search

AuthN/Z + Multi-Tenant Selection

hashtag
Authentication

Add per-request authentication via the auth callback in expose():

const api = network.expose({
  protocol: 'sse',
  auth: async (req) => {
    const token = req.request?.headers?.get?.('authorization');
    if (!token || !isValid(token)) {
      return { allowed: false, message: 'Invalid token', status: 401 };
    }
    return { allowed: true };
  },
  select: { channels: 'client' },
  startEventName: 'user-request',
});

When auth fails, the adapter returns the appropriate HTTP status (e.g. 401) and message.

hashtag
Authorization (Tenant/User Context)

Pass user or tenant context into the payload using onRequest:

Your events should include userId and/or tenantId in their schema so agents can scope work correctly.

hashtag
Multi-Tenant Agent Selection

For dynamic agent creation per tenant, use the spawner:

The spawn event can carry tenantId or userId; onSpawn can select the right factory and params per tenant.

See AgentNetwork API for spawner details and IO + Adapters for onRequest.

PreviousStreaming: SSE/WebSocket, Backpressure, ChunkingNextError Handling + Observability Hooks

Last updated