Protected Pilot Workspace
Tenant-isolated pilot evidence, durable audit trails, and buyer-ready proof packets.
SCRIMED protected pilot workspaces turn governed synthetic evaluations into durable enterprise evidence while identity, authorization, rate limits, human review, and product boundaries stay explicit.
Enterprise control plane
Protected mutations fail closed until production identity and storage are connected.
Protected pilot workspaces retain governed synthetic evaluation evidence only. They do not accept live PHI, execute clinical care, submit payer transactions, contact patients, or authorize autonomous diagnosis or treatment.
Activation workflow
Tenant-admins can move from invitation to buyer-ready lifecycle proof.
The flow is authenticated, AAL2-governed, rate-limited, and synthetic-only. It supports enterprise diligence without creating users, sending email, ingesting PHI, or authorizing clinical execution.
Record activation governance pack
Tenant-admin. Selected governance workflow pack is committed to the append-only Agent Workspace governance ledger with retention horizon, approvals, release gates, and blocked claims.
Metadata-only activation seed; no PHI, no live connector execution, and no compliance certification claim.Create controlled invitation record
Tenant-admin. Metadata-only invitation with proposed role, expiration, and governance note.
No user creation, no PHI, and no email send.Download audited onboarding packet
Tenant-admin. Markdown onboarding packet with recipient, role, workspace, access route, and delivery evidence.
Packet supports manual enterprise delivery only.Prepare external delivery
Tenant-admin. Lifecycle event records delivery preparation, delivery note, attempt count, and direct-send status.
SMTP direct send remains gated until custom sender controls are approved.Activate enrolled user
Tenant-admin + Identity provider. Activation succeeds only after the invited email has completed SCRIMED pilot authentication enrollment.
No activation for unknown identities and no bypass of AAL2 governance.Download activation proof packet
Tenant-admin. Audited packet summarizes invitations, onboarding packets, delivery readiness, memberships, reviews, and lifecycle evidence.
Diligence artifact only; no production clinical or payer authorization.Infrastructure
Selected production controls and their current activation state.
Supabase Auth
Server-side bearer-token verification uses the provider user record; user-editable metadata is never used for authorization.
Supabase Postgres
Synthetic sessions and audit events persist in tenant-scoped tables; no service-role key is used by runtime APIs.
Postgres row-level security
Every workspace, session, and audit query is constrained by authenticated membership policies.
Upstash Redis
A bounded in-process limiter is retained for temporary distributed-provider outages.
Protected API contracts
Tenant membership and row-level security constrain every durable workspace operation.
/api/pilot-workspaces
Bearer token + tenant membership
List only the pilot workspaces visible to the authenticated tenant member./api/pilot-workspaces/{workspaceSlug}/sessions
Bearer token + workspace membership
List durable synthetic demo sessions through tenant-isolated row-level security./api/pilot-workspaces/{workspaceSlug}/sessions
AAL2 bearer token + authorized role + server-held runtime authorization + rate limit
Run and durably retain a governed synthetic AgentOS evaluation with an append-only audit event./api/pilot-workspaces/{workspaceSlug}/audit
Bearer token + workspace membership
Inspect the tenant-isolated append-only audit trail for workspace evidence activity./api/pilot-workspaces/{workspaceSlug}/demo-readiness
GET: AAL2 bearer token + workspace membership. POST: AAL2 bearer token + tenant-admin or pilot-lead role + server-held runtime authorization + rate limit
Inspect or persist buyer-demo readiness snapshots from durable synthetic sessions, audit events, proof-packet evidence, and tenant-session verification./api/pilot-workspaces/{workspaceSlug}/demo-readiness/{snapshotId}/packet
AAL2 bearer token + authorized tenant role + server-held runtime authorization + rate limit + append-only packet-download audit
Download an audited Markdown Demo Readiness Packet for a retained synthetic buyer-demo readiness snapshot./api/pilot-workspaces/{workspaceSlug}/buyer-room
AAL2 bearer token + workspace membership
Inspect a tenant-scoped Buyer Pilot Room that bundles synthetic evidence counts, readiness state, competitive edge, premium commercial path, known limitations, and workarounds./api/pilot-workspaces/{workspaceSlug}/command-intelligence
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin or pilot-lead role + fixed human-review attestation + server-held runtime authorization + rate limit
Inspect the protected SCRIMED Command Intelligence Hub or persist an AAL2 human-reviewed command snapshot that unifies Agent Commander posture, buyer-room readiness, Trust Engine outputs, continuous evaluation gates, MCP/tool-access plans, observability, safe-mode boundaries, limitations, and next actions./api/pilot-workspaces/{workspaceSlug}/command-intelligence/{snapshotId}/packet
AAL2 bearer token + authorized tenant role + server-held runtime authorization + rate limit + append-only packet-download audit
Download an audited Markdown Command Intelligence Packet for a retained synthetic command-posture snapshot./api/pilot-workspaces/{workspaceSlug}/buyer-room/packet
AAL2 bearer token + authorized tenant role + server-held runtime authorization + rate limit + append-only packet-download audit
Download an audited Markdown Buyer Diligence Export that bundles readiness, QA evidence, pricing posture, competitive edge, legal/privacy/security/safety boundaries, and production hard gates./api/pilot-workspaces/{workspaceSlug}/qa-evidence/manual-run-packets
GET: AAL2 bearer token + workspace membership. POST: AAL2 bearer token + tenant-admin or pilot-lead role + server-held runtime authorization + rate limit
Inspect or persist no-secret manual Sales Demo Session QA evidence packets so human-run AAL2 proof appears in tenant-scoped Buyer Pilot Room diligence./api/pilot-workspaces/{workspaceSlug}/tenant-access
AAL2 bearer token + tenant-admin role + server-held runtime authorization + rate limit
Inspect memberships, record governed invitations, activate existing auth users, offboard/reactivate access, attest access reviews, maintain SSO-readiness metadata, and prepare audited manual delivery without email delivery or user creation./api/pilot-workspaces/{workspaceSlug}/tenant-access/invitations/{invitationId}/onboarding-packet
AAL2 bearer token + tenant-admin role + server-held runtime authorization + rate limit
Download an audited protected-pilot onboarding packet for manual external delivery while SMTP send remains gated./api/pilot-workspaces/{workspaceSlug}/tenant-access/activation-proof-packet
AAL2 bearer token + tenant-admin role + server-held runtime authorization + rate limit
Download an audited activation proof packet summarizing protected-pilot invitations, onboarding packets, delivery readiness, membership state, identity posture, and lifecycle evidence./api/pilot-workspaces/{workspaceSlug}/activation-governance
GET: bearer token + workspace membership. POST: AAL2 bearer token + authorized tenant role + server-held runtime authorization + rate limit
Inspect or record the selected governance workflow pack as the first activation ledger seed for retention, legal-review, incident-export, and proof controls./api/pilot-workspaces/{workspaceSlug}/sessions/{sessionId}/proof-packet
AAL2 bearer token + authorized tenant role + server-held runtime authorization + rate limit
Download a buyer-ready Markdown proof packet generated from tenant-isolated session evidence./api/pilot-workspaces/{workspaceSlug}/enterprise-proof-packet
AAL2 bearer token + tenant-admin or pilot-lead role + server-held runtime authorization + rate limit + append-only packet-download audit
Download an aggregate Markdown enterprise proof packet spanning sessions, audit events, TrustOS decisions, Agent Workspace work orders, TrustOps incidents, tenant access posture, and governance ledger evidence./api/pilot-workspaces/{workspaceSlug}/clinical-activation-approvals
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin, pilot-lead, or reviewer role + fixed no-PHI attestation + server-held runtime authorization + rate limit
Inspect or append no-PHI clinical activation readiness attestations for regulatory, clinical governance, privacy/security, interoperability, legal/commercial, and go-live domains while live care remains blocked./api/pilot-workspaces/{workspaceSlug}/operator-metrics
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin, pilot-lead, or reviewer role + fixed no-PHI finance-readiness attestation + rate limit
Inspect or append tenant-scoped no-PHI Public Market Readiness operator metrics for model cost, review time, delivery hours, proof-packet count, workflow volume, and unit-economics discipline without storing audited financials, securities material, PHI, patient identifiers, payer member data, source contracts, secrets, or clinical validation./api/pilot-workspaces/{workspaceSlug}/metric-rollups
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin, pilot-lead, or reviewer role + fixed finance-reviewed no-PHI rollup attestation + rate limit
Inspect or create protected no-PHI metric rollup snapshots that aggregate operator metrics into internal board operating evidence without becoming audited financial reporting, securities offering material, valuation assurance, clinical validation, reimbursement assurance, or live care authority./api/pilot-workspaces/{workspaceSlug}/metric-rollups/{snapshotId}/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited internal board metric packet from a persisted no-PHI rollup snapshot after committing the packet release event./api/pilot-workspaces/{workspaceSlug}/metric-trends
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin, pilot-lead, or reviewer role + fixed finance-reviewed no-PHI trend attestation + rate limit
Inspect or create protected no-PHI metric trend reviews that compare rollup snapshots for monthly variance review, reach expansion planning, competitive advantage tracking, and agent improvement loops without becoming audited financial reporting, securities offering material, clinical validation, reimbursement assurance, or live care authority./api/pilot-workspaces/{workspaceSlug}/metric-trends/{reviewId}/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited internal board trend packet from a persisted no-PHI trend review after committing the packet release event./api/pilot-workspaces/{workspaceSlug}/board-scorecards
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin, pilot-lead, or reviewer role + fixed finance-methodology-pending no-PHI scorecard attestation + rate limit
Inspect or create protected no-PHI rolling-quarter board scorecards that convert trend reviews into finance-allocation readiness, buyer-segment cohort signals, competitive advantage tracking, and agent improvement priorities without becoming audited financial reporting, securities offering material, valuation assurance, clinical validation, reimbursement assurance, or live care authority./api/pilot-workspaces/{workspaceSlug}/board-scorecards/{scorecardId}/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited internal board scorecard packet from a persisted no-PHI scorecard after committing the packet release event./api/pilot-workspaces/{workspaceSlug}/finance-methodology
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin, pilot-lead, or reviewer role + fixed no-PHI finance external-use attestation + rate limit
Inspect or record protected no-PHI finance methodology and external-use gate attestations for cost allocation, counsel review, executive release, privacy/security, clinical-governance boundary, marketing claims, and buyer permission without becoming audited financial reporting, securities offering material, advertising substantiation, reimbursement assurance, clinical validation, or live care authority./api/pilot-workspaces/{workspaceSlug}/finance-methodology/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited protected finance methodology gate packet after committing the packet release event while retaining all external-use approval blockers./api/pilot-workspaces/{workspaceSlug}/external-approval-evidence
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin, pilot-lead, or reviewer role + fixed no-PHI external approval evidence metadata attestation + rate limit
Inspect or record bounded no-PHI metadata references to externally retained approval artifacts for finance, counsel, executive, privacy/security, clinical-governance, marketing-claims, and buyer-permission review without storing sensitive documents or creating legal, finance, security, clinical, customer, advertising, reimbursement, compliance, production, or release authority./api/pilot-workspaces/{workspaceSlug}/external-approval-evidence/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited protected external approval evidence linkage packet after committing the packet release event while retaining no-PHI metadata-only storage and all qualified external release blockers./api/pilot-workspaces/{workspaceSlug}/release-decisions
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin, pilot-lead, or reviewer role + fixed no-PHI claim registry attestation + rate limit
Inspect or record bounded no-PHI versioned claim registry release decisions that require external approval evidence references before a claim can become ready for qualified release review. This does not approve public distribution, legal claims, advertising substantiation, securities claims, customer references, clinical validation, production authorization, or live clinical execution./api/pilot-workspaces/{workspaceSlug}/release-decisions/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited protected release decision claim registry packet after committing the packet release event while retaining all public-release, legal, finance, advertising, customer, compliance, production, and clinical execution blockers./api/pilot-workspaces/{workspaceSlug}/reviewer-signoffs
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin, pilot-lead, or reviewer role + fixed no-PHI named reviewer sign-off metadata attestation + rate limit
Inspect or record bounded no-PHI metadata references to externally retained named reviewer sign-offs for finance, counsel, executive, privacy/security, clinical-governance, marketing-claims, and buyer-permission roles. This can prepare controlled distribution review, but does not create public-release, legal, finance, advertising, customer, compliance, production, or clinical execution authority./api/pilot-workspaces/{workspaceSlug}/reviewer-signoffs/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited protected named reviewer sign-off packet after committing the packet release event while retaining metadata-only storage and all public-release, external distribution, legal, finance, customer, compliance, production, and clinical execution blockers./api/pilot-workspaces/{workspaceSlug}/distribution-lockbox
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin, pilot-lead, or reviewer role + fixed no-PHI disabled distribution lockbox attestation + rate limit
Inspect or record bounded no-PHI disabled-by-default distribution lockbox metadata linked to externally retained named reviewer sign-offs, customer permission references, counsel review references, and artifact manifest locators. This does not enable public release, external distribution, legal claims, advertising substantiation, customer proof, compliance certification, production authorization, or clinical execution./api/pilot-workspaces/{workspaceSlug}/distribution-lockbox/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited protected distribution lockbox packet after committing the packet release event while preserving disabled distribution, metadata-only storage, and all public-release, external distribution, legal, finance, customer, compliance, production, and clinical execution blockers./api/pilot-workspaces/{workspaceSlug}/release-authority-attestations
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin, pilot-lead, or reviewer role + fixed no-PHI release authority metadata attestation + rate limit
Inspect or record bounded no-PHI metadata references to externally retained release authority across counsel, customer permission, executive, privacy/security, finance, clinical governance, and marketing claims owners. This does not enable public release, external distribution, legal approval, finance reporting, customer proof, advertising substantiation, compliance certification, production authorization, or clinical execution./api/pilot-workspaces/{workspaceSlug}/release-authority-attestations/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited protected release authority attestation packet after committing the packet release event while preserving release-disabled posture, metadata-only storage, and all public-release, external distribution, legal, finance, customer, compliance, production, reimbursement, and clinical execution blockers./api/pilot-workspaces/{workspaceSlug}/evidence-room-recipient-attestations
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin, pilot-lead, or reviewer role + fixed no-PHI recipient attestation metadata + rate limit
Inspect or record bounded no-PHI metadata for intended evidence-room recipient segments, access windows, packet references, and revocation posture linked to completed release authority attestations. This does not store exact recipient lists, emails, access grants, legal approvals, customer permission artifacts, public release approval, external distribution approval, compliance certification, production authorization, or clinical execution authority./api/pilot-workspaces/{workspaceSlug}/evidence-room-recipient-attestations/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited protected evidence-room recipient attestation packet after committing the packet release event while preserving export-disabled posture, recipient-metadata-only storage, and all public-release, external distribution, legal, finance, customer, compliance, production, reimbursement, and clinical execution blockers./api/pilot-workspaces/{workspaceSlug}/evidence-room-access-log-reconciliation
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin, pilot-lead, or reviewer role + fixed no-PHI access-log reconciliation metadata + rate limit
Inspect or record bounded no-PHI metadata for externally retained evidence-room access-log references, reconciliation windows, event-count summaries, anomaly posture, and revocation review linked to completed recipient attestations. This does not store raw logs, recipient identifiers, IP addresses, device identifiers, access grants, legal approvals, customer permission artifacts, public release approval, external distribution approval, compliance certification, production authorization, or clinical execution authority./api/pilot-workspaces/{workspaceSlug}/evidence-room-access-log-reconciliation/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited protected evidence-room access-log reconciliation packet after committing the packet release event while preserving export-disabled posture, access-log-metadata-only storage, and all public-release, external distribution, legal, finance, customer, compliance, production, reimbursement, and clinical execution blockers./api/pilot-workspaces/{workspaceSlug}/evidence-room-provider-adapters
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + tenant-admin, pilot-lead, or reviewer role + fixed no-PHI provider adapter contract metadata + rate limit
Inspect or record bounded no-PHI metadata for externally retained evidence-room provider contracts, adapter design references, and audit-log import stubs linked to completed access-log reconciliation. This does not store provider credentials, URLs, access tokens, raw logs, recipient identifiers, signed legal artifacts, customer permission artifacts, public release approval, external distribution approval, live integration approval, compliance certification, production authorization, or clinical execution authority./api/pilot-workspaces/{workspaceSlug}/evidence-room-provider-adapters/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited protected evidence-room provider adapter packet after committing the packet release event while preserving integration-disabled posture, provider-adapter-metadata-only storage, and all public-release, external distribution, legal, finance, customer, compliance, production, reimbursement, live integration, and clinical execution blockers./api/pilot-workspaces/{workspaceSlug}/clinical-activation-approvals/packet
AAL2 bearer token + authorized tenant role + server-held runtime authorization + rate limit + append-only packet-download audit
Download an audited Markdown Clinical Activation Approval Workflow packet summarizing signed no-PHI readiness attestations, retained blockers, safe workarounds, and unavailable sections./api/pilot-workspaces/{workspaceSlug}/clinical-authority-evidence-room
AAL2 bearer token + workspace membership + rate limit
Inspect a protected no-PHI Clinical Authority Evidence Room that unifies live-care, PHI, legal, regional, reimbursement, security, connector, and production authority gates from existing protected workspace evidence without granting approval./api/pilot-workspaces/{workspaceSlug}/clinical-authority-evidence-room/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited Markdown Clinical Authority Evidence Room packet with reviewer owners, evidence links, expiration posture, retained gates, audit history, and explicit no-PHI/no-live-care authority boundaries./api/pilot-workspaces/{workspaceSlug}/clinical-authority-owner-matrix
AAL2 bearer token + workspace membership + rate limit
Inspect a protected no-PHI Clinical Authority Owner Matrix that maps every live-care, PHI, legal, regional, reimbursement, security, connector, and production hard gate to customer, SCRIMED, and qualified external approver roles without granting authority./api/pilot-workspaces/{workspaceSlug}/clinical-authority-owner-matrix/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited Markdown Clinical Authority Owner Matrix packet with required approver roles, metadata-only owner labels, retained gates, external artifact policies, and no-PHI/no-live-care authority boundaries./api/pilot-workspaces/{workspaceSlug}/clinical-authority-artifact-intake
AAL2 bearer token + workspace membership + rate limit
Inspect a protected no-PHI Clinical Authority Artifact Intake Checklist that maps owner assignments to required external systems of record, qualified reviewer roles, validation timestamps, expiration cadences, prohibited content, and acceptance criteria without storing artifacts or granting authority./api/pilot-workspaces/{workspaceSlug}/clinical-authority-artifact-intake/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited Markdown Clinical Authority Artifact Intake Checklist packet with external artifact reference requirements, metadata-only system-of-record policies, prohibited-content rules, retained gates, and no-PHI/no-live-care authority boundaries./api/pilot-workspaces/{workspaceSlug}/authority-artifact-references
GET: AAL2 bearer token + workspace membership + rate limit. POST: AAL2 bearer token + authorized tenant role + guarded RPC + rate limit
Inspect or record protected metadata-only external authority artifact references with reviewer labels, validation timestamps, expiration dates, renewal alerts, and status flags without storing artifacts, PHI, URLs, credentials, signed approvals, or granting authority./api/pilot-workspaces/{workspaceSlug}/authority-artifact-references/packet
AAL2 bearer token + authorized tenant role + rate limit + append-only packet-download audit
Download an audited Markdown Authority Artifact Reference packet with no-PHI metadata status, renewal queue, retained blockers, storage restrictions, and explicit no-live-care/no-production authority boundaries./api/pilot-workspaces/{workspaceSlug}/trust-safety-incidents
GET: AAL2 bearer token + workspace membership. POST: AAL2 bearer token + tenant-admin or pilot-lead role + server-held runtime authorization + rate limit
Inspect or create tenant-scoped TrustOps incident evidence for synthetic-pilot and enterprise-readiness review./api/pilot-workspaces/{workspaceSlug}/trust-safety-incidents/{incidentId}
GET: AAL2 bearer token + workspace membership. PATCH: AAL2 bearer token + tenant-admin or pilot-lead role + server-held runtime authorization + rate limit
Inspect or update TrustOps incident status, legal-hold posture, notification review posture, containment, remediation, and post-incident review evidence./api/pilot-workspaces/{workspaceSlug}/trust-safety-incidents/{incidentId}/review-packet
AAL2 bearer token + authorized tenant role + server-held runtime authorization + append-only packet-download audit
Download an audited TrustOps review packet after recording the packet release event./api/pilot-workspaces/{workspaceSlug}/trustos-decisions
AAL2 bearer token + authorized tenant role + server-held runtime authorization for writes + rate limit
Inspect or commit metadata-only TrustOS decisions to the tenant-isolated append-only governance ledger./api/pilot-workspaces/{workspaceSlug}/trustos-decisions/{decisionId}/reviews
AAL2 bearer token + authorized tenant role + server-held runtime authorization for writes + rate limit
Inspect or commit human reviewer dispositions, overrides, and controlled workflow outcome signals./api/pilot-workspaces/{workspaceSlug}/trustos-decisions/{decisionId}/governance-packet
AAL2 bearer token + authorized tenant role + server-held runtime authorization + rate limit
Download an audited governance packet containing decision, control, trace, evidence, and human-review proof./api/agent-workspaces/{workspaceSlug}/work-orders
GET: bearer token + tenant membership. POST: AAL2 bearer token + authorized tenant role + rate limit
List, filter, summarize, or create persistent Agent Workspace work orders backed by tenant-scoped RLS tables and append-only events./api/agent-workspaces/{workspaceSlug}/work-orders/{workOrderId}
GET: bearer token + tenant membership. PATCH: AAL2 bearer token + authorized tenant role + rate limit
Inspect, transition, retry, review, block, or close a persistent Agent Workspace work order./api/agent-workspaces/{workspaceSlug}/work-orders/{workOrderId}/proof-packet
AAL2 bearer token + authorized tenant role + rate limit + append-only download audit
Download an audited Markdown proof packet for a tenant-isolated synthetic Agent Workspace work order.Role controls
Tenant roles grant the minimum pilot capability required.
tenant-admin
- Review tenant identity configuration
- View all tenant pilot workspaces
- Create and transition persistent agent work orders
- Record TrustOps incident evidence
- Commit TrustOS decisions
- Record governed reviewer dispositions
- Record no-PHI clinical activation readiness attestations
- Record no-PHI Public Market Readiness operator metrics
- Download proof and governance packets
- Cannot enable live clinical execution
- Cannot alter append-only audit events
- Cannot create legal, breach, or compliance certification determinations
pilot-lead
- Run synthetic evaluations
- Create and transition persistent agent work orders
- Record TrustOps incident evidence
- Commit TrustOS decisions
- Record governed reviewer dispositions
- Record no-PHI clinical activation readiness attestations
- Record no-PHI Public Market Readiness operator metrics
- View workspace sessions
- Download proof and governance packets
- Cannot manage tenant identity
- Cannot alter append-only audit events
- Cannot create legal, breach, or compliance certification determinations
reviewer
- View workspace sessions
- Review Trust Cards, work orders, and TrustOps incidents
- Record governed reviewer dispositions and outcome signals
- Record no-PHI clinical activation readiness attestations
- Record no-PHI Public Market Readiness operator metrics
- Download proof and governance packets
- Cannot create sessions or new work orders
- Cannot manage tenant identity
- Cannot mutate TrustOps incident records
observer
- View approved workspace evidence
- Cannot create sessions
- Cannot download restricted evidence
- Cannot manage identity
Activation gates