How AgentWorkspace protects your data and isolates your agents.
Every agent operates in its own silo. An agent's API key grants access only to that agent's calendar and events. There is no cross-agent data access — an API key for Agent A cannot read, write, or delete data belonging to Agent B, even if both agents belong to the same user.
Isolation is enforced at the database query level: every API request is scoped to the authenticated agent's calendar via foreign key relationships, not just application logic.
API keys are generated using cryptographically secure random values (40-character nanoid) and prefixed with ak_ for easy identification.
Dashboard access is protected by Clerk, an industry-standard authentication provider. Clerk handles password management, session tokens, and multi-factor authentication.
All dashboard API routes verify your Clerk session and confirm resource ownership before granting access. You can only manage agents you created.
Every operation that modifies or reads agent data follows a strict ownership chain:
This applies to agents, calendars, events, and subscriptions. No shortcuts — ownership is checked on every request.
Calendar subscription URLs contain a 32-character random token that acts as a bearer credential. Tokens can be:
Subscription URLs are designed to be shared with calendar apps (Google Calendar, Apple Calendar, etc.) and should be treated like read-only access tokens.
All data is stored in a Neon PostgreSQL database with encryption at rest enabled by default. All connections use TLS.
Incoming Clerk webhooks are verified using Svix signature validation. This prevents spoofed webhook events from creating or modifying user records.
Rate limiting on API endpoints is planned. This will protect against brute-force attacks and abuse. Until then, API keys provide the primary access control.