Security & Ops
Authentication & Authorization
- Edge: verify user OIDC/JWT for
/api/chat and user-facing routes
- East–west: service bearer tokens; optionally mTLS between internal services
- Admin plane:
ADMIN_BEARER for /api/admin/* and /api/mcp/*
- Propagate
X-Tenant-Id from edge → orchestrator → agents
- Enforce visibility in MCP (
private|team|global) and team tags
Observability
- Use
X-Request-Id for correlation; structured logs
- Add OTEL exporters if desired; ensure SSE endpoints are not buffered by edge
SLO Guidance
- Discovery P99 < 50 ms
- Agent success rate > 99.5% (ex-upstream)
- First SSE event < 250 ms
Lifecycle & Rollouts
- Blue/green with tags (
canary, stable)
- Traffic shaping in MCP; deprecate with policy windows
Data & Secrets
- Store secrets in provider secret stores
- Never bake tokens into images; rotate regularly