All docs
Docs
Core Concepts

Hidden session bindings

Hidden bindings let the application pass trusted context that prompts and users cannot override.

Overview

Use hidden bindings for tenant_id, principal, entitlements, region, or data residency values.

The runtime can use hidden values for filters and policies while keeping them out of model-visible context.

Hosted database-scoped keys also prevent branch switching from public SQL.

Developer notes

  • Never accept tenant_id directly from model output.
  • Require hidden tenant filters on SQL and search sources.
  • Log request ids but not sensitive hidden values.
  • Reject API requests that try to override database branch scope.