Getting Started

This page will help you with the early stages of configuring your Node.js application to run with Intrinsic.


Intrinsic is deployed as a Node.js module and is distributed to customers as an npm-installable archive file. If your company uses a private internal npm registry, this file can be published there, for convenience (note that if you do you can skip the rest of this section).

The archive file can be installed directly into the application. Instead of specifying a version of the dependency in your package.json file you provide a path to the Intrinsic file.

The file name is formatted as intrinsic-intrinsic-X.Y.Z.tgz, where X.Y.Z is a Semver release number. Within the project.json's dependencies, a path to the tarball prefixed with file: is used instead of the normal Semver version. As an example, a very minimal project whose only dependency is Intrinsic might have a package.json file which looks like the following:

  "dependencies": {
    "@intrinsic/intrinsic": "file:./path/to/intrinsic-intrinsic-1.0.0.tgz"

Once you run npm install within your project the contents of the tarball will be extracted and placed inside of node_modules as usual. How you choose to keep track of this tarball file within your project is entirely up to you; e.g. you may choose to check the tgz file into version control, check in your node_modules directory, or simply never check the file in and download it at install time.

First Steps

To enable Intrinsic for your application, you first create a simple bootstrap file. This file will be loaded instead of your normal entry point file.

Note: This guide is for Intrinsic for Node.js. We have a separate guide for Intrinsic for Lambda.

Suppose your application entry point is a file called server.js and you wish to apply policies to it. Create a file called intrinsic.js with the following contents:

const intrinsic = require('@intrinsic/intrinsic');


Here is a blank intrinsic-policy.js to get things started:

const { HttpServer } = require('@intrinsic/intrinsic');
const server = new HttpServer({ port: process.env.PORT });

module.exports = server;

You may now run your application using node intrinsic.js instead of node server.js. Congratulations! You're now running your application with Intrinsic in monitor mode. However, things aren't secure quite yet.

At this point you're ready to create your policies. Please refer to the Routing & Configuring Policies page for more information on creating the referenced intrinsic-policy.js file. For a more in-depth guide to setting up a new Node.js application and protecting it with Intrinsic policies, check out our hello world tutorial.