npm - @agent-team-foundation/first-tree-hub - Versions diffs - 0.10.6 → 0.10.8 - Mend

@agent-team-foundation/first-tree-hub 0.10.6 → 0.10.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/dist/cli/index.mjs +101 -14
package/dist/{dist-CbX9mUVH.mjs → dist-DSr_I5Ia.mjs} +12 -0
package/dist/{feishu-DvjRZMdZ.mjs → feishu-eynC54km.mjs} +1 -1
package/dist/index.mjs +4 -4
package/dist/{invitation-BljIolbO-DLeHfURd.mjs → invitation-B1pjAyOz-BaCA9PII.mjs} +20 -6
package/dist/invitation-CBnQyB7o-DVOpS_Ts.mjs +3 -0
package/dist/{saas-connect-vLyx73kJ.mjs → saas-connect-D-fy3xu-.mjs} +470 -172
package/dist/web/assets/index-B33n1w2k.js +388 -0
package/dist/web/assets/index-BR-pWR44.css +1 -0
package/dist/web/assets/{index-FAu90ACE.js → index-DIgiOalZ.js} +4 -9
package/dist/web/index.html +2 -2
package/package.json +1 -1
package/dist/invitation-D3feYxet-366MNOor.mjs +0 -3
package/dist/web/assets/index-5490TxIp.css +0 -1
package/dist/web/assets/index-CJEdMYWd.js +0 -387

package/dist/{saas-connect-vLyx73kJ.mjs → saas-connect-D-fy3xu-.mjs} RENAMED Viewed

@@ -1,8 +1,8 @@
 import { m as __toESM } from "./esm-CYu4tXXn.mjs";
 import { _ as withSpan, a as endWsConnectionSpan, b as require_pino, c as messageAttrs, d as rootLogger$1, g as startWsConnectionSpan, i as currentTraceId, n as applyLoggerConfig, o as getFastifyOtelPlugin, p as setWsConnectionAttrs, r as createLogger$1, t as adapterAttrs, u as observabilityPlugin, v as withWsMessageSpan, y as FIRST_TREE_HUB_ATTR } from "./observability-DPyf745N-BSc8QNcR.mjs";
 import { C as serverConfigSchema, S as resolveConfigReadonly, _ as loadAgents, b as resetConfig, c as saveCredentials, d as DEFAULT_HOME_DIR$1, f as agentConfigSchema, g as initConfig, i as loadCredentials, l as DEFAULT_CONFIG_DIR, m as collectMissingPrompts, n as ensureFreshAccessToken, o as resolveServerUrl, p as clientConfigSchema, s as saveAgentConfig, u as DEFAULT_DATA_DIR$1, v as migrateLegacyHome, w as setConfigValue, x as resetConfigMeta } from "./bootstrap-jx5nN1qZ.mjs";
-import { $ as refreshTokenSchema, A as createOrgFromMeSchema, B as imageInlineContentSchema, C as clientRegisterSchema, D as createAgentSchema, E as createAdapterMappingSchema, F as dryRunAgentRuntimeConfigSchema, G as isReservedAgentName$1, H as inboxDeliverFrameSchema$1, I as extractMentions, J as loginSchema, K as joinByInvitationSchema, L as githubCallbackQuerySchema, M as createTaskSchema, N as defaultRuntimeConfigPayload, O as createChatSchema, P as delegateFeishuUserSchema, Q as rebindAgentSchema, R as githubDevCallbackQuerySchema, S as clientCapabilitiesSchema$1, St as wsAuthFrameSchema, T as createAdapterConfigSchema, U as inboxPollQuerySchema, V as inboxAckFrameSchema, W as isRedactedEnvValue, X as notificationQuerySchema, Y as messageSourceSchema$1, Z as paginationQuerySchema, _ as adminUpdateTaskSchema, _t as updateClientCapabilitiesSchema, a as AGENT_STATUSES, at as sendToAgentSchema, b as agentRuntimeConfigPayloadSchema$1, bt as updateSystemConfigSchema, ct as sessionEventSchema$1, d as TASK_HEALTH_SIGNALS, dt as switchOrgSchema, et as runtimeStateMessageSchema, f as TASK_STATUSES, ft as taskListQuerySchema, g as adminCreateTaskSchema, gt as updateChatSchema, h as addParticipantSchema, ht as updateAgentSchema, i as AGENT_SOURCES, it as sendMessageSchema, j as createOrganizationSchema, k as createMemberSchema, l as SYSTEM_CONFIG_DEFAULTS, lt as sessionReconcileRequestSchema, m as WS_AUTH_FRAME_TIMEOUT_MS, mt as updateAgentRuntimeConfigSchema, n as AGENT_NAME_REGEX$1, nt as scanMentionTokens, o as AGENT_TYPES, ot as sessionCompletionMessageSchema, p as TASK_TERMINAL_STATUSES, pt as updateAdapterConfigSchema, q as linkTaskChatSchema, r as AGENT_SELECTOR_HEADER$1, rt as selfServiceFeishuBotSchema, s as AGENT_VISIBILITY, st as sessionEventMessageSchema, t as AGENT_BIND_REJECT_REASONS, tt as safeRedirectPath, u as TASK_CREATOR_TYPES, ut as sessionStateMessageSchema, v as agentBindRequestSchema, vt as updateMemberSchema, w as connectTokenExchangeSchema, x as agentTypeSchema$1, xt as updateTaskStatusSchema, y as agentPinnedMessageSchema$1, yt as updateOrganizationSchema, z as githubStartQuerySchema } from "./dist-CbX9mUVH.mjs";
-import { a as ForbiddenError, c as buildInviteUrl, d as getActiveInvitation, f as invitationRedemptions, g as recordRedemption, i as ConflictError, l as ensureActiveInvitation, m as organizations, n as BadRequestError, o as NotFoundError, p as invitations, r as ClientOrgMismatchError$1, s as UnauthorizedError, t as AppError, u as findActiveByToken, v as users, y as uuidv7 } from "./invitation-BljIolbO-DLeHfURd.mjs";
+import { $ as refreshTokenSchema, A as createOrgFromMeSchema, B as imageInlineContentSchema, C as clientRegisterSchema, D as createAgentSchema, E as createAdapterMappingSchema, F as dryRunAgentRuntimeConfigSchema, G as isReservedAgentName$1, H as inboxDeliverFrameSchema$1, I as extractMentions, J as loginSchema, K as joinByInvitationSchema, L as githubCallbackQuerySchema, M as createTaskSchema, N as defaultRuntimeConfigPayload, O as createChatSchema, P as delegateFeishuUserSchema, Q as rebindAgentSchema, R as githubDevCallbackQuerySchema, S as clientCapabilitiesSchema$1, St as wsAuthFrameSchema, T as createAdapterConfigSchema, U as inboxPollQuerySchema, V as inboxAckFrameSchema, W as isRedactedEnvValue, X as notificationQuerySchema, Y as messageSourceSchema$1, Z as paginationQuerySchema, _ as adminUpdateTaskSchema, _t as updateClientCapabilitiesSchema, a as AGENT_STATUSES, at as sendToAgentSchema, b as agentRuntimeConfigPayloadSchema$1, bt as updateSystemConfigSchema, ct as sessionEventSchema$1, d as TASK_HEALTH_SIGNALS, dt as switchOrgSchema, et as runtimeStateMessageSchema, f as TASK_STATUSES, ft as taskListQuerySchema, g as adminCreateTaskSchema, gt as updateChatSchema, h as addParticipantSchema, ht as updateAgentSchema, i as AGENT_SOURCES, it as sendMessageSchema, j as createOrganizationSchema, k as createMemberSchema, l as SYSTEM_CONFIG_DEFAULTS, lt as sessionReconcileRequestSchema, m as WS_AUTH_FRAME_TIMEOUT_MS, mt as updateAgentRuntimeConfigSchema, n as AGENT_NAME_REGEX$1, nt as scanMentionTokens, o as AGENT_TYPES, ot as sessionCompletionMessageSchema, p as TASK_TERMINAL_STATUSES, pt as updateAdapterConfigSchema, q as linkTaskChatSchema, r as AGENT_SELECTOR_HEADER$1, rt as selfServiceFeishuBotSchema, s as AGENT_VISIBILITY, st as sessionEventMessageSchema, t as AGENT_BIND_REJECT_REASONS, tt as safeRedirectPath, u as TASK_CREATOR_TYPES, ut as sessionStateMessageSchema, v as agentBindRequestSchema, vt as updateMemberSchema, w as connectTokenExchangeSchema, x as agentTypeSchema$1, xt as updateTaskStatusSchema, y as agentPinnedMessageSchema$1, yt as updateOrganizationSchema, z as githubStartQuerySchema } from "./dist-DSr_I5Ia.mjs";
+import { _ as recordRedemption, a as ConflictError, b as uuidv7, c as UnauthorizedError, d as findActiveByToken, f as getActiveInvitation, h as organizations, i as ClientUserMismatchError$1, l as buildInviteUrl, m as invitations, n as BadRequestError, o as ForbiddenError, p as invitationRedemptions, r as ClientOrgMismatchError$1, s as NotFoundError, t as AppError, u as ensureActiveInvitation, y as users } from "./invitation-B1pjAyOz-BaCA9PII.mjs";
 import { createRequire } from "node:module";
 import { ZodError, z } from "zod";
 import { delimiter, dirname, isAbsolute, join, resolve } from "node:path";
@@ -770,6 +770,11 @@ z.object({
 	sdkVersion: z.string().max(50).optional(),
 	wireCapabilities: clientWireCapabilitiesSchema.optional()
 });
+z.object({
+	clientId: z.string(),
+	previousUserId: z.string().nullable(),
+	unpinnedAgentCount: z.number().int().nonnegative()
+});
 const capabilityStateSchema = z.enum([
 	"ok",
 	"missing",
@@ -1037,6 +1042,13 @@ z.object({
 	displayName: z.string().min(1).max(200)
 });
 z.object({ organizationId: z.string().min(1) });
+z.object({
+	id: z.string(),
+	organizationId: z.string(),
+	organizationName: z.string(),
+	role: z.enum(["admin", "member"]),
+	agentId: z.string()
+});
 const memberRoleSchema = z.enum(["admin", "member"]);
 const memberSchema = z.object({
 	id: z.string(),
@@ -1761,8 +1773,8 @@ var SdkError = class extends Error {
 /**
 * Thrown (emitted on `error` and rejected from `connect()`) when the server
 * refuses a `client:register` because the local clientId is bound to a
-* different organization. The CLI layer detects this via `instanceof` and
-* prompts the user before rotating the local clientId.
+* different organization. Retained for wire compatibility — the read paths
+* that produced this code were retired in decouple-client-from-identity §4.1.
 */
 var ClientOrgMismatchError = class extends Error {
 	code = "CLIENT_ORG_MISMATCH";
@@ -1771,6 +1783,21 @@ var ClientOrgMismatchError = class extends Error {
 		this.name = "ClientOrgMismatchError";
 	}
 };
+/**
+* Thrown when the server refuses `client:register` because the local
+* client.yaml is owned by a different user. The CLI detects this via
+* `instanceof` and guides the operator to run
+* `first-tree-hub client claim --confirm` to take ownership (which unpins
+* the previous owner's agents from this machine). See decouple-client-from-
+* identity §4.4.
+*/
+var ClientUserMismatchError = class extends Error {
+	code = "CLIENT_USER_MISMATCH";
+	constructor(message = "Client belongs to a different user") {
+		super(message);
+		this.name = "ClientUserMismatchError";
+	}
+};
 const RECONNECT_BASE_MS = 1e3;
 const RECONNECT_MAX_MS = 3e4;
 const WS_CONNECT_TIMEOUT_MS = 1e4;
@@ -2121,7 +2148,7 @@ var ClientConnection = class extends EventEmitter {
 			const code = typeof msg.code === "string" ? msg.code : void 0;
 			const message = typeof msg.message === "string" ? msg.message : "unknown";
 			this.closing = true;
-			const err = code === "CLIENT_ORG_MISMATCH" ? new ClientOrgMismatchError(message) : /* @__PURE__ */ new Error(`client:register rejected: ${message}`);
+			const err = code === "CLIENT_USER_MISMATCH" ? new ClientUserMismatchError(message) : code === "CLIENT_ORG_MISMATCH" ? new ClientOrgMismatchError(message) : /* @__PURE__ */ new Error(`client:register rejected: ${message}`);
 			this.lastHandshakeError = err;
 			this.wsLogger.error({
 				code,
@@ -7556,7 +7583,7 @@ async function onboardCreate(args) {
 	}
 	const runtimeAgent = args.type === "human" ? args.assistant : args.id;
 	if (args.feishuBotAppId && args.feishuBotAppSecret) {
-		const { bindFeishuBot } = await import("./feishu-DvjRZMdZ.mjs").then((n) => n.r);
+		const { bindFeishuBot } = await import("./feishu-eynC54km.mjs").then((n) => n.r);
 		const targetAgentUuid = args.type === "human" ? assistantUuid : primary.uuid;
 		if (!targetAgentUuid) print.line(`Warning: Cannot bind Feishu bot — no runtime agent available for "${args.id}".\n`);
 		else {
@@ -8536,7 +8563,7 @@ function createFeedbackHandler(config) {
 	return { handle };
 }
 //#endregion
-//#region ../server/dist/app-Ed9CsDC-.mjs
+//#region ../server/dist/app-XRPDwwkj.mjs
 var __defProp = Object.defineProperty;
 var __exportAll = (all, no_symbols) => {
 	let target = {};
@@ -8631,6 +8658,20 @@ const chatParticipants = pgTable("chat_participants", {
 	mode: text("mode").notNull().default("full"),
 	joinedAt: timestamp("joined_at", { withTimezone: true }).notNull().defaultNow()
 }, (table) => [primaryKey({ columns: [table.chatId, table.agentId] }), index("idx_participants_agent").on(table.agentId)]);
+/** Organization membership. Links a user to an org with a role and a 1:1 human agent. */
+const members = pgTable("members", {
+	id: text("id").primaryKey(),
+	userId: text("user_id").notNull().references(() => users.id),
+	organizationId: text("organization_id").notNull().references(() => organizations.id),
+	agentId: text("agent_id").unique().notNull().references(() => agents.uuid),
+	role: text("role").notNull(),
+	status: text("status").notNull().default("active"),
+	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow()
+}, (table) => [
+	unique("uq_members_user_org").on(table.userId, table.organizationId),
+	index("idx_members_user").on(table.userId),
+	index("idx_members_org").on(table.organizationId)
+]);
 function requireAgent(request) {
 	const agent = request.agent;
 	if (!agent) throw new UnauthorizedError("Agent authentication required");
@@ -8675,18 +8716,41 @@ function memberScope(request) {
 /**
 * SQL WHERE conditions for agents visible to a member.
 * Visibility is the same for all roles:
-*   same org + not deleted + (organization-visible OR managerId = self)
+*   target org + not deleted + (organization-visible OR managerId = caller's member)
+*
+* Takes explicit `orgId` + `memberId` rather than reading them from
+* MemberScope: an admin viewing a non-default org passes
+* `requireMemberInOrg(db, request, orgId).memberId` to derive the right
+* memberId for that org (decouple-client-from-identity §4.5.1).
 */
-function agentVisibilityCondition(scope) {
-	return and(eq(agents.organizationId, scope.organizationId), ne(agents.status, AGENT_STATUSES.DELETED), or(eq(agents.visibility, AGENT_VISIBILITY.ORGANIZATION), eq(agents.managerId, scope.memberId)));
+function agentVisibilityCondition(orgId, memberId) {
+	return and(eq(agents.organizationId, orgId), ne(agents.status, AGENT_STATUSES.DELETED), or(eq(agents.visibility, AGENT_VISIBILITY.ORGANIZATION), eq(agents.managerId, memberId)));
 }
 /**
-* Assert a single agent is visible to the member.
-* Single query — returns 404 for both "not found" and "not visible"
-* to prevent UUID enumeration.
+* Assert a single agent is visible to the caller.
+*
+* The agent is identified by UUID, so its organization is *intrinsic to the
+* row itself* — we don't gate on the JWT default org. Instead we resolve the
+* caller's active membership in `agent.organizationId` and reuse the same
+* visibility rule (organization-visible OR managerId = caller's member in
+* that org). This lets a multi-org user hit `/admin/agents/:uuid` for an
+* agent in a non-default org without re-issuing the JWT — `/auth/switch-org`
+* now returns 204 only and the web client carries the selected org in
+* localStorage (decouple-client-from-identity §C.2 / §D fix).
+*
+* Returns 404 for both "not found" and "not visible" to prevent UUID
+* enumeration.
 */
 async function assertAgentVisible(db, scope, agentUuid) {
-	const [row] = await db.select({ uuid: agents.uuid }).from(agents).where(and(eq(agents.uuid, agentUuid), agentVisibilityCondition(scope))).limit(1);
+	const [agent] = await db.select({
+		uuid: agents.uuid,
+		organizationId: agents.organizationId,
+		status: agents.status
+	}).from(agents).where(eq(agents.uuid, agentUuid)).limit(1);
+	if (!agent || agent.status === AGENT_STATUSES.DELETED) throw new NotFoundError(`Agent "${agentUuid}" not found`);
+	const [member] = await db.select({ id: members.id }).from(members).where(and(eq(members.userId, scope.userId), eq(members.organizationId, agent.organizationId), eq(members.status, "active"))).limit(1);
+	if (!member) throw new NotFoundError(`Agent "${agentUuid}" not found`);
+	const [row] = await db.select({ uuid: agents.uuid }).from(agents).where(and(eq(agents.uuid, agentUuid), agentVisibilityCondition(agent.organizationId, member.id))).limit(1);
 	if (!row) throw new NotFoundError(`Agent "${agentUuid}" not found`);
 }
 /**
@@ -8708,9 +8772,22 @@ async function assertChatAccess(db, scope, chatId) {
 	if (!managed) throw new NotFoundError(`Chat "${chatId}" not found`);
 }
 /**
-* Assert the member can manage (update/delete/token/suspend) an agent.
-* Admin can manage all agents in their org. Non-admin can only manage agents where managerId = self.
-* Always verifies the agent exists and belongs to the same org (throws 404 if not).
+* Assert the caller can manage (update/delete/token/suspend) an agent.
+*
+* Manageability is anchored on the agent's *own* organization, not on the
+* JWT default org. We resolve the caller's active membership in
+* `agent.organizationId` and grant manage access if either:
+*   - that membership is `admin` (admin in the agent's org), or
+*   - the agent's `managerId` equals the caller's memberId *in that org*.
+*
+* This is the cross-org switch-org fix: with `/auth/switch-org` now 204 the
+* scope.organizationId / scope.memberId are JWT defaults, so the previous
+* `agent.organizationId !== scope.organizationId` short-circuit was 404'ing
+* every `:uuid` route as soon as the user looked at a non-default org. We
+* authorize against the agent's actual org instead.
+*
+* Returns 404 for "not found", "not a member of agent's org", or "not
+* authorized" — same shape as before, to prevent UUID enumeration.
 */
 async function assertCanManage(db, scope, agentUuid) {
 	const [agent] = await db.select({
@@ -8718,9 +8795,85 @@ async function assertCanManage(db, scope, agentUuid) {
 		managerId: agents.managerId,
 		organizationId: agents.organizationId
 	}).from(agents).where(and(eq(agents.uuid, agentUuid), ne(agents.status, AGENT_STATUSES.DELETED))).limit(1);
-	if (!agent || agent.organizationId !== scope.organizationId) throw new NotFoundError(`Agent "${agentUuid}" not found`);
-	if (scope.role === "admin") return;
-	if (agent.managerId !== scope.memberId) throw new NotFoundError(`Agent "${agentUuid}" not found`);
+	if (!agent) throw new NotFoundError(`Agent "${agentUuid}" not found`);
+	const [memberRow] = await db.select({
+		id: members.id,
+		role: members.role
+	}).from(members).where(and(eq(members.userId, scope.userId), eq(members.organizationId, agent.organizationId), eq(members.status, "active"))).limit(1);
+	if (!memberRow) throw new NotFoundError(`Agent "${agentUuid}" not found`);
+	if (memberRow.role === "admin") return;
+	if (agent.managerId === memberRow.id) return;
+	throw new NotFoundError(`Agent "${agentUuid}" not found`);
+}
+/**
+* Assert the request's authenticated user has an active membership in
+* `orgId` and return its `(memberId, role)`. Used by admin routes that
+* accept an explicit `organizationId` from the request (query / body /
+* path) and must verify role realtime — JWT `organizationId` and `role`
+* claims are hints, not authoritative (decouple-client-from-identity §4.5).
+*
+* Throws {@link ForbiddenError} if the user is not an active member of the
+* target org.
+*/
+async function requireMemberInOrg(db, request, orgId) {
+	const m = requireMember(request);
+	const [row] = await db.select({
+		id: members.id,
+		role: members.role
+	}).from(members).where(and(eq(members.userId, m.userId), eq(members.organizationId, orgId), eq(members.status, "active"))).limit(1);
+	if (!row) throw new ForbiddenError("Not an active member of the target organization");
+	return {
+		memberId: row.id,
+		role: row.role
+	};
+}
+/**
+* Resolve the `(organizationId, memberId, role)` an admin route should
+* operate against, based on the unified PR-D scoping rule:
+*   - If the request supplies `?organizationId=…` (query) or it appears in
+*     the body, verify the caller is an active member there and return
+*     that membership realtime.
+*   - Otherwise fall back to the JWT default org (the existing
+*     `MemberScope` from `memberScope(request)`).
+*
+* All admin listing routes call this so that the cross-org switch — driven
+* entirely client-side via `localStorage.selectedOrganizationId` after
+* `/auth/switch-org` returns 204 — funnels through one consistent gate
+* (decouple-client-from-identity §4.5 / §D, codex P1 #2 fix).
+*
+* @returns the effective scope for the rest of the route to read from.
+*/
+async function resolveAdminScope(db, request, scope, requestedOrganizationId) {
+	if (!requestedOrganizationId || requestedOrganizationId === scope.organizationId) return scope;
+	const probe = await requireMemberInOrg(db, request, requestedOrganizationId);
+	return {
+		...scope,
+		memberId: probe.memberId,
+		organizationId: requestedOrganizationId,
+		role: probe.role
+	};
+}
+/**
+* Cross-org listing helper for "agents I personally manage". Used by the
+* CLI `agent list` view (decouple-client-from-identity §4.5.1 case (b)) —
+* the web roster, by contrast, stays org-scoped via
+* {@link agentVisibilityCondition}.
+*
+* Returns every active agent whose manager is an active member of the
+* caller. JOINs `agents → members.id` and filters by `members.user_id`.
+*/
+async function listAgentsManagedByUser(db, userId) {
+	return db.select({
+		uuid: agents.uuid,
+		name: agents.name,
+		displayName: agents.displayName,
+		type: agents.type,
+		organizationId: agents.organizationId,
+		inboxId: agents.inboxId,
+		visibility: agents.visibility,
+		runtimeProvider: agents.runtimeProvider,
+		clientId: agents.clientId
+	}).from(agents).innerJoin(members, eq(agents.managerId, members.id)).where(and(eq(members.userId, userId), eq(members.status, "active"), ne(agents.status, AGENT_STATUSES.DELETED)));
 }
 /**
 * Maps internal Chats to external IM platform channels.
@@ -8997,6 +9150,7 @@ async function findExternalMessageByInternalId(db, platform, messageId) {
 	}).from(adapterMessageReferences).where(and(eq(adapterMessageReferences.platform, platform), eq(adapterMessageReferences.messageId, messageId))).limit(1);
 	return row ?? null;
 }
+const orgQuerySchema$3 = z.object({ organizationId: z.string().min(1).optional() });
 function parseId$1(raw) {
 	const id = Number(raw);
 	if (!Number.isInteger(id) || id <= 0) throw new BadRequestError(`Invalid mapping ID: "${raw}"`);
@@ -9005,8 +9159,11 @@ function parseId$1(raw) {
 async function adminAdapterMappingRoutes(app) {
 	app.get("/", async (request) => {
 		const scope = memberScope(request);
-		const conditions = [eq(agents.organizationId, scope.organizationId)];
-		if (scope.role !== "admin") conditions.push(eq(agents.managerId, scope.memberId));
+		const { organizationId } = orgQuerySchema$3.parse(request.query);
+		const targetOrgId = organizationId ?? scope.organizationId;
+		const probe = await requireMemberInOrg(app.db, request, targetOrgId);
+		const conditions = [eq(agents.organizationId, targetOrgId)];
+		if (probe.role !== "admin") conditions.push(eq(agents.managerId, probe.memberId));
 		return (await app.db.select({
 			id: adapterAgentMappings.id,
 			platform: adapterAgentMappings.platform,
@@ -9073,11 +9230,15 @@ const adapterConfigs = pgTable("adapter_configs", {
 	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow(),
 	updatedAt: timestamp("updated_at", { withTimezone: true }).notNull().defaultNow()
 }, (t) => [unique("uq_adapter_configs_agent_platform").on(t.agentId, t.platform)]);
+const orgQuerySchema$2 = z.object({ organizationId: z.string().min(1).optional() });
 async function adminAdapterStatusRoutes(app) {
 	app.get("/", async (request) => {
 		const scope = memberScope(request);
-		const conditions = [eq(agents.organizationId, scope.organizationId), ne(agents.status, "deleted")];
-		if (scope.role !== "admin") conditions.push(eq(agents.managerId, scope.memberId));
+		const { organizationId } = orgQuerySchema$2.parse(request.query);
+		const targetOrgId = organizationId ?? scope.organizationId;
+		const probe = await requireMemberInOrg(app.db, request, targetOrgId);
+		const conditions = [eq(agents.organizationId, targetOrgId), ne(agents.status, "deleted")];
+		if (probe.role !== "admin") conditions.push(eq(agents.managerId, probe.memberId));
 		const visibleRows = await app.db.select({ id: adapterConfigs.id }).from(adapterConfigs).innerJoin(agents, eq(agents.uuid, adapterConfigs.agentId)).where(and(...conditions));
 		const visibleIds = new Set(visibleRows.map((r) => r.id));
 		if (visibleIds.size === 0) return [];
@@ -9264,6 +9425,7 @@ async function deleteAdapterConfig(db, id) {
 	if (!row) throw new NotFoundError(`Adapter config "${id}" not found`);
 }
 const log$5 = createLogger$1("AdminAdapters");
+const orgQuerySchema$1 = z.object({ organizationId: z.string().min(1).optional() });
 function parseId(raw) {
 	const id = Number(raw);
 	if (!Number.isInteger(id) || id <= 0) throw new BadRequestError(`Invalid adapter ID: "${raw}"`);
@@ -9272,7 +9434,9 @@ function parseId(raw) {
 async function adminAdapterRoutes(app) {
 	app.get("/", async (request) => {
 		const scope = memberScope(request);
-		return (await listAdapterConfigsForMember(app.db, scope)).map((c) => ({
+		const { organizationId } = orgQuerySchema$1.parse(request.query);
+		const effective = await resolveAdminScope(app.db, request, scope, organizationId);
+		return (await listAdapterConfigsForMember(app.db, effective)).map((c) => ({
 			...c,
 			createdAt: c.createdAt.toISOString(),
 			updatedAt: c.updatedAt.toISOString()
@@ -9401,20 +9565,6 @@ const agentConfigs = pgTable("agent_configs", {
 	updatedBy: text("updated_by").notNull(),
 	updatedAt: timestamp("updated_at", { withTimezone: true }).notNull().defaultNow()
 });
-/** Organization membership. Links a user to an org with a role and a 1:1 human agent. */
-const members = pgTable("members", {
-	id: text("id").primaryKey(),
-	userId: text("user_id").notNull().references(() => users.id),
-	organizationId: text("organization_id").notNull().references(() => organizations.id),
-	agentId: text("agent_id").unique().notNull().references(() => agents.uuid),
-	role: text("role").notNull(),
-	status: text("status").notNull().default("active"),
-	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow()
-}, (table) => [
-	unique("uq_members_user_org").on(table.userId, table.organizationId),
-	index("idx_members_user").on(table.userId),
-	index("idx_members_org").on(table.organizationId)
-]);
 /**
 * Names beginning with `__` are reserved for Hub-internal pseudo agents
 * (e.g. the task notifier). User-facing creation must not be able to
@@ -9506,19 +9656,14 @@ async function resolveAgentClient(db, data) {
 		return null;
 	}
 	if (!data.clientId) return null;
-	const [manager] = await db.select({
-		userId: members.userId,
-		organizationId: members.organizationId
-	}).from(members).where(eq(members.id, data.managerId)).limit(1);
+	const [manager] = await db.select({ userId: members.userId }).from(members).where(eq(members.id, data.managerId)).limit(1);
 	if (!manager) throw new BadRequestError(`Manager "${data.managerId}" not found`);
 	const [client] = await db.select({
 		id: clients.id,
-		userId: clients.userId,
-		organizationId: clients.organizationId
+		userId: clients.userId
 	}).from(clients).where(eq(clients.id, data.clientId)).limit(1);
 	if (!client) throw new BadRequestError(`Client "${data.clientId}" not found`);
 	if (!client.userId) throw new BadRequestError(`Client "${data.clientId}" has not been claimed by a user yet. Have the operator run \`first-tree-hub client connect\` on that machine before pinning an agent to it.`);
-	if (client.organizationId !== manager.organizationId) throw new ForbiddenError(`Client "${data.clientId}" belongs to a different organization — pick a client registered in the manager's org.`);
 	if (client.userId !== manager.userId) throw new ForbiddenError(`Client "${data.clientId}" is not owned by the manager's user — pick a client belonging to that user.`);
 	return client.id;
 }
@@ -9662,7 +9807,7 @@ async function listAgentsForAdmin(db, scope, limit, cursor) {
 * Uses agentVisibilityCondition from access-control (same rules for all roles).
 */
 async function listAgentsForMember(db, scope, limit, cursor, type) {
-	const conditions = [agentVisibilityCondition(scope)];
+	const conditions = [agentVisibilityCondition(scope.organizationId, scope.memberId)];
 	if (cursor) conditions.push(lt(agents.createdAt, new Date(cursor)));
 	if (type) conditions.push(eq(agents.type, type));
 	const where = and(...conditions);
@@ -10249,54 +10394,40 @@ async function cleanupStalePresence(db, staleSeconds = 60) {
 }
 /**
 * Assert the caller can act on this client. Throws 404 for both "not found"
-* and "not yours" to prevent UUID enumeration across org/user boundaries.
-*
-* A client is bound to exactly one organization (`clients.organization_id`).
-* Access is granted when:
-*   - member: row.user_id == scope.userId AND row.organization_id == scope.organizationId.
-*   - admin: row.organization_id == scope.organizationId AND the owner is a
-*     member of that same org (defense in depth).
-*
-* Same user across two orgs has two distinct client rows; operating on one
-* while logged into the other is refused by the org filter.
+* and "not yours" to prevent UUID enumeration. The client is owned by exactly
+* one user; cross-user admin access is no longer supported by this code path
+* (see decouple-client-from-identity-design §4.10.5 option A). Cross-user
+* ownership transfer goes through `claimClient` in PR-B.
 */
 async function assertClientOwner(db, clientId, scope) {
 	const [row] = await db.select({
 		id: clients.id,
-		userId: clients.userId,
-		organizationId: clients.organizationId
+		userId: clients.userId
 	}).from(clients).where(eq(clients.id, clientId)).limit(1);
-	if (!row) throw new NotFoundError(`Client "${clientId}" not found`);
-	if (row.organizationId !== scope.organizationId) throw new NotFoundError(`Client "${clientId}" not found`);
-	if (row.userId === scope.userId) return;
-	if (scope.role === "admin" && row.userId !== null) {
-		const [sibling] = await db.select({ id: members.id }).from(members).where(and(eq(members.userId, row.userId), eq(members.organizationId, scope.organizationId))).limit(1);
-		if (sibling) return;
-	}
-	throw new NotFoundError(`Client "${clientId}" not found`);
+	if (!row || row.userId !== scope.userId) throw new NotFoundError(`Client "${clientId}" not found`);
 }
 /**
 * Upsert the clients row for a given `client_id` under an authenticated user.
 *
-* Claim semantics (see proposal M13 + multi-tenancy hardening):
-*   - New client_id → INSERT with the authenticated user_id and org_id.
-*   - Existing row with the same user_id + org_id → refresh runtime columns.
-*   - Existing row in a different org → {@link ClientOrgMismatchError}. A
-*     client is bound to one org for its lifetime; the CLI reacts by
-*     abandoning the local clientId and registering a new one.
-*   - Existing row with a different user_id (same org) → {@link ForbiddenError};
-*     the operator must pick a different clientId. Hard conflict because
-*     pinned agents under that client belong to the original owner.
+* Claim semantics (decouple-client-from-identity §4.1.1):
+*   - New client_id → INSERT with the authenticated user_id. `organization_id`
+*     is written as a placeholder (NOT NULL legacy column; no longer consumed
+*     by any read path) sourced from the caller-supplied JWT default org.
+*   - Existing row with the same user_id → refresh runtime columns.
+*     `organization_id` is **not** updated on conflict, so the placeholder set
+*     at first insert sticks for the row's lifetime.
+*   - Existing row with a different user_id → raises
+*     {@link ClientUserMismatchError} (WS close 4403). The CLI guides the
+*     operator through `first-tree-hub client claim --confirm` to take
+*     ownership, which unpins the previous owner's agents from the machine.
 */
 async function registerClient(db, data) {
 	const now = /* @__PURE__ */ new Date();
 	const [existing] = await db.select({
 		id: clients.id,
-		userId: clients.userId,
-		organizationId: clients.organizationId
+		userId: clients.userId
 	}).from(clients).where(eq(clients.id, data.clientId)).limit(1);
-	if (existing && existing.organizationId !== data.organizationId) throw new ClientOrgMismatchError$1(`Client "${data.clientId}" is bound to a different organization. Re-register as a new client under the current org.`);
-	if (existing?.userId && existing.userId !== data.userId) throw new ForbiddenError(`Client "${data.clientId}" is already claimed by a different user. Pick a unique client_id.`);
+	if (existing?.userId && existing.userId !== data.userId) throw new ClientUserMismatchError$1(`Client "${data.clientId}" is owned by a different user. Run \`first-tree-hub client claim --confirm\` to transfer ownership.`);
 	await db.insert(clients).values({
 		id: data.clientId,
 		userId: data.userId,
@@ -10322,6 +10453,54 @@ async function registerClient(db, data) {
 		}
 	});
 }
+/**
+* Transfer ownership of a client row to a new user, unpinning any agents
+* whose manager belonged to the previous owner. Atomic: caller is guaranteed
+* either a fully-applied ownership flip + bulk unpin, or no change. Idempotent
+* when `newUserId` already owns the row.
+*
+* Manager → user resolution goes through the members JOIN (the agents table
+* carries only `manager_id`); cross-org agents under the same previous owner
+* are unpinned together (decouple-client-from-identity §4.4).
+*
+* Caller is responsible for the caller-side authorization (the new owner must
+* be the authenticated request's user). The structured log
+* `event: client.owner_transfer` is emitted by the caller after the
+* transaction commits, using the returned `previousUserId` /
+* `unpinnedAgentIds`.
+*/
+async function claimClient(db, clientId, newUserId) {
+	return db.transaction(async (tx) => {
+		const [locked] = await tx.execute(sql`SELECT id, user_id FROM clients WHERE id = ${clientId} FOR UPDATE`);
+		if (!locked) throw new NotFoundError(`Client "${clientId}" not found`);
+		const previousUserId = locked.user_id;
+		if (previousUserId === newUserId) return {
+			previousUserId,
+			unpinnedAgentIds: []
+		};
+		let unpinnedAgentIds = [];
+		if (previousUserId !== null) {
+			unpinnedAgentIds = (await tx.select({ uuid: agents.uuid }).from(agents).innerJoin(members, eq(agents.managerId, members.id)).where(and(eq(agents.clientId, clientId), eq(members.userId, previousUserId)))).map((r) => r.uuid);
+			if (unpinnedAgentIds.length > 0) {
+				const now = /* @__PURE__ */ new Date();
+				await tx.update(agents).set({
+					clientId: null,
+					updatedAt: now
+				}).where(inArray(agents.uuid, unpinnedAgentIds));
+				await tx.update(agentPresence).set({
+					status: "offline",
+					clientId: null,
+					...runtimeFieldsReset(now)
+				}).where(inArray(agentPresence.agentId, unpinnedAgentIds));
+			}
+		}
+		await tx.update(clients).set({ userId: newUserId }).where(eq(clients.id, clientId));
+		return {
+			previousUserId,
+			unpinnedAgentIds
+		};
+	});
+}
 async function disconnectClient(db, clientId) {
 	const now = /* @__PURE__ */ new Date();
 	await db.update(agentPresence).set({
@@ -10360,16 +10539,17 @@ async function listActiveAgentsPinnedToClient(db, clientId) {
 	}).from(agents).where(and(eq(agents.clientId, clientId), ne(agents.status, "deleted")));
 }
 /**
-* Member-scoped: every active agent pinned to a client owned by this user
-* within the given organization. Used by client startup to reconcile its
-* local YAML against the authoritative `agents.runtime_provider`.
+* Member-scoped: every active agent pinned to a client owned by this user.
+* Used by client startup to reconcile its local YAML against the authoritative
+* `agents.runtime_provider`. Cross-org by design — a client is owned by a
+* user, not an org (decouple-client-from-identity §4.1).
 */
 async function listMyPinnedAgents(db, scope) {
 	return (await db.select({
 		agentId: agents.uuid,
 		clientId: agents.clientId,
 		runtimeProvider: agents.runtimeProvider
-	}).from(agents).innerJoin(clients, eq(agents.clientId, clients.id)).where(and(eq(clients.userId, scope.userId), eq(clients.organizationId, scope.organizationId), ne(agents.status, "deleted")))).filter((r) => r.clientId !== null).map((r) => ({
+	}).from(agents).innerJoin(clients, eq(agents.clientId, clients.id)).where(and(eq(clients.userId, scope.userId), ne(agents.status, "deleted")))).filter((r) => r.clientId !== null).map((r) => ({
 		agentId: r.agentId,
 		clientId: r.clientId,
 		runtimeProvider: r.runtimeProvider
@@ -10394,17 +10574,28 @@ async function updateClientCapabilities(db, clientId, capabilities) {
 	await db.update(clients).set({ metadata: merged }).where(eq(clients.id, clientId));
 }
 /**
-* Scope-aware client listing.
-*
-*   - member: rows where `user_id = scope.userId` AND `organization_id = scope.organizationId`
-*     — protects against a user listing their own clients registered under a
-*     different org when they're logged into this one.
-*   - admin: every row in `scope.organizationId`, regardless of owner.
+* Scope-aware client listing. Returns the caller's own clients (cross-org —
+* a client is owned by a user, not an org). The admin route adds a separate
+* `?organizationId=` cross-user view via {@link listClientsForOrgAdmin}.
 */
 async function listClients(db, scope) {
-	const rows = scope.role === "admin" ? await db.select({
+	return attachAgentCounts(db, await db.select().from(clients).where(eq(clients.userId, scope.userId)));
+}
+/**
+* Admin-only cross-user listing: every client owned by an active member of
+* `orgId`. Joining `clients → members.user_id` instead of `clients.organization_id`
+* keeps the read path consistent with the rule that connection has no
+* runtime relationship to organization (decouple-client-from-identity §A).
+*
+* The caller must verify admin role realtime via `requireMemberInOrg` before
+* invoking this function — the service does not re-check, so it is
+* unsafe to expose without that gate.
+*/
+async function listClientsForOrgAdmin(db, orgId) {
+	return attachAgentCounts(db, await db.select({
 		id: clients.id,
 		userId: clients.userId,
+		organizationId: clients.organizationId,
 		status: clients.status,
 		sdkVersion: clients.sdkVersion,
 		hostname: clients.hostname,
@@ -10413,7 +10604,9 @@ async function listClients(db, scope) {
 		connectedAt: clients.connectedAt,
 		lastSeenAt: clients.lastSeenAt,
 		metadata: clients.metadata
-	}).from(clients).where(eq(clients.organizationId, scope.organizationId)) : await db.select().from(clients).where(and(eq(clients.userId, scope.userId), eq(clients.organizationId, scope.organizationId)));
+	}).from(clients).innerJoin(members, eq(members.userId, clients.userId)).where(and(eq(members.organizationId, orgId), eq(members.status, "active"))));
+}
+async function attachAgentCounts(db, rows) {
 	const counts = await db.select({
 		clientId: agents.clientId,
 		count: sql`count(*)::int`
@@ -10723,7 +10916,7 @@ async function listAgentsWithRuntime(db, scope) {
 		totalSessions: agentPresence.totalSessions,
 		runtimeUpdatedAt: agentPresence.runtimeUpdatedAt,
 		type: agents.type
-	}).from(agentPresence).innerJoin(agents, eq(agentPresence.agentId, agents.uuid)).where(and(isNotNull(agentPresence.runtimeState), agentVisibilityCondition(scope)));
+	}).from(agentPresence).innerJoin(agents, eq(agentPresence.agentId, agents.uuid)).where(and(isNotNull(agentPresence.runtimeState), agentVisibilityCondition(scope.organizationId, scope.memberId)));
 }
 const log$4 = createLogger$1("message");
 async function sendMessage(db, chatId, senderId, data, options = {}) {
@@ -11089,12 +11282,26 @@ async function adminAgentRoutes(app) {
 		}
 		sendToClient(agent.clientId, parsed.data);
 	}
-	const listAgentsFilterSchema = z.object({ type: agentTypeSchema$1.optional() });
+	const listAgentsFilterSchema = z.object({
+		type: agentTypeSchema$1.optional(),
+		organizationId: z.string().min(1).optional()
+	});
 	app.get("/", async (request) => {
 		const query = paginationQuerySchema.parse(request.query);
-		const { type } = listAgentsFilterSchema.parse(request.query);
+		const { type, organizationId } = listAgentsFilterSchema.parse(request.query);
 		const scope = memberScope(request);
-		const result = await listAgentsForMember(app.db, scope, query.limit, query.cursor, type);
+		const targetOrgId = organizationId ?? scope.organizationId;
+		let queryScope = scope;
+		if (targetOrgId !== scope.organizationId) {
+			const probe = await requireMemberInOrg(app.db, request, targetOrgId);
+			queryScope = {
+				...scope,
+				memberId: probe.memberId,
+				organizationId: targetOrgId,
+				role: probe.role
+			};
+		}
+		const result = await listAgentsForMember(app.db, queryScope, query.limit, query.cursor, type);
 		return {
 			items: result.items.map((a) => ({
 				...a,
@@ -11119,9 +11326,18 @@ async function adminAgentRoutes(app) {
 	*/
 	app.get("/all", async (request) => {
 		const scope = memberScope(request);
-		if (scope.role !== "admin") throw new ForbiddenError("Admin role required");
 		const query = paginationQuerySchema.parse(request.query);
-		const result = await listAgentsForAdmin(app.db, scope, query.limit, query.cursor);
+		const { organizationId } = listAgentsFilterSchema.parse(request.query);
+		const targetOrgId = organizationId ?? scope.organizationId;
+		const probe = await requireMemberInOrg(app.db, request, targetOrgId);
+		if (probe.role !== "admin") throw new ForbiddenError("Admin role required");
+		const adminScope = {
+			...scope,
+			memberId: probe.memberId,
+			organizationId: targetOrgId,
+			role: probe.role
+		};
+		const result = await listAgentsForAdmin(app.db, adminScope, query.limit, query.cursor);
 		return {
 			items: result.items.map((a) => ({
 				...a,
@@ -11152,9 +11368,12 @@ async function adminAgentRoutes(app) {
 	app.post("/", async (request, reply) => {
 		const scope = memberScope(request);
 		const body = createAgentSchema.parse(request.body);
-		const managerId = scope.role === "admin" ? body.managerId ?? scope.memberId : scope.memberId;
+		const targetOrgId = body.organizationId ?? scope.organizationId;
+		const probe = await requireMemberInOrg(app.db, request, targetOrgId);
+		const managerId = probe.role === "admin" ? body.managerId ?? probe.memberId : probe.memberId;
 		const agent = await createAgent(app.db, {
 			...body,
+			organizationId: targetOrgId,
 			source: body.source ?? "admin-api",
 			managerId
 		});
@@ -11461,7 +11680,8 @@ async function adminChatRoutes(app) {
 	/** List all chats in org (admin-only, for audit). Members should use GET /mine. */
 	app.get("/", { preHandler: requireAdminRoleHook() }, async (request) => {
 		const query = paginationQuerySchema.parse(request.query);
-		const orgParam = request.query.org;
+		const rawQuery = request.query;
+		const orgParam = rawQuery.organizationId ?? rawQuery.org;
 		let orgId;
 		if (orgParam) orgId = (await resolveOrganization(app.db, orgParam)).id;
 		else orgId = await resolveDefaultOrgId(app.db);
@@ -11655,14 +11875,15 @@ async function adminChatRoutes(app) {
 function serializeDate(d) {
 	return d ? d.toISOString() : null;
 }
+const listClientsQuerySchema = z.object({ organizationId: z.string().min(1).optional() });
 async function adminClientRoutes(app) {
 	app.get("/", async (request) => {
 		const scope = memberScope(request);
-		return (await listClients(app.db, {
-			userId: scope.userId,
-			organizationId: scope.organizationId,
-			role: scope.role
-		})).map((c) => ({
+		const { organizationId } = listClientsQuerySchema.parse(request.query);
+		return (organizationId ? await (async () => {
+			if ((await requireMemberInOrg(app.db, request, organizationId)).role !== "admin") throw new ForbiddenError("Admin role required");
+			return listClientsForOrgAdmin(app.db, organizationId);
+		})() : await listClients(app.db, { userId: scope.userId })).map((c) => ({
 			id: c.id,
 			userId: c.userId,
 			status: c.status,
@@ -11676,10 +11897,7 @@ async function adminClientRoutes(app) {
 	});
 	app.get("/me/agents", async (request) => {
 		const scope = memberScope(request);
-		return await listMyPinnedAgents(app.db, {
-			userId: scope.userId,
-			organizationId: scope.organizationId
-		});
+		return await listMyPinnedAgents(app.db, { userId: scope.userId });
 	});
 	app.patch("/:clientId/capabilities", async (request, reply) => {
 		const scope = memberScope(request);
@@ -12014,25 +12232,33 @@ async function pushToWebhook(db, notification) {
 		});
 	} catch {}
 }
+const orgQuerySchema = z.object({ organizationId: z.string().min(1).optional() });
 async function adminNotificationRoutes(app) {
 	/**
-	* GET /admin/notifications — list notifications visible to the caller.
+	* GET /admin/notifications — list notifications visible to the caller in
+	* the **selected** organization. The web client passes
+	* `?organizationId=<selectedOrgId>` so a non-default org doesn't reuse
+	* the JWT default org's bell feed (codex P1 #2). Defaults to JWT org
+	* when omitted.
 	*
-	* Scoped by (a) organization (via JWT) and (b) per-agent visibility: the
-	* member only sees notifications whose agentId is visible to them
-	* (organization-visible agents or agents they manage), plus org-wide
-	* system notifications with no agentId. This mirrors the rule the admin
-	* WebSocket route enforces on live pushes — REST and WS stay in sync.
+	* Per-agent visibility filter: the member only sees notifications whose
+	* agentId is visible to them in that org (organization-visible agents or
+	* agents they manage), plus org-wide system notifications with no
+	* agentId. This mirrors the admin-WS push gate so REST and WS stay in sync.
 	*/
 	app.get("/", async (request) => {
-		const member = requireMember(request);
+		const scope = memberScope(request);
+		const { organizationId } = orgQuerySchema.parse(request.query);
+		const effective = await resolveAdminScope(app.db, request, scope, organizationId);
 		const query = notificationQuerySchema.parse(request.query);
-		return listNotifications(app.db, member.organizationId, member.memberId, query);
+		return listNotifications(app.db, effective.organizationId, effective.memberId, query);
 	});
 	/** POST /admin/notifications/:id/read — mark a single notification as read */
 	app.post("/:id/read", async (request) => {
-		const member = requireMember(request);
-		const result = await markRead(app.db, request.params.id, member.organizationId, member.memberId);
+		const scope = memberScope(request);
+		const { organizationId } = orgQuerySchema.parse(request.query);
+		const effective = await resolveAdminScope(app.db, request, scope, organizationId);
+		const result = await markRead(app.db, request.params.id, effective.organizationId, effective.memberId);
 		if (!result) throw new NotFoundError(`Notification "${request.params.id}" not found`);
 		return {
 			...result,
@@ -12041,8 +12267,10 @@ async function adminNotificationRoutes(app) {
 	});
 	/** POST /admin/notifications/read-all — mark all visible notifications as read */
 	app.post("/read-all", async (request) => {
-		const member = requireMember(request);
-		await markAllRead(app.db, member.organizationId, member.memberId);
+		const scope = memberScope(request);
+		const { organizationId } = orgQuerySchema.parse(request.query);
+		const effective = await resolveAdminScope(app.db, request, scope, organizationId);
+		await markAllRead(app.db, effective.organizationId, effective.memberId);
 		return { status: "ok" };
 	});
 }
@@ -12094,7 +12322,8 @@ async function adminOrganizationRoutes(app) {
 }
 async function adminOverviewRoutes(app) {
 	app.get("/", async (request) => {
-		const orgParam = (request.query ?? {}).org;
+		const q = request.query ?? {};
+		const orgParam = q.organizationId ?? q.org;
 		let orgId;
 		if (orgParam) orgId = (await resolveOrganization(app.db, orgParam)).id;
 		else orgId = await resolveDefaultOrgId(app.db);
@@ -12409,17 +12638,21 @@ const globalSessionFilterSchema = paginationQuerySchema.extend({
 		"suspended",
 		"evicted"
 	]).optional(),
-	agentId: z.string().optional()
+	agentId: z.string().optional(),
+	organizationId: z.string().min(1).optional()
 });
 async function adminSessionRoutes(app) {
-	/** GET /admin/sessions — global session list, scoped to caller's org */
+	/** GET /admin/sessions — global session list, scoped to the selected
+	*  org. The web client passes `?organizationId=<selectedOrgId>` after a
+	*  /auth/switch-org 204 (codex P1 #2); falls back to the JWT default. */
 	app.get("/", async (request) => {
-		const member = requireMember(request);
+		const scope = memberScope(request);
 		const query = globalSessionFilterSchema.parse(request.query);
+		const effective = await resolveAdminScope(app.db, request, scope, query.organizationId);
 		return listAllSessions(app.db, query.limit, query.cursor, {
 			state: query.state,
 			agentId: query.agentId,
-			organizationId: member.organizationId
+			organizationId: effective.organizationId
 		});
 	});
 	/** GET /admin/sessions/agents/:agentId — sessions for a specific agent.
@@ -13113,11 +13346,11 @@ function adminWsRoutes(notifier, jwtSecret) {
 				endWsConnectionSpan(socket, 4001);
 				return;
 			}
+			let userId;
 			let organizationId;
-			let memberId;
 			try {
 				const { payload } = await jwtVerify(token, secret);
-				if (payload.type !== "access" || !payload.sub || typeof payload.organizationId !== "string" || typeof payload.memberId !== "string") {
+				if (payload.type !== "access" || typeof payload.sub !== "string" || typeof payload.organizationId !== "string") {
 					socket.send(JSON.stringify({
 						type: "error",
 						message: "Invalid token type"
@@ -13126,8 +13359,8 @@ function adminWsRoutes(notifier, jwtSecret) {
 					endWsConnectionSpan(socket, 4001);
 					return;
 				}
+				userId = payload.sub;
 				organizationId = payload.organizationId;
-				memberId = payload.memberId;
 			} catch {
 				socket.send(JSON.stringify({
 					type: "error",
@@ -13137,6 +13370,20 @@ function adminWsRoutes(notifier, jwtSecret) {
 				endWsConnectionSpan(socket, 4001);
 				return;
 			}
+			const [memberRow] = await app.db.select({
+				id: members.id,
+				role: members.role
+			}).from(members).where(and(eq(members.userId, userId), eq(members.organizationId, organizationId), eq(members.status, "active"))).limit(1);
+			if (!memberRow) {
+				socket.send(JSON.stringify({
+					type: "error",
+					message: "Not an active member of this organization"
+				}));
+				socket.close(4403, "Not a member");
+				endWsConnectionSpan(socket, 4403);
+				return;
+			}
+			const memberId = memberRow.id;
 			setWsConnectionAttrs(socket, {
 				organizationId,
 				memberId
@@ -13965,6 +14212,7 @@ function clientWsRoutes(notifier, instanceId) {
 		}, async (socket) => {
 			startWsConnectionSpan(socket);
 			let session = null;
+			let jwtDefaultOrgId = null;
 			let clientId = null;
 			let authExpiryTimer = null;
 			const boundAgents = /* @__PURE__ */ new Map();
@@ -14195,28 +14443,15 @@ function clientWsRoutes(notifier, instanceId) {
 					try {
 						const { payload } = await jwtVerify(authParsed.data.token, jwtSecretBytes);
 						const claims = payload;
-						if (claims.type !== "access" || !claims.sub || !claims.memberId) throw new Error("Invalid token claims");
+						if (claims.type !== "access" || !claims.sub) throw new Error("Invalid token claims");
 						const [user] = await app.db.select({
 							id: users.id,
 							status: users.status
 						}).from(users).where(eq(users.id, claims.sub)).limit(1);
 						if (!user || user.status !== "active") throw new Error("User not found or suspended");
-						const [member] = await app.db.select({
-							id: members.id,
-							organizationId: members.organizationId,
-							role: members.role
-						}).from(members).where(eq(members.id, claims.memberId)).limit(1);
-						if (!member) throw new Error("Membership not found");
-						session = {
-							userId: user.id,
-							memberId: member.id,
-							organizationId: member.organizationId,
-							role: member.role
-						};
-						setWsConnectionAttrs(socket, {
-							"organization.id": member.organizationId,
-							"member.id": member.id
-						});
+						session = { userId: user.id };
+						jwtDefaultOrgId = typeof claims.organizationId === "string" ? claims.organizationId : null;
+						setWsConnectionAttrs(socket, { "user.id": user.id });
 						clearTimeout(authTimeout);
 						scheduleAuthExpiry(claims.exp);
 						socket.send(JSON.stringify({ type: "auth:ok" }));
@@ -14242,11 +14477,19 @@ function clientWsRoutes(notifier, instanceId) {
 						if (type === "client:register") {
 							const data = clientRegisterSchema.parse(msg);
 							clientWantsWsInboxDeliver = data.wireCapabilities?.wsInboxDeliver === true;
+							if (!jwtDefaultOrgId) {
+								socket.send(JSON.stringify({
+									type: "client:register:rejected",
+									message: "JWT missing organizationId claim"
+								}));
+								socket.close(4401, "client register rejected");
+								return;
+							}
 							try {
 								await registerClient(app.db, {
 									clientId: data.clientId,
 									userId: session.userId,
-									organizationId: session.organizationId,
+									organizationId: jwtDefaultOrgId,
 									instanceId,
 									hostname: data.hostname,
 									os: data.os,
@@ -14254,7 +14497,7 @@ function clientWsRoutes(notifier, instanceId) {
 								});
 							} catch (err) {
 								const message = err instanceof Error ? err.message : "client register failed";
-								const code = err instanceof ClientOrgMismatchError$1 ? err.code : void 0;
+								const code = err instanceof ClientUserMismatchError$1 ? err.code : err instanceof ClientOrgMismatchError$1 ? err.code : void 0;
 								socket.send(JSON.stringify({
 									type: "client:register:rejected",
 									message,
@@ -14317,25 +14560,24 @@ function clientWsRoutes(notifier, instanceId) {
 								clientId: agents.clientId,
 								runtimeProvider: agents.runtimeProvider,
 								clientUserId: clients.userId,
-								managerUserId: members.userId
+								managerUserId: members.userId,
+								managerMemberStatus: members.status
 							}).from(agents).leftJoin(clients, eq(agents.clientId, clients.id)).leftJoin(members, eq(agents.managerId, members.id)).where(and(eq(agents.uuid, bindRequest.agentId))).limit(1);
 							if (!agent) {
 								sendRejected(socket, ref, AGENT_BIND_REJECT_REASONS.UNKNOWN_AGENT);
 								return;
 							}
-							if (agent.organizationId !== session.organizationId) {
-								sendRejected(socket, ref, AGENT_BIND_REJECT_REASONS.WRONG_ORG);
-								return;
-							}
 							if (agent.status !== "active") {
 								sendRejected(socket, ref, AGENT_BIND_REJECT_REASONS.AGENT_SUSPENDED);
 								return;
 							}
+							const ownerOk = agent.managerUserId !== null && agent.managerUserId === session.userId;
+							const membershipActive = agent.managerMemberStatus === "active";
+							if (!ownerOk || !membershipActive) {
+								sendRejected(socket, ref, AGENT_BIND_REJECT_REASONS.NOT_OWNED);
+								return;
+							}
 							if (agent.clientId === null) {
-								if (!agent.managerUserId || agent.managerUserId !== session.userId) {
-									sendRejected(socket, ref, AGENT_BIND_REJECT_REASONS.NOT_OWNED);
-									return;
-								}
 								if ((await app.db.update(agents).set({
 									clientId,
 									updatedAt: /* @__PURE__ */ new Date()
@@ -14363,7 +14605,8 @@ function clientWsRoutes(notifier, instanceId) {
 							bindAgentToClient(clientId, agent.id);
 							boundAgents.set(agent.id, {
 								agentId: agent.id,
-								inboxId: agent.inboxId
+								inboxId: agent.inboxId,
+								organizationId: agent.organizationId
 							});
 							const wsPushActive = pushUseWsDataPlane();
 							if (wsPushActive) notifier.subscribe(agent.inboxId, socket, makeInboxPushHandler(agent.id, agent.inboxId));
@@ -14423,7 +14666,9 @@ function clientWsRoutes(notifier, instanceId) {
 								}, "session:state rejected — stale client wire");
 								return;
 							}
-							await upsertSessionState(app.db, agentId, payloadResult.data.chatId, payloadResult.data.state, session.organizationId, notifier);
+							const boundAgentInfo = boundAgents.get(agentId);
+							if (!boundAgentInfo) return;
+							await upsertSessionState(app.db, agentId, payloadResult.data.chatId, payloadResult.data.state, boundAgentInfo.organizationId, notifier);
 						} else if (type === "session:reconcile") {
 							const agentId = parsed.data.agentId;
 							if (!agentId || !boundAgents.has(agentId)) {
@@ -14460,8 +14705,10 @@ function clientWsRoutes(notifier, instanceId) {
 								return;
 							}
 							const payload = runtimeStateMessageSchema.parse(msg);
+							const boundAgentInfo = boundAgents.get(agentId);
+							if (!boundAgentInfo) return;
 							await setRuntimeState(app.db, agentId, payload.runtimeState, {
-								organizationId: session.organizationId,
+								organizationId: boundAgentInfo.organizationId,
 								notifier
 							});
 							if (payload.runtimeState === "error" && shouldNotify(agentId, "agent_error")) notifyAgentEvent(app.db, agentId, "agent_error", "high").catch(() => {});
@@ -14983,6 +15230,7 @@ async function listActiveMemberships(db, userId) {
 		memberId: members.id,
 		organizationId: members.organizationId,
 		role: members.role,
+		agentId: members.agentId,
 		orgName: organizations.name,
 		orgDisplayName: organizations.displayName,
 		createdAt: members.createdAt
@@ -15324,6 +15572,36 @@ async function bootstrapConfigRoutes(app) {
 		return { allowedOrg: app.config.github.allowedOrg ?? null };
 	});
 }
+/**
+* Member-scoped client routes.
+*
+* Mounted at `/me/clients` to keep them off the admin surface (the legacy
+* admin clients router lives at `/clients`). The only operation here is
+* `POST /:clientId/claim`: ownership transfer driven by the operator running
+* `first-tree-hub client claim --confirm` after a 4403 handshake mismatch
+* (decouple-client-from-identity §4.4).
+*/
+async function memberClientRoutes(app) {
+	app.post("/:clientId/claim", async (request, reply) => {
+		const m = requireMember(request);
+		const { clientId } = request.params;
+		const result = await claimClient(app.db, clientId, m.userId);
+		const droppedAgentIds = forceDisconnectClient(clientId);
+		request.log.info({
+			event: "client.owner_transfer",
+			clientId,
+			fromUserId: result.previousUserId,
+			toUserId: m.userId,
+			unpinnedAgentCount: result.unpinnedAgentIds.length,
+			droppedSocketAgentCount: droppedAgentIds.length
+		}, "client ownership transferred via /me/clients/:clientId/claim");
+		return reply.status(200).send({
+			clientId,
+			previousUserId: result.previousUserId,
+			unpinnedAgentCount: result.unpinnedAgentIds.length
+		});
+	});
+}
 async function contextTreeInfoRoutes(app) {
 	/** Public endpoint — returns Context Tree repo metadata for CLI auto-discovery. */
 	app.get("/info", async () => {
@@ -15453,6 +15731,7 @@ async function meRoutes(app) {
 			const inv = await getActiveInvitation(app.db, m.organizationId);
 			if (inv) inviteUrl = buildInviteUrl(resolvePublicUrl(app, request), inv.token);
 		}
+		const memberships = await listActiveMemberships(app.db, m.userId);
 		return {
 			user: user ?? null,
 			member: {
@@ -15461,6 +15740,13 @@ async function meRoutes(app) {
 				role: m.role,
 				agentId: m.agentId
 			},
+			memberships: memberships.map((mb) => ({
+				id: mb.memberId,
+				organizationId: mb.organizationId,
+				organizationName: mb.orgDisplayName,
+				role: mb.role,
+				agentId: mb.agentId
+			})),
 			agent: agent ?? null,
 			wizard: { step: wizardStep },
 			inviteUrl
@@ -15494,6 +15780,20 @@ async function meRoutes(app) {
 			command: `first-tree-hub connect ${token}`
 		};
 	});
+	app.get("/me/managed-agents", async (request) => {
+		const m = requireMember(request);
+		return (await listAgentsManagedByUser(app.db, m.userId)).map((r) => ({
+			uuid: r.uuid,
+			name: r.name,
+			displayName: r.displayName,
+			type: r.type,
+			organizationId: r.organizationId,
+			inboxId: r.inboxId,
+			visibility: r.visibility,
+			runtimeProvider: r.runtimeProvider,
+			clientId: r.clientId
+		}));
+	});
 	app.get("/me/organizations", async (request) => {
 		const m = requireMember(request);
 		return (await listActiveMemberships(app.db, m.userId)).map((r) => ({
@@ -15581,15 +15881,9 @@ async function meRoutes(app) {
 	app.post("/auth/switch-org", async (request, reply) => {
 		const m = requireMember(request);
 		const body = switchOrgSchema.parse(request.body);
-		const [target] = await app.db.select().from(members).where(and(eq(members.userId, m.userId), eq(members.organizationId, body.organizationId), eq(members.status, "active"))).limit(1);
+		const [target] = await app.db.select({ id: members.id }).from(members).where(and(eq(members.userId, m.userId), eq(members.organizationId, body.organizationId), eq(members.status, "active"))).limit(1);
 		if (!target) throw new ForbiddenError("You do not belong to that organization");
-		const tokens = await signTokensForMember(app.config.secrets.jwtSecret, {
-			userId: m.userId,
-			memberId: target.id,
-			organizationId: target.organizationId,
-			role: target.role
-		});
-		return reply.send(tokens);
+		return reply.status(204).send();
 	});
 }
 /**
@@ -15605,7 +15899,7 @@ async function meRoutes(app) {
 * that's the explicit reset path.
 */
 async function inferWizardStep(app, m) {
-	const [hasClient] = await app.db.select({ id: clients.id }).from(clients).where(and(eq(clients.userId, m.userId), eq(clients.organizationId, m.organizationId))).limit(1);
+	const [hasClient] = await app.db.select({ id: clients.id }).from(clients).where(eq(clients.userId, m.userId)).limit(1);
 	if (!hasClient) return "connect";
 	const [hasAgent] = await app.db.select({ uuid: agents.uuid }).from(agents).where(and(eq(agents.managerId, m.memberId), ne(agents.type, "human"), eq(agents.status, "active"))).limit(1);
 	if (!hasAgent) return "create_agent";
@@ -15617,7 +15911,7 @@ async function inferWizardStep(app, m) {
 * landing page.
 */
 async function publicInvitePreviewRoute(app) {
-	const { previewInvitation } = await import("./invitation-D3feYxet-366MNOor.mjs");
+	const { previewInvitation } = await import("./invitation-CBnQyB7o-DVOpS_Ts.mjs");
 	app.get("/:token/preview", async (request, reply) => {
 		if (!request.params.token) throw new UnauthorizedError("Token required");
 		const preview = await previewInvitation(app.db, request.params.token);
@@ -15647,7 +15941,7 @@ async function adminInvitationRoutes(app) {
 		const m = requireMember(request);
 		if (m.role !== "admin") throw new ForbiddenError("Admin role required");
 		if (request.params.id !== m.organizationId) throw new ForbiddenError("Cannot rotate invitations for another organization");
-		const { rotateInvitation } = await import("./invitation-D3feYxet-366MNOor.mjs");
+		const { rotateInvitation } = await import("./invitation-CBnQyB7o-DVOpS_Ts.mjs");
 		const inv = await rotateInvitation(app.db, m.organizationId, m.userId);
 		return {
 			id: inv.id,
@@ -17629,6 +17923,10 @@ async function buildApp(config) {
 			adminApp.addHook("onRequest", memberAuth);
 			await adminApp.register(adminClientRoutes);
 		}, { prefix: "/clients" });
+		await api.register(async (memberApp) => {
+			memberApp.addHook("onRequest", memberAuth);
+			await memberApp.register(memberClientRoutes);
+		}, { prefix: "/me/clients" });
 		await api.register(async (adminApp) => {
 			adminApp.addHook("onRequest", memberAuth);
 			await adminApp.register(adminActivityRoutes);
@@ -18262,4 +18560,4 @@ function registerSaaSConnectCommand(program) {
 	});
 }
 //#endregion
-export { status as $, checkServerHealth as A, isDockerAvailable as B, checkAgentConfigs as C, checkDocker as D, checkDatabase as E, installClientService as F, createOwner as G, ClientRuntime as H, isServiceSupported as I, fail as J, hasUser as K, resolveCliInvocation as L, checkWebSocket as M, printResults as N, checkNodeVersion as O, getClientServiceStatus as P, setJsonMode as Q, uninstallClientService as R, runMigrations as S, checkClientConfig as T, handleClientOrgMismatch as U, stopPostgres as V, rotateClientIdWithBackup as W, blank as X, success as Y, print as Z, onboardCreate as _, declineUpdate as a, probeCapabilities as at, createApiNameResolver as b, COMMAND_VERSION as c, isInteractive as d, ClientOrgMismatchError as et, promptAddAgent as f, onboardCheck as g, loadOnboardState as h, createExecuteUpdate as i, cleanWorkspaces as it, checkServerReachable as j, checkServerConfig as k, reconcileLocalRuntimeProviders as l, formatCheckReport as m, deriveHubUrlFromToken as n, SdkError as nt, promptUpdate as o, applyClientLoggerConfig as ot, promptMissingFields as p, resolveReplyToFromEnv as q, registerSaaSConnectCommand as r, SessionRegistry as rt, startServer as s, configureClientLoggerForService as st, HubUrlDerivationError as t, FirstTreeHubSDK as tt, uploadClientCapabilities as u, saveOnboardState as v, checkBackgroundService as w, migrateLocalAgentDirs as x, runHomeMigration as y, ensurePostgres as z };
+export { status as $, checkServerHealth as A, isDockerAvailable as B, checkAgentConfigs as C, checkDocker as D, checkDatabase as E, installClientService as F, createOwner as G, ClientRuntime as H, isServiceSupported as I, fail as J, hasUser as K, resolveCliInvocation as L, checkWebSocket as M, printResults as N, checkNodeVersion as O, getClientServiceStatus as P, setJsonMode as Q, uninstallClientService as R, runMigrations as S, checkClientConfig as T, handleClientOrgMismatch as U, stopPostgres as V, rotateClientIdWithBackup as W, blank as X, success as Y, print as Z, onboardCreate as _, declineUpdate as a, cleanWorkspaces as at, createApiNameResolver as b, COMMAND_VERSION as c, configureClientLoggerForService as ct, isInteractive as d, ClientOrgMismatchError as et, promptAddAgent as f, onboardCheck as g, loadOnboardState as h, createExecuteUpdate as i, SessionRegistry as it, checkServerReachable as j, checkServerConfig as k, reconcileLocalRuntimeProviders as l, formatCheckReport as m, deriveHubUrlFromToken as n, FirstTreeHubSDK as nt, promptUpdate as o, probeCapabilities as ot, promptMissingFields as p, resolveReplyToFromEnv as q, registerSaaSConnectCommand as r, SdkError as rt, startServer as s, applyClientLoggerConfig as st, HubUrlDerivationError as t, ClientUserMismatchError as tt, uploadClientCapabilities as u, saveOnboardState as v, checkBackgroundService as w, migrateLocalAgentDirs as x, runHomeMigration as y, ensurePostgres as z };