M55.2Released May 15, 2026

Identity + operator visibility

Operator profile in the sidebar, workspace switcher, identity / memberships / security / privacy sections on /settings/account.

UX Security

Highlights

Workspace switcher at the top of the dashboard sidebar with HttpOnly-cookie-persisted selection and full server-side membership validation.
Operator profile in the sidebar footer: user badge, role pill, plan pill, copyable user ID, and dropdown menu.
/settings/account redesigned with Identity, Memberships, Security, and Privacy sections plus a Recent operator activity widget.
Audit log table polished with UserBadge + RolePill components.

Why this matters

Before this sprint, operators couldn't see who they were logged in as, which workspace they were operating in, or who performed which action. M55.2 makes identity visible everywhere without exposing fingerprintable data.

Workspace switcher

POST /api/workspaces/active validates membership server-side, sets a HttpOnly + SameSite=Lax cookie, and returns 200. Single-workspace operators see a read-only badge with no dropdown. Multi-workspace operators get a searchable dropdown with create-workspace and manage-members shortcuts.

Same-shape 400 for malformed UUIDs and non-member workspace IDs — no membership enumeration.
Membership allow-list re-fetched on every server render; a revoked member cannot reuse a stale cookie.
router.refresh() on successful switch propagates the new active workspace to every server component on the current page.

Account identity surfaces

User ID, auth provider, account-created, and last-update timestamps surface honestly. Security section shows password status, Google Sign-In as 'not linked — ships later' (no false-positive), and active API-key count. Privacy section lists the operator-trust model explicitly: no fingerprinting, workspace-scoped identity, hashed keys, operator-controlled Claude workflows.

Recent operator activity

Last 10 admin_audit_logs entries on /settings/account with re-sanitised metadata (defence-in-depth on top of M51 write-time sanitisation). 'You' highlight on the viewer's own rows; metadata-field count only — never raw values.

Core v1.8.1 — MCP server, workspaces, billing, and operator visibility

The rollup release: a real MCP HTTP server, workspace-scoped multi-tenancy, Stripe-backed billing, full onboarding, and the new operator identity surfaces.

Real MCP HTTP server at /api/agent/mcp with workspace-scoped Bearer auth and ten read-only tools.
Workspace switcher + operator profile in the dashboard sidebar; copyable user IDs on /settings/account.
Stripe billing with three plans (Pro / Agency / Business), signature-verified webhooks, and a customer portal.
+ 3 more — see the release page

Read release notes →

M55.1May 15, 2026

MCPUX

Production-grade /settings/mcp UX

Endpoint-visibility row, three-step quick-start wizard, server-status panel, recent-activity widget, and an in-page verify-connection tester on /settings/mcp.

Endpoint-visibility row at the top of /settings/mcp with a one-tap copy button on the full MCP URL.
Three-step Quick Start wizard: generate API key → add to Claude → verify. Step 1 ticks green when the workspace already has an active key.
Server-status panel — operational / degraded / unconfigured pill, recent success-rate %, last-checked timestamp. Honest 'n/a' when there are no events; no fabricated uptime.
+ 2 more — see the release page

Read release notes →