Workspace isolation
Tenant-owned database tables include workspace_id, and server-side queries derive access from verified ZhaiBro sessions, workspace membership, or the workspace attached to a hashed API key.
- Workspace-scoped accounts use session-based authentication with revocable HttpOnly cookies.
- Role-based access is enforced from server-side workspace membership.
- Workspace-scoped queries are handled on the server side.
- Client-supplied workspace identifiers are not trusted by themselves.
- Developer API responses are derived from the workspace bound to the API credential.