the suite against a namespace's seeded classescurl -s -X POST "$NRVQ_API_URL/api/v1/redteam/suite?target_namespace=chatbot-prod" \ -H "Authorization: Bearer $NRVQ_API_TOKEN"
# fetch the latest run + efficacy roll-upcurl -s "$NRVQ_API_URL/api/v1/redteam/results/latest?namespace=chatbot-prod" \ -H "Authorization: Bearer $NRVQ_API_TOKEN"Fleet (multi-cluster, opt-in)
Section titled “Fleet (multi-cluster, opt-in)”norviq fleet status # single-cluster or enrolled in a fleet?norviq fleet join <hub-minted-token> # enroll this cluster into a fleetnorviq fleet leave # leave + shed pushed policySee Deployment → Multi-cluster fleet.
CLI settings
Section titled “CLI settings”norviq config show # active api-url / token (masked) / outputnorviq config set output json # in-memory override for the session