Appearance
What this is
The toolbox computes over people data — the most sensitive data an organization holds. This states how access, isolation, and governance work, and where the limits are.
Tenant isolation
- Schema-per-spoke, scoped migrations. Each spoke owns one Postgres schema; Drizzle's
schemaFilter/TOOLBOX_SCHEMASconfines migrations to toolbox schemas — other tenants sharing the Supabase database (devplane, performix) are never touched. - Tenant = identity × entitled-services. Spokes never own identity or isolation; they consume tenant context and ask the Tenant Platform ("the board") for policy decisions.
Access control
- Reads are open on Production by deliberate design (consumer apps and the future public landing page call read endpoints without bypass tokens). Preview deploys stay auth-protected.
- Writes (
POST) require a service key —x-toolbox-service-key: <key>(preferred) orAuthorization: Bearer <key>— enforced byrequireServiceKey()as the first line of every POST handler. - MCP uses per-consumer scoped keys (
TOOLBOX_MCP_KEY_<CONSUMER>→ scope sets insrc/lib/mcp/auth.ts), so an agent reaches only the tools its consumer is scoped for.
Governance: the board's policy decisions
The platform answers governance questions at call time — can this viewer see this value? is this segment above min-N? is service X entitled for this tenant? This is what makes the cross-client data flywheel safe: there is one auditable governance surface, not seven divergent ones.
Min-N and anonymization
Aggregate and benchmark results enforce minimum-N thresholds before a value is shown, and the data-anonymizer spoke handles de-identification — so cross-client pooled data stays individually-non-identifying.
Audit
Every spoke persists what it computed, for whom, and when (keyed by tenant, often × employee × cycle). Results are reconstructable for review, not just returned.
Honest scope
This is the current model. Full enterprise multi-tenant SSO/RLS is the Tenant Platform's explicit build (the "PROD-1" prerequisite every product shares) — trust the platform docs for shipped vs roadmap state. The toolbox supports privacy and fairness readiness; it does not certify compliance, and the customer remains responsible for lawful use of their people data.
See also
Architecture · Concepts · docs/platform/TENANT-PLATFORM.md