Scoped sessions
Sessions and runtime settings are scoped by project and user so browser views, jobs, and workspaces do not collapse into a single shared namespace.
security model
Workspace custody and isolation are control-plane responsibilities.
onesagent treats user IDs, project IDs, workspace paths, gateway URLs, uploads, and artifacts as trust boundaries that must remain scoped and durable.
Workspace path custody
Persistent session workspaces and per-job workspaces are constructed under controlled roots and must not be inferred directly by browser code.
Runtime boundary
The browser and gateway do not execute runtime jobs directly. Execution is adapter-mediated through the worker plane.
search intent covered
The terms buyers actually use.
Each page is written around hosted workspace, persistent session, multi-runtime, runtime-native, browser access, durable job, artifact, and SSE search intent.
Scoped runtime settings
Normalized workspace paths
Gateway-owned uploads
Worker-owned execution
Artifact metadata custody
Browser-facing SSE recovery
FAQ
Direct answers for searchers.
Is this heavy enterprise tenant isolation?
Not yet. The current model is logical multi-tenancy with explicit project and user scope isolation.
Can browser code execute agents directly?
No. Runtime execution is routed through worker-cluster and adapter surfaces.