Each machine running FOKS has its own device key. When you sign up, a device key is created for that machine. To use FOKS on a second machine, you provision it using an existing device as a helper — this is the key-exchange (KEX) process.
Provision this device for FOKS using an existing provisioned device as a helper.Run this on the new device. It will display a code. On an already-provisioned device, approve the request:
Copy
Ask AI
# On the new devicefoks device provision# Follow the prompts — on the existing device, you'll be asked to approve
The provisioning flow uses a secure key-exchange protocol. The new device’s key is added to your user key set, and team keys are shared with the new device automatically.
To revoke a device (e.g., a lost or stolen laptop), use the web admin panel or (coming soon) a CLI command. Revoking a device triggers key rotation for all teams the user belongs to.
Copy
Ask AI
foks admin web # open the admin panel to manage devices
After revocation, the FOKS agent on other devices will detect the revocation and rotate all affected keys in the background.
