MiraBridge Enterprise gives teams visibility, approval control, and provider routing without giving up the same Gateway every other surface runs on.
Team controls
- Admin console โ manage seats, billing, and team-wide settings from a single dashboard.
- Role-based access โ
USERandADMINroles separate billing and admin actions from day-to-day usage. - Team usage tracking โ per-team request counts and token-budget consumption are tracked at the Gateway.
- Explicit workspace and session boundaries โ a tool call can't escape the workspace it was assigned to.
Security posture
These are the controls MiraBridge actually runs today, mapped to code in the Gateway:
- Argon2 password hashing โ per-user salts, no plaintext anywhere in the system.
- AES-256-GCM application-level encryption โ for tokens and sensitive workspace metadata.
- JWT rotation with JTI revocation โ access and refresh tokens with revocation tracked by JTI.
- Approval-first tool execution โ file writes, terminal commands, and risky tool calls go through an explicit human-approval gate (single, batch, or auto-approve modes are all explicit).
BYOK provider routing
Bring your own API keys for Anthropic, OpenAI, and Google. Team and workspace usage flows through the same Gateway for routing, circuit breaking, and cost-aware model selection โ no shared pool, no hardcoded model versions in your integration.
Audit-friendly workflow
Every agent action leaves a trail:
- Tool execution timelines with per-call decisions
- Approval history per session
- Session boundaries and ownership
- Workflow markers (
[MIRA_BRAINSTORM],[MIRA_TDD],[MIRA_VERIFICATION]) you can gate and audit later
Compliance
- GDPR โ data export, deletion, and consent management through the dedicated GDPR module.
Next Steps
- Security Overview โ security architecture
- Data Privacy โ GDPR and data handling