# Getting Started

## Introduction

Sestra is an access middleware for modern APIs and automated systems. It converts verified conditions into short-lived access sessions without managing user identity, credentials, or sensitive data. Sestra is built for environments where:

* APIs are consumed by machines
* access must be temporary
* privacy and compliance matter

Sestra focuses on one responsibility only: **deciding whether access should be granted right now.**

***

## Problem Statement

Modern APIs are increasingly consumed by backend services, bots, and autonomous agents. However, access control and monetization models still rely on:

* user accounts
* long-lived credentials
* identity-centric billing

This creates:

* operational complexity
* data liability
* compliance overhead
* friction for automated clients

Sestra exists to remove these constraints.

***

## Design Principles

Sestra is built on the following principles:

* Access over identity
* Sessions over credentials
* Configuration over custom logic
* Privacy by non-collection
* Minimal system surface area

Every architectural decision in Sestra follows these rules.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://sestra.gitbook.io/sestra-whitepaper/introduction/getting-started.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.