Advanced

Runtime Architecture

A high-level view of how sessions, tools, streaming, persistence, and hosted execution fit together.

Runtime Shape

OpenAnalyst is built around one shared agent runtime. The default local TUI, backend-only CLI mode, and hosted session API all drive that same core conversation loop so prompts, tool calls, and session state stay consistent.

High-level flow
User input
  -> Session runtime
  -> Model response / tool planning
  -> Tool execution
  -> Streaming events
  -> Persistent session state

Sessions

Each conversation runs inside a persistent session. A session carries the conversation history, working context, selected model, permission state, and runtime metadata needed to continue later without losing continuity.

FieldPurpose
user_idIdentifies the owning user or tenant
session_idStable handle for the running agent session
conversation_idTracks the conversation thread across turns and resume events
timestampsCreation, update, and resume timing for persistence and auditing

Streaming Events

The hosted API streams the same kind of runtime information the TUI uses locally: assistant text deltas, tool calls, tool results, usage updates, and state transitions.

POST /sessions
POST /sessions/{id}/message
GET  /sessions/{id}/events
Hosted Sessions
The canonical remote contract is session-based, not stateless chat-completions only. That keeps tool calls, resume behavior, and conversation persistence aligned with the local CLI experience.

Tool Execution

OpenAnalyst can expose different tool surfaces depending on where it runs. Local interactive sessions can use the full workstation-aware toolset. Hosted backend sessions can be restricted to advisory or hosted-safe tools so remote callers do not gain unintended host-machine access.

Persistence

Conversation state is stored so users can resume work later, switch between local and hosted usage, and keep isolated histories per user and session. In hosted deployments, the database is the source of truth for session metadata and conversation continuity.

Deployment Modes

ModeBehavior
openanalystStarts the default interactive TUI
openanalyst --notuiRuns backend-only CLI behavior without the interactive UI
openanalyst --serveExposes hosted session endpoints for remote users

Automatic Provider Failover

When a provider fails due to a rate limit, timeout, or unexpected error, the engine automatically attempts the next configured provider. This happens transparently — the caller never sees a provider-level failure unless every configured provider is exhausted.

All 8 supported providers participate in the failover chain: OpenAnalyst, Anthropic, OpenAI, xAI, OpenRouter, Bedrock, Gemini, and Ollama (local). The engine determines the optimal order based on your configuration and availability.

Tip
Configure multiple provider keys for maximum resilience. The failover chain costs nothing when the primary provider is healthy — backup providers are only contacted on failure.

Session Isolation

Every session is fully isolated per user. The persistent store enforces strict boundaries — cross-tenant data access is impossible by design.

Each session carries the following information:

Tenant Architecture

The server supports two tenant modes. Choose single-tenant for personal use and development, or multi-tenant when deploying for teams and enterprises.

Single-Tenant (Default)

Multi-Tenant (Enterprise)

Tenant routing
Single-Tenant:
  Client → Server (owner) → AI Engine → Tools (server CWD)

Multi-Tenant:
  Client A [X-Tenant-ID: alpha] → Server → AI Engine → Tools (workspaces/alpha/)
  Client B [X-Tenant-ID: beta]  → Server → AI Engine → Tools (workspaces/beta/)
Enterprise Deployment
Multi-tenant mode does not include authentication. Place a reverse proxy or API gateway in front of the server to handle auth, then pass the resolved tenant identity via the X-Tenant-ID header.

Sandbox Model

Tool execution is sandboxed to prevent unintended access to the host system. Every tool call runs within the boundaries of the tenant's workspace directory.

Security Note
The sandbox prevents accidental cross-tenant file access, but it is not a hardened security boundary. For high-security deployments, combine the sandbox with OS-level isolation (containers, VMs) and network segmentation.

SSE Streaming

The server uses Server-Sent Events (SSE) for real-time communication. The same event types are consumed by both the TUI and remote API clients, ensuring consistent behavior across interfaces.

Event TypeDescription
snapshotFull session state on initial connection
messageComplete message (user or assistant)
assistant_deltaIncremental text chunk from the model
tool_callTool invocation with name and arguments
tool_resultTool execution output
usageToken counts and cost tracking
stateSession state transitions (thinking, tool_use, idle)
errorError events with message and code
Subscribing to events
GET /sessions/{id}/events
Accept: text/event-stream

data: {"type":"assistant_delta","content":"Hello"}
data: {"type":"tool_call","name":"ReadFile","args":{"path":"src/main.rs"}}
data: {"type":"tool_result","output":"fn main() { ... }"}
data: {"type":"usage","input_tokens":1024,"output_tokens":256}

Auto-Configuration

On startup, the server scans the environment for API keys and automatically configures every provider that has a valid key. No manual provider setup is required.

Environment VariableProvider
OPENANALYST_API_KEYOpenAnalyst
ANTHROPIC_API_KEYAnthropic
OPENAI_API_KEYOpenAI
XAI_API_KEYxAI
OPENROUTER_API_KEYOpenRouter
AWS_ACCESS_KEY_IDBedrock
GOOGLE_API_KEY / GEMINI_API_KEYGemini

If environment variables are not set, the server also checks these fallback locations:

CORS
The server enables CORS for browser-based API clients by default — all origins and all methods are permitted. For production deployments, restrict allowed origins via a reverse proxy.
← Server API