Glossary
Every key App Use term in one place — the protocol building blocks, the runtime components, and the federation vocabulary you'll meet across the rest of the docs.
| Term | Definition |
|---|---|
AppSpec |
The declarative shape an app publishes: its screens, elements, flows, events, and advertised actions. It's what an agent reads to learn what the app can do. |
AppScreen |
A single view inside the app — home, settings, a specific dialog. Elements are grouped under the screen they belong to. |
AppElement |
One drivable thing on a screen — a text box, button, or link. Each carries its key, type, purpose, validation rules, supported actions, and whether its value is secret. |
AppFlow |
A named, multi-step task an app declares in its AppSpec, fixed for that version of the app. |
IAppUseSurface |
The interface an app implements to become drivable. The SDK calls its methods (describe, read a screen, set a value, invoke an action, and more) in response to incoming agent tools. |
AppUseHost |
The SDK entry point. Starting it boots the app's endpoint and registers the running instance so a hub can discover it. |
AppUseEndpoint |
The loopback MCP server the SDK hosts for one app. It mints the app's access token and can issue, list, and revoke scoped tokens for sub-agents. |
| Hub | The broker that connects many running apps to one agent. It watches for registered instances and exposes tools to list, launch, stop, and call them through a single connection. |
| Console | The operator user interface for App Use — where a human watches activity, manages tokens and consent, and administers a cluster. |
| Tap stream | A live, in-memory feed of every call-and-result pair the router handles. It powers the Console's live view and the flow recorder. |
| Audit log | A durable file with one row per call. The rows are cryptographically chained together, so any tampering shows up when the log is verified. |
| Token scope | The capability level granted to an access token: ReadOnly (observe only), ReadWrite (also change values and invoke actions), or Admin (full control, including issuing other tokens). |
| Consent prompt | An optional human gate. When an agent tries a write or execute action, the operator is asked to Allow once, Allow for the session, or Block. |
| Cluster | The unit of trust in federation: a group of hubs that share one signed manifest, a common certificate authority, and a shared revocation list. A hub belongs to at most one cluster. |
| Cluster CA | The cluster's own root certificate authority, created when the cluster is founded. The founding hub keeps its private key sealed; every other hub carries only the public certificate. |
| Peer certificate | The identity certificate each hub holds, signed by the cluster CA. It secures encrypted hub-to-hub connections and signs the tokens hubs pass to one another. |
| Delegation envelope | A short-lived, signed token a hub mints whenever it forwards a call to another hub. It carries who the original caller was and what they're allowed to do, and the receiving hub verifies the signature before acting. |
| Sharing policy | A per-app setting that decides who in the cluster may see and drive an app: the local hub only, the whole cluster, or a chosen set of roles or people. It defaults to local-only. |
| Revocation list | A signed, cluster-wide list of certificates and identities that are no longer trusted. It propagates automatically and is checked on every connection and forwarded call. |
| Federation audit chain | A tamper-evident, per-hub log of every cross-hub call. Each entry is chained to the one before it, so the record can't be quietly altered after the fact. |
| Noise IK handshake | The end-to-end encryption used when hubs talk through an internet relay. It keeps every byte unreadable to the relay itself — even a fully compromised relay operator can't see the payload. |
| Fully-qualified instance id | The address form <hub>/<instance> used to drive an app on a remote hub. A bare instance id, with no hub prefix, refers to a local app. |