First-Time Setup

Install Trinity, create your admin account, and start managing agents in minutes.

Key Concepts

Admin Account — Primary account with full platform access, authenticated by username and password. Created automatically from ADMIN_PASSWORD in .env.

Email Login— Passwordless authentication where users receive a one-time code via email. Requires an email service to be configured.

Prerequisites

Docker Desktop installed and running

Git (for GitHub-based agent templates)

Modern web browser

Installation

Clone the repository

git clone https://github.com/abilityai/trinity.git
cd trinity

Set ADMIN_PASSWORD in .env

cp .env.example .env
# Edit .env and set ADMIN_PASSWORD to a strong password (min 12 chars)

The admin account is created automatically from this value. If left blank, a one-time setup token is printed to the backend logs.

Start all services

./scripts/deploy/start.sh

On first run, detects if the base agent image is missing and builds it automatically (takes 5–10 minutes). Then starts backend, frontend, MCP server, Redis, scheduler, and Vector.

Open in your browser

Navigate to http://localhost and log in with the credentials you set in .env.

Logging In

Admin login — Username admin + the value of ADMIN_PASSWORD from .env.

Email login (passwordless) — Enter your email, receive a 6-digit code, submit. Requires email service configuration. The admin manages allowed emails under Settings > Email Whitelist.

Key URLs

Service	URL
Web UI	http://localhost
Backend API docs	http://localhost:8000/docs
MCP Server	http://localhost:8080/mcp

Settings Page (Admin Only)

The admin can configure the following from the Settings page:

Email Whitelist — Control which email addresses can log in

GitHub Templates — Manage template repositories for agent creation

GitHub Personal Access Token — Platform-wide PAT for agents to pull/push GitHub repos

Platform API Keys — Generate and revoke API keys for programmatic access

Slack Integration — Connect Trinity to a Slack workspace

System Prompt — Set the system-wide Trinity prompt applied to all agents

For Agents: Authentication API

Authenticate programmatically using the token endpoint:

POST /api/token
Content-Type: application/x-www-form-urlencoded
username=admin&password=YOUR_PASSWORD

Returns a JWT access_token. Use it in subsequent requests:

Authorization: Bearer YOUR_ACCESS_TOKEN

Token Details

JWT tokens are valid for 7 days

Tokens are invalidated when the backend restarts

MCP API keys (prefixed trinity_mcp_) also work as Bearer tokens

Unauthenticated Endpoints

GET /api/auth/mode

GET /api/setup/status

POST /api/token

Limitations

Backend restarts invalidate all JWT tokens

Email login requires a configured email service

Trinity requires Docker Desktop

Roles & Permissions Using Trinity