Authentication Flow

Purpose and Scope

This document describes the authentication and authorization mechanisms in the Automatos AI platform, covering how incoming HTTP requests are validated, how user identity and workspace context are established, and how this information flows through the system. For information about workspace isolation and multi-tenancy data filtering, see Data Isolation. For credential management and storage, see Credentials Management.

Authentication Architecture Overview

The Automatos AI platform implements a hybrid authentication system that supports two authentication methods:

1. Clerk JWT tokens - For user sessions via the web frontend

2. API keys - For programmatic access and service-to-service communication

All authenticated endpoints receive a RequestContext object containing the validated user identity, workspace ID, and authorization metadata. This context flows through the entire request lifecycle, ensuring workspace isolation and proper access control.

Sources: orchestrator/main.py:1-50, Diagram 7: Multi-Tenancy and Security Architecture

Authentication Methods

Clerk JWT Authentication

The primary authentication method for web users is Clerk JWT validation. The backend validates JWT tokens against Clerk's JWKS endpoint to verify authenticity.

Key characteristics:

• Tokens provided in Authorization: Bearer <token> header

• Validated against Clerk JWKS (JSON Web Key Set)

• Workspace ID extracted from JWT claims or resolved via org_id

• Session-based authentication for interactive users

Configuration:

• Backend requires CLERK_SECRET_KEY and optionally CLERK_JWKS_URL for JWT validation

• Frontend requires NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY for Clerk SDK initialization

• Optional CLERK_AUDIENCE for JWT audience validation

• JWT validation happens on every request via get_request_context_hybrid dependency

Sources: orchestrator/config.py:169-175

API Key Authentication

For programmatic access (scripts, integrations, automation), the platform supports API key authentication:

Key characteristics:

• Provided in X-API-Key header

• Matched against ORCHESTRATOR_API_KEY (with fallbacks to AUTOMATOS_API_KEY or API_KEY)

• Grants admin-level access across all workspaces

• Bypasses Clerk JWT validation entirely

Configuration:

The configuration uses a fallback chain: ORCHESTRATOR_API_KEY → AUTOMATOS_API_KEY → API_KEY, allowing flexibility in naming conventions.

Sources: orchestrator/config.py:84-88

Hybrid Authentication System

Request Authentication Flow

Sources: orchestrator/main.py:560-688, Diagram 2: Request Processing Pipeline

RequestContext Structure

The RequestContext object is the central data structure for authentication and authorization throughout the platform:

Key properties:

Sources: orchestrator/main.py:17, orchestrator/core/auth/hybrid.py (imported but not provided in context)

Workspace Resolution

Workspace ID Injection

The workspace context is established through a two-step process:

1. Frontend injection: The X-Workspace-ID header is injected by the frontend

2. Backend validation: The backend validates the user has access to the workspace

Special case: Bootstrap mode

For new installations with ≤2 active workspaces, the first user is automatically promoted to admin with cross-workspace access. This enables initial setup without manual admin assignment.

Single-Tenant Mode:

The platform supports a single-tenant deployment mode with a default tenant UUID:

This simplifies deployment for organizations that don't require multi-tenancy.

Sources: frontend/lib/api-client.ts:854-862, orchestrator/config.py:19-22, Diagram 8: Multi-Tenancy & Security Model

Admin Workspace Override

Administrators can view platform-wide analytics and data across all workspaces using a special __all__ sentinel value in the X-Workspace-ID header.

Override Mechanism

Implementation details:

• Frontend: _adminWorkspaceOverride module-level variable in api-client.ts frontend/lib/api-client.ts:83-91

• Backend: Checks admin_all_workspaces flag in RequestContext to skip workspace filters

• Security: Only users with system_role='admin' or bootstrap bypass can use this feature

• Cache invalidation: React Query cache is invalidated when override changes to prevent stale data

Sources: frontend/lib/api-client.ts:83-91, 854-862, Diagram 7: Multi-Tenancy and Security Architecture

Frontend Authentication Integration

API Client Configuration

The frontend ApiClient class in api-client.ts handles authentication injection for all API requests.

Clerk Token Injection Flow:

Key implementation details:

• Token getter: Set via setClerkTokenGetter() from a component with useAuth() access frontend/lib/api-client.ts:160-163

• Timeout protection: 2-second timeout prevents hanging if Clerk is slow frontend/lib/api-client.ts:832-835

• Workspace injection: Always includes X-Workspace-ID header for multi-tenancy frontend/lib/api-client.ts:854-862

• Error handling: 401 responses throw descriptive errors prompting sign-in frontend/lib/api-client.ts:896-902

Sources: frontend/lib/api-client.ts:93-154, 819-909

Middleware Stack

The authentication flow is part of a larger middleware stack that processes every request:

Middleware responsibilities:

Implementation details:

• CORS origins parsing: Splits comma-separated origins and strips whitespace orchestrator/main.py:557-558

• Real IP extraction: Uses X-Forwarded-For header when behind reverse proxy orchestrator/main.py:587-592

• Request ID context: Uses contextvars for thread-safe request ID tracking orchestrator/main.py:632-641

• Stats capping: Limits stats dictionary growth to prevent memory exhaustion orchestrator/main.py:670-673

Sources: orchestrator/main.py:560-688, orchestrator/config.py:98-99, Diagram 2: Request Processing Pipeline

Configuration Reference

Environment Variables

Authentication behavior is controlled by these configuration settings:

Development mode:

For local development without Clerk setup, set REQUIRE_AUTH=false to bypass authentication:

This creates anonymous RequestContext objects with auth_type=None. Never use in production.

Production security:

The configuration enforces SSL for database connections in production (non-local hosts):

This ensures secure connections to remote databases (PRD-70 FIX-05).

Sources: orchestrator/config.py:84-88, 169-175, 47-58, orchestrator/.env.example:33-35

Security Considerations

Authentication Security

1. JWT Validation: All Clerk JWTs are validated against public JWKS on every request - no local storage of tokens

2. API Key Security: API keys grant full admin access - rotate regularly and store securely

3. Rate Limiting: 60 requests/minute per IP prevents brute force attacks

4. Security Headers: OWASP-recommended headers protect against XSS, clickjacking, and MIME sniffing

Workspace Isolation

1. Workspace ID filtering: All database queries include WHERE workspace_id = :workspace_id clause

2. Access validation: Backend validates user membership in requested workspace

3. Admin override logging: All admin cross-workspace queries are logged in routing_decisions table

4. Bootstrap bypass: Limited to deployments with ≤2 workspaces (pilot mode)

Sources: Diagram 7: Multi-Tenancy and Security Architecture, orchestrator/main.py:464-474

Error Handling

Authentication Failures

Frontend error handling:

The ApiClient class throws errors with descriptive messages for authentication failures:

Sources: frontend/lib/api-client.ts:896-902, orchestrator/main.py:449-461

Code Entity Reference

Key Functions and Classes

Sources: orchestrator/main.py:18, orchestrator/config.py:66-79, frontend/lib/api-client.ts:83-163, 819-909