Platform

One Agent Runtime.
Every User. Every App.

UGENT resolves every external person to a canonical actor with isolated memory, per-user model selection, and federated identity. Deploy once, serve every team and application.

How It Works Build Plugins

Per-User

Identity + Memory

Federated

Cross-App Sharing

RBAC

Granular Access

Identity

Every User Is a Canonical Actor

Identity resolution happens before the first token. Each external person is mapped to a stable identity that persists across conversations and is resolved instantly for every turn.

Actor Resolution

Default actor ID: {channel}:{user_id}. Explicit identity_links collapse multiple provider keys (Telegram + Slack + Web) onto one actor. Local TUI turns resolve to the owner actor.

Federated Identity

When external apps pass federation claims, UGENT derives a canonical identity and auto-links the provider key. The same person across CRM, portal, and helpdesk shares one memory scope.

Persistent + Fast

Identities are durably persisted and resolved instantly with an in-memory cache for the hot path. The storage layer is database-agnostic and can be swapped for Postgres in enterprise deployments with no call-site changes.

Conflict Detection

Validation rejects partial, empty, and reserved claims. If a provider key is already linked to a different actor, the system fails closed. Conversation namespacing prevents ID collisions when multiple apps share one endpoint.

Per-User

Each User Gets Their Own Agent

Model, memory, and conversation history are isolated per actor. One user's choices never affect another's.

Model Selection

Each user picks their own LLM model without changing shared config. Preferences persist per user and follow them across conversations. Operators control which models each user may choose from.

Memory Isolation

Memory recalls from layered scopes: the user first, then the workspace, then global knowledge. Writes go only to the user scope. Background extraction pulls durable facts after each turn without blocking the response.

Scale Safety

Per-actor pruning caps each user's record count to a configurable cap on a fixed interval. Owner and workspace scopes are never pruned. Memory compaction targets workspace + global only, so per-user memory is bounded by cheap pruning, not per-user LLM calls.

How model + memory resolution works per turn

# 1. Resolve external user to canonical actor

identity = resolve(user_id, federation_claims)

# 2. Layer per-actor model choice over global default

model = user_preference or global_default

# 3. Recall memory from actor + workspace + global scopes

memory = recall(user_scope, workspace, global)

# 4. Run agent turn, write-back durable facts to user scope

Web Atelier

Premium Web Interface for Every User

Multi-tenant AI workstation with streaming chat, professional translation, voice, and admin console. White-label ready with brand theming.

Streaming Chat

Token-by-token SSE streaming with collapsible reasoning steps. Automatic turn rollbacks keep the timeline clean. Drag-and-drop file attachments (PDF, DOCX, MD, CSV, JSON). Special modes: Quick Response, Deep Research, Create Image.

SSE streaming human-in-the-loop voice

Translation Suite

Side-by-side editor with live streaming. Glossary enforcement injects approved terminology into the LLM prompt. Reference passages maintain consistent style. Document pipeline: convert, chunk, parallel translate, rebuild to original format. One-click download.

glossary references PDF/DOCX/HTML

Admin Console

System health monitor: PID, uptime, version, CORS, socket states. Remote slash command panel with safety prompts for destructive commands. Session snapshot inspector for debugging. Real-time activity feed showing sub-agent assignments and tool execution events.

White-Label Ready

Brand theme engine compiles under custom styles (Atelier, Studio, Console, Solar). Each brand gets its own color scheme (light + dark), favicon, logo, header icons, and page titles. WebSocket voice streaming with low-latency PCM16 audio.

Security

Enterprise-Grade Access Control

Role-based permissions, JWT sessions, CSRF protection, and injection firewall. Built for multi-tenant deployments from day one.

RBAC

Granular permission registry categorized by domain: reading users, managing roles, uploading documents, reviewing translations, and managing workspaces. Interactive role matrix for dynamic permission mapping.

JWT Sessions

Login writes an encrypted session cookie (HttpOnly, Secure, SameSite). All API routes verify the session token with a shared secret. Passwords are hashed with industry-standard algorithms.

CSRF + Rate Limit

CSRF mitigation inspects Origin/Referer on state-changing requests, with an API key bypass for automation. API limiter: 1000 calls/15min. Auth limiter: 10 login attempts/15min per IP.

Injection Firewall (Defense in Depth)

On top of RBAC and web security, the core runtime's injection firewall applies to every user. Source-boundary taint tracking classifies text provenance per actor session. Untrusted tool output (web fetch, MCP, search) is tagged and cannot grant authority. Sensitive sink tools are gated when injection is observed. Memory writes are quarantined. MCP tool definitions are pinned against rug-pull attacks. Per-actor taint partitioning ensures one user's session churn cannot evict another's security flags.

per-actor taint MCP pinning memory quarantine egress gate
Integration

OpenAI-Compatible API

Drop-in replacement for OpenAI endpoints, plus native UGENT streaming protocol and remote slash commands.

POST /v1/chat/completions

# OpenAI-compatible, supports stream=true via SSE

$ curl -X POST http://localhost:8786/v1/chat/completions \

   -H "Content-Type: application/json" \

   -H "x-api-key: $UGENT_WEB_API_KEY" \

   -d '{"model":"gpt-5.5","messages":[{"role":"user","content":"Hello"}],"stream":true}'

# → Streams tokens via SSE, supports multimodal content arrays

Native UGENT endpoints

GET /v1/ugent/events    # USP v1 SSE stream + replay

GET /v1/ugent/activity # Per-conversation activity feed

POST /v1/ugent/commands # Remote slash command execution

GET /v1/ugent/snapshot # Session bootstrap

POST /v1/files          # Secure file upload

GET /v1/ws/voice      # WebSocket voice transport

Human-in-the-Loop

Structured dialogs, masked secrets, yes/no confirmations. Conversation suspends and resumes automatically.

Dynamic Models

Per-user model selection persisted across sessions. Separate models for chat and translation.

USP v1 Protocol

UGENT Stream Protocol envelopes carry render hints, severity, origin metadata across SSE and WebSocket.