Skip to main content
A sandbox is a clean tenancy boundary you can spin up for any reason — one per app, one per environment, one per customer, one per experiment. Inside a sandbox, every end user is an endUserId. 
  Sandbox  sb_abc   ← your app
    ├── u-123  ·  GitHub conn · memory · runs
    ├── u-456  ·  Slack conn  · memory · runs
    └── u-789  ·  …
Everything inside the sandbox isolates on endUserId. One user’s connections and conversation memory never cross into another user’s runs.

Picking endUserId

Opaque, URL-safe, ≤128 chars. Stable per human. One human, one id — don’t reuse.
Your appPass
B2Cyour internal user id
B2B, per-user agents{org_id}:{user_id}
B2B, shared team agents{org_id}
Single-tenant / demoa constant

Create as many sandboxes as you want

Sandboxes are free. You’re only billed for what you put in them (storage, ingestion, retrieval, agent runs). Spin up as many as you like — one per app, per environment, per customer, per experiment. Common reasons:
  • One per app — each product in your Copass account gets its own.
  • One per environmentstaging, production, preview-branch-42, ephemeral test sandboxes in CI.
  • One per enterprise customer — when a B2B customer wants their own vault and key.
  • One per experiment — throw-away sandboxes for a prototype you’ll archive later.
endUserId is still the right axis for isolating end users within one app. Sandboxes are for everything above that line.

Next steps