Workspace isolation for credentials and MCP
API keys and MCP servers now stay locked to the workspace where you set them up.
Credentials and tools you configure in one workspace no longer bleed into another. Org admins get the advanced workspace settings panel back, and Stripe checkout works through the new billing domain.
Workspaces no longer share each other’s credentials
Previously, an OpenRouter (or other provider) API key set up in one workspace was visible to every other workspace on the same machine — sending a message in workspace B would silently use workspace A’s account. MCP servers had the same problem and appeared everywhere regardless of where you added them.
Provider keys and MCP servers are now tied to the workspace where you set them up, and they only appear there. The active workspace is determined from your session, so a workspace can never reach into another’s credentials.
If you previously connected OpenRouter or another provider before this release, you may need to reconnect inside each workspace where you want to use it.
Org admin panel renders again
The Advanced workspace settings section in Integrations was hidden for everyone after a recent sign-in change. Org owners and admins will now see the section again and can post shared organization credentials as expected.
Billing checkout works through pay.zephyr-cloud.io
Stripe checkout sessions could fail to load because the new pay.zephyr-cloud.io domain wasn’t yet permitted inside the app. It is now, so upgrade and payment flows complete normally from inside the app.