Kontrol is the web interface to Lok, the identity and configuration server behind the Arkitekt platform. It's a React + TypeScript single-page app that talks to Lok's GraphQL and OAuth2/OIDC endpoints.
From Kontrol you manage everything Lok keeps track of:
- Organizations, Memberships, Roles and Scopes — who can reach what.
- Clients — the OAuth2/OIDC applications that authenticate against Lok.
- Releases, Service Releases, Service Instances and Compositions — the services apps depend on, and the approval flow that lets them join.
- Devices and Mesh — machines on the private WireGuard mesh, managed through ionscale (a Tailscale-compatible control server bundled with Lok).
- Account security — social login, TOTP, passkeys/WebAuthn and recovery codes.
The public landing surface (the hero and the concept pages under src/public/)
explains these ideas for people arriving at a Lok deployment for the first time.
Kontrol needs a running Lok backend to talk to. Point it at one via the app's configuration, then:
npm install
npm run dev # start the dev server (Vite) on http://localhost:5173Other scripts:
npm run build # type-check and build for production
npm run preview # serve the production build locally
npm run lint # run ESLint
npm run lok # regenerate the GraphQL types from Lok's schema (lok.yml)The GraphQL hooks in src/api/graphql are generated by GraphQL Code Generator;
rerun npm run lok after the Lok schema changes.
- Lok — the backend this app drives: https://github.com/arkitektio/lok-server-next
- Arkitekt — the platform Lok and Kontrol are built for: https://arkitekt.live