@inkeep/agents-api 0.0.0-dev-20260302211942 → 0.0.0-dev-20260302234522

package/dist/middleware/index.d.ts

@@ -1,8 +1,8 @@
 import { authCorsConfig, defaultCorsConfig, getBaseDomain, isOriginAllowed, playgroundCorsConfig, runCorsConfig, signozCorsConfig, workAppsCorsConfig } from "./cors.js";
 import { errorHandler } from "./errorHandler.js";
-import { manageApiKeyAuth, manageApiKeyOrSessionAuth } from "./manageAuth.js";
+import { manageBearerAuth, manageBearerOrSessionAuth } from "./manageAuth.js";
 import { runApiKeyAuth, runApiKeyAuthExcept, runOptionalAuth } from "./runAuth.js";
 import { sessionAuth } from "./sessionAuth.js";
 import { requireTenantAccess } from "./tenantAccess.js";
 import { workAppsAuth } from "./workAppsAuth.js";
-export { authCorsConfig, defaultCorsConfig, errorHandler, getBaseDomain, isOriginAllowed, manageApiKeyAuth, manageApiKeyOrSessionAuth, playgroundCorsConfig, requireTenantAccess, runApiKeyAuth, runApiKeyAuthExcept, runCorsConfig, runOptionalAuth, sessionAuth, signozCorsConfig, workAppsAuth, workAppsCorsConfig };
+export { authCorsConfig, defaultCorsConfig, errorHandler, getBaseDomain, isOriginAllowed, manageBearerAuth, manageBearerOrSessionAuth, playgroundCorsConfig, requireTenantAccess, runApiKeyAuth, runApiKeyAuthExcept, runCorsConfig, runOptionalAuth, sessionAuth, signozCorsConfig, workAppsAuth, workAppsCorsConfig };

package/dist/middleware/index.js

@@ -1,9 +1,9 @@
 import { authCorsConfig, defaultCorsConfig, getBaseDomain, isOriginAllowed, playgroundCorsConfig, runCorsConfig, signozCorsConfig, workAppsCorsConfig } from "./cors.js";
 import { errorHandler } from "./errorHandler.js";
 import { sessionAuth } from "./sessionAuth.js";
-import { manageApiKeyAuth, manageApiKeyOrSessionAuth } from "./manageAuth.js";
+import { manageBearerAuth, manageBearerOrSessionAuth } from "./manageAuth.js";
 import { runApiKeyAuth, runApiKeyAuthExcept, runOptionalAuth } from "./runAuth.js";
 import { requireTenantAccess } from "./tenantAccess.js";
 import { workAppsAuth } from "./workAppsAuth.js";
 
-export { authCorsConfig, defaultCorsConfig, errorHandler, getBaseDomain, isOriginAllowed, manageApiKeyAuth, manageApiKeyOrSessionAuth, playgroundCorsConfig, requireTenantAccess, runApiKeyAuth, runApiKeyAuthExcept, runCorsConfig, runOptionalAuth, sessionAuth, signozCorsConfig, workAppsAuth, workAppsCorsConfig };
+export { authCorsConfig, defaultCorsConfig, errorHandler, getBaseDomain, isOriginAllowed, manageBearerAuth, manageBearerOrSessionAuth, playgroundCorsConfig, requireTenantAccess, runApiKeyAuth, runApiKeyAuthExcept, runCorsConfig, runOptionalAuth, sessionAuth, signozCorsConfig, workAppsAuth, workAppsCorsConfig };

package/dist/middleware/manageAuth.d.ts

@@ -1,5 +1,5 @@
 import { BaseExecutionContext } from "@inkeep/agents-core";
-import * as hono4 from "hono";
+import * as hono16 from "hono";
 import { createAuth } from "@inkeep/agents-core/auth";
 
 //#region src/middleware/manageAuth.d.ts
@@ -9,10 +9,13 @@ import { createAuth } from "@inkeep/agents-core/auth";
  * Authentication priority:
  * 1. Bypass secret (INKEEP_AGENTS_MANAGE_API_BYPASS_SECRET)
  * 2. Better-auth session token (from device authorization flow)
- * 3. Database API key
+ * 3. Slack user JWT token (for Slack work app delegation)
  * 4. Internal service token
+ *
+ * NOTE: Database API keys are intentionally NOT accepted on manage endpoints.
+ * API keys are restricted to the run domain only (chat, agent execution).
  */
-declare const manageApiKeyAuth: () => hono4.MiddlewareHandler<{
+declare const manageBearerAuth: () => hono16.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
     userId?: string;
@@ -23,8 +26,9 @@ declare const manageApiKeyAuth: () => hono4.MiddlewareHandler<{
 }, string, {}, Response>;
 /**
  * Middleware that gates a route with manage-domain authentication.
- * Uses Bearer token → API key auth, otherwise falls back to session auth.
+ * Uses Bearer token → manage bearer auth (bypass secret, session, Slack JWT, internal service),
+ * otherwise falls back to session auth.
  */
-declare const manageApiKeyOrSessionAuth: () => hono4.MiddlewareHandler<any, string, {}, Response>;
+declare const manageBearerOrSessionAuth: () => hono16.MiddlewareHandler<any, string, {}, Response>;
 //#endregion
-export { manageApiKeyAuth, manageApiKeyOrSessionAuth };
+export { manageBearerAuth, manageBearerOrSessionAuth };

package/dist/middleware/manageAuth.js

@@ -1,7 +1,6 @@
 import { env } from "../env.js";
-import runDbClient_default from "../data/db/runDbClient.js";
 import { sessionAuth } from "./sessionAuth.js";
-import { getLogger, isInternalServiceToken, isSlackUserToken, validateAndGetApiKey, verifyInternalServiceAuthHeader, verifySlackUserToken } from "@inkeep/agents-core";
+import { getLogger, isInternalServiceToken, isSlackUserToken, verifyInternalServiceAuthHeader, verifySlackUserToken } from "@inkeep/agents-core";
 import { registerAuthzMeta } from "@inkeep/agents-core/middleware";
 import { createMiddleware } from "hono/factory";
 import { HTTPException } from "hono/http-exception";
@@ -13,10 +12,13 @@ const logger = getLogger("env-key-auth");
 * Authentication priority:
 * 1. Bypass secret (INKEEP_AGENTS_MANAGE_API_BYPASS_SECRET)
 * 2. Better-auth session token (from device authorization flow)
-* 3. Database API key
+* 3. Slack user JWT token (for Slack work app delegation)
 * 4. Internal service token
+*
+* NOTE: Database API keys are intentionally NOT accepted on manage endpoints.
+* API keys are restricted to the run domain only (chat, agent execution).
 */
-const manageApiKeyAuth = () => createMiddleware(async (c, next) => {
+const manageBearerAuth = () => createMiddleware(async (c, next) => {
 	const authHeader = c.req.header("Authorization");
 	if (!authHeader || !authHeader.startsWith("Bearer ")) throw new HTTPException(401, { message: "Missing or invalid authorization header. Expected: Bearer <api_key>" });
 	const token = authHeader.substring(7);
@@ -49,16 +51,7 @@ const manageApiKeyAuth = () => createMiddleware(async (c, next) => {
 			return;
 		}
 	} catch (error) {
-		logger.debug({ error }, "Better-auth session validation failed, trying API key");
-	}
-	const validatedKey = await validateAndGetApiKey(token, runDbClient_default);
-	if (validatedKey) {
-		logger.info({ keyId: validatedKey.id }, "API key authenticated successfully");
-		c.set("userId", `apikey:${validatedKey.id}`);
-		c.set("userEmail", `apikey-${validatedKey.id}@internal`);
-		c.set("tenantId", validatedKey.tenantId);
-		await next();
-		return;
+		logger.debug({ error }, "Better-auth session validation failed, trying other auth methods");
 	}
 	if (isSlackUserToken(token)) {
 		const result = await verifySlackUserToken(token);
@@ -94,24 +87,25 @@ const manageApiKeyAuth = () => createMiddleware(async (c, next) => {
 });
 /**
 * Middleware that gates a route with manage-domain authentication.
-* Uses Bearer token → API key auth, otherwise falls back to session auth.
+* Uses Bearer token → manage bearer auth (bypass secret, session, Slack JWT, internal service),
+* otherwise falls back to session auth.
 */
-const manageApiKeyOrSessionAuth = () => {
+const manageBearerOrSessionAuth = () => {
 	const mw = createMiddleware(async (c, next) => {
 		if (env.ENVIRONMENT === "test") {
 			await next();
 			return;
 		}
-		if (c.req.header("Authorization")?.startsWith("Bearer ")) return manageApiKeyAuth()(c, next);
+		if (c.req.header("Authorization")?.startsWith("Bearer ")) return manageBearerAuth()(c, next);
 		return sessionAuth()(c, next);
 	});
 	registerAuthzMeta(mw, {
 		resource: "organization",
 		permission: "member",
-		description: "Requires session cookie or API key authentication"
+		description: "Requires session cookie authentication"
 	});
 	return mw;
 };
 
 //#endregion
-export { manageApiKeyAuth, manageApiKeyOrSessionAuth };
+export { manageBearerAuth, manageBearerOrSessionAuth };

package/dist/middleware/projectConfig.d.ts

@@ -1,11 +1,11 @@
 import { BaseExecutionContext, ResolvedRef } from "@inkeep/agents-core";
-import * as hono1 from "hono";
+import * as hono3 from "hono";
 
 //#region src/middleware/projectConfig.d.ts
 /**
  * Middleware that fetches the full project definition from the Management API
  */
-declare const projectConfigMiddleware: hono1.MiddlewareHandler<{
+declare const projectConfigMiddleware: hono3.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
     resolvedRef: ResolvedRef;
@@ -15,7 +15,7 @@ declare const projectConfigMiddleware: hono1.MiddlewareHandler<{
  * Creates a middleware that applies project config fetching except for specified route patterns
  * @param skipRouteCheck - Function that returns true if the route should skip the middleware
  */
-declare const projectConfigMiddlewareExcept: (skipRouteCheck: (path: string) => boolean) => hono1.MiddlewareHandler<{
+declare const projectConfigMiddlewareExcept: (skipRouteCheck: (path: string) => boolean) => hono3.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
     resolvedRef: ResolvedRef;

package/dist/middleware/requirePermission.d.ts

@@ -1,5 +1,5 @@
 import { ManageAppVariables } from "../types/app.js";
-import * as hono3 from "hono";
+import * as hono5 from "hono";
 
 //#region src/middleware/requirePermission.d.ts
 type Permission = {
@@ -9,6 +9,6 @@ declare const requirePermission: <Env$1 extends {
   Variables: ManageAppVariables;
 } = {
   Variables: ManageAppVariables;
-}>(permissions: Permission) => hono3.MiddlewareHandler<Env$1, string, {}, Response>;
+}>(permissions: Permission) => hono5.MiddlewareHandler<Env$1, string, {}, Response>;
 //#endregion
 export { requirePermission };

package/dist/middleware/runAuth.d.ts

@@ -1,8 +1,8 @@
 import { BaseExecutionContext } from "@inkeep/agents-core";
-import * as hono7 from "hono";
+import * as hono6 from "hono";
 
 //#region src/middleware/runAuth.d.ts
-declare const runApiKeyAuth: () => hono7.MiddlewareHandler<{
+declare const runApiKeyAuth: () => hono6.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
   };
@@ -11,7 +11,7 @@ declare const runApiKeyAuth: () => hono7.MiddlewareHandler<{
  * Creates a middleware that applies API key authentication except for specified route patterns
  * @param skipRouteCheck - Function that returns true if the route should skip authentication
  */
-declare const runApiKeyAuthExcept: (skipRouteCheck: (path: string) => boolean) => hono7.MiddlewareHandler<{
+declare const runApiKeyAuthExcept: (skipRouteCheck: (path: string) => boolean) => hono6.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
   };
@@ -20,7 +20,7 @@ declare const runApiKeyAuthExcept: (skipRouteCheck: (path: string) => boolean) =
  * Helper middleware for endpoints that optionally support API key authentication
  * If no auth header is present, it continues without setting the executionContext
  */
-declare const runOptionalAuth: () => hono7.MiddlewareHandler<{
+declare const runOptionalAuth: () => hono6.MiddlewareHandler<{
   Variables: {
     executionContext?: BaseExecutionContext;
   };

package/dist/middleware/runAuth.js

@@ -40,6 +40,11 @@ function extractRequestData(c) {
 */
 function buildExecutionContext(authResult, reqData) {
 	const agentId = authResult.metadata?.teamDelegation && reqData.agentId ? reqData.agentId : authResult.agentId;
+	if (!authResult.metadata?.teamDelegation && reqData.agentId && reqData.agentId !== authResult.agentId && authResult.apiKeyId && !authResult.apiKeyId.startsWith("temp-") && authResult.apiKeyId !== "bypass" && authResult.apiKeyId !== "slack-user-token" && authResult.apiKeyId !== "team-agent-token" && authResult.apiKeyId !== "test-key") logger.warn({
+		requestedAgentId: reqData.agentId,
+		apiKeyAgentId: authResult.agentId,
+		apiKeyId: authResult.apiKeyId
+	}, "API key agent scope mismatch: ignoring x-inkeep-agent-id header, using key-bound agent");
 	return createBaseExecutionContext({
 		apiKey: authResult.apiKey,
 		tenantId: authResult.tenantId,

package/dist/middleware/sessionAuth.d.ts

@@ -1,4 +1,4 @@
-import * as hono10 from "hono";
+import * as hono11 from "hono";
 
 //#region src/middleware/sessionAuth.d.ts
 
@@ -7,11 +7,11 @@ import * as hono10 from "hono";
  * Requires that a user has already been authenticated via Better Auth session.
  * Used primarily for manage routes that require an active user session.
  */
-declare const sessionAuth: () => hono10.MiddlewareHandler<any, string, {}, Response>;
+declare const sessionAuth: () => hono11.MiddlewareHandler<any, string, {}, Response>;
 /**
  * Global session middleware - sets user and session in context for all routes
  * Used for all routes that require an active user session.
  */
-declare const sessionContext: () => hono10.MiddlewareHandler<any, string, {}, Response>;
+declare const sessionContext: () => hono11.MiddlewareHandler<any, string, {}, Response>;
 //#endregion
 export { sessionAuth, sessionContext };

package/dist/middleware/tenantAccess.d.ts

@@ -1,4 +1,4 @@
-import * as hono13 from "hono";
+import * as hono15 from "hono";
 
 //#region src/middleware/tenantAccess.d.ts
 
@@ -12,7 +12,7 @@ import * as hono13 from "hono";
  * - API key user: Access only to the tenant associated with the API key
  * - Session user: Access based on organization membership
  */
-declare const requireTenantAccess: () => hono13.MiddlewareHandler<{
+declare const requireTenantAccess: () => hono15.MiddlewareHandler<{
   Variables: {
     userId: string;
     tenantId: string;

package/dist/middleware/tracing.d.ts

@@ -1,7 +1,7 @@
-import * as hono14 from "hono";
+import * as hono13 from "hono";
 
 //#region src/middleware/tracing.d.ts
-declare const otelBaggageMiddleware: () => hono14.MiddlewareHandler<any, string, {}, Response>;
-declare const executionBaggageMiddleware: () => hono14.MiddlewareHandler<any, string, {}, Response>;
+declare const otelBaggageMiddleware: () => hono13.MiddlewareHandler<any, string, {}, Response>;
+declare const executionBaggageMiddleware: () => hono13.MiddlewareHandler<any, string, {}, Response>;
 //#endregion
 export { executionBaggageMiddleware, otelBaggageMiddleware };

package/dist/middleware/workAppsAuth.js

@@ -1,20 +1,20 @@
 import { env } from "../env.js";
 import { sessionAuth } from "./sessionAuth.js";
-import { manageApiKeyAuth } from "./manageAuth.js";
+import { manageBearerAuth } from "./manageAuth.js";
 import { createApiError } from "@inkeep/agents-core";
 
 //#region src/middleware/workAppsAuth.ts
 /**
 * Work Apps Authentication Middleware
 *
-* Shared session/API key auth for protected work app routes (Slack, GitHub, etc.).
+* Shared session/bearer token auth for protected work app routes (Slack, GitHub, etc.).
 * Most work app routes are unauthenticated (events, commands, webhooks),
 * but workspace management and user endpoints require session auth.
 *
 * Auth flow:
 * 1. Test environment → bypass
 * 2. Dev localhost → bypass with dev-user context
-* 3. Bearer token → manageApiKeyAuth
+* 3. Bearer token → manageBearerAuth (bypass secret, session, Slack JWT, internal service)
 * 4. Session cookie → sessionAuth
 */
 const isTestEnvironment = () => env.ENVIRONMENT === "test";
@@ -45,7 +45,7 @@ const workAppsAuth = async (c, next) => {
 			}
 		} catch {}
 	}
-	if (c.req.header("Authorization")?.startsWith("Bearer ")) return manageApiKeyAuth()(c, next);
+	if (c.req.header("Authorization")?.startsWith("Bearer ")) return manageBearerAuth()(c, next);
 	await sessionAuth()(c, async () => {
 		const session = c.get("session");
 		if (!session?.activeOrganizationId) throw createApiError({

package/dist/routes/capabilities.js

@@ -1,4 +1,4 @@
-import { manageApiKeyOrSessionAuth } from "../middleware/manageAuth.js";
+import { manageBearerOrSessionAuth } from "../middleware/manageAuth.js";
 import "../middleware/index.js";
 import { OpenAPIHono, z } from "@hono/zod-openapi";
 import { createProtectedRoute } from "@inkeep/agents-core/middleware";
@@ -16,7 +16,7 @@ capabilitiesHandler.openapi(createProtectedRoute({
 	operationId: "capabilities",
 	summary: "Get server capabilities",
 	description: "Get information about optional server-side capabilities and configuration.",
-	permission: manageApiKeyOrSessionAuth(),
+	permission: manageBearerOrSessionAuth(),
 	responses: { 200: {
 		description: "Server capabilities",
 		content: { "application/json": { schema: CapabilitiesResponseSchema } }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@inkeep/agents-api",
-  "version": "0.0.0-dev-20260302211942",
+  "version": "0.0.0-dev-20260302234522",
   "description": "Unified Inkeep Agents API - combines management, runtime, and evaluation capabilities",
   "types": "dist/index.d.ts",
   "exports": {
@@ -70,9 +70,9 @@
     "openid-client": "^6.8.1",
     "pg": "^8.16.3",
     "workflow": "^4.1.0-beta.54",
-    "@inkeep/agents-core": "^0.0.0-dev-20260302211942",
-    "@inkeep/agents-mcp": "^0.0.0-dev-20260302211942",
-    "@inkeep/agents-work-apps": "^0.0.0-dev-20260302211942"
+    "@inkeep/agents-core": "^0.0.0-dev-20260302234522",
+    "@inkeep/agents-mcp": "^0.0.0-dev-20260302234522",
+    "@inkeep/agents-work-apps": "^0.0.0-dev-20260302234522"
   },
   "peerDependencies": {
     "@hono/zod-openapi": "^1.1.5",