Skip to main content
Mixpeek enforces organization-level authentication, namespace isolation, and stage-level validation across the entire stack. This page summarizes the security model and operational protections you should configure in production.

Authentication

  • Header: Authorization: Bearer <api_key>
  • API keys belong to an organization; keys can be rotated, revoked, or scoped per environment.
  • Sensitive operations (e.g., creating namespaces, rotating keys) require elevated permissions.

Namespace Isolation

  • Header: X-Namespace: <namespace_id or namespace_name>
  • Every MongoDB query filters on namespace_id; indexes ensure isolation at scale.
  • Qdrant uses one collection per namespace (ns_<namespace_id>); payload filters ensure cross-collection safety.
  • Redis cache keys and Ray job metadata include namespace identifiers.

Dual Identifier Model

IdentifierVisible?Purpose
organization_idYesUser-facing identifier in API responses
internal_idNoPrimary key for service-to-service lookups
namespace_idYesIsolation boundary for data and compute
Keep internal_id secret; it is intentionally absent from public APIs.

Authorization & Rate Limits

  • Routes declare required permission levels (read, write, delete, admin).
  • Rate limits enforced via Redis middleware; set per-plan and per-route to protect backends.
  • Tasks and retriever executions consume credits; analytics endpoints expose usage metrics for billing reconciliation.

Secrets & Credentials

  • Store credentials (MongoDB, Qdrant, Redis, S3, LLM providers) in a managed secret store.
  • Rotate API keys and datastore credentials regularly; audit access logs.
  • Use IAM roles or service accounts for S3/GCS access; avoid hardcoding long-lived keys.

Data Protection

  • Storage: rely on encryption at rest provided by MongoDB Atlas, Qdrant Cloud, or your infrastructure.
  • Transit: require TLS for API endpoints and Ray Serve; use mTLS or network policies for cross-service traffic when available.
  • Backups: configure automated backups for MongoDB and Qdrant; version S3 buckets with lifecycle policies.

Operational Safeguards

  • Enable /v1/health probes in load balancers to route around unhealthy instances.
  • Use webhooks to detect ingestion completion; failed webhook deliveries remain retriable in MongoDB.
  • Monitor rate-limit counters and task failure rates to spot abusive or buggy clients.
  • Log request IDs and namespace IDs to correlate incidents quickly.

Hardening Checklist

  1. Network – restrict API access to trusted origins, configure CORS, and use private networking for backend services.
  2. Auth – issue scoped API keys, expire unused keys, enable audit logging.
  3. Secrets – manage via Vault, AWS Secrets Manager, GCP Secret Manager, or Kubernetes secrets with rotation.
  4. Tenancy – adopt one namespace per environment/tenant; enforce X-Namespace always.
  5. Monitoring – alert on health endpoint status, rate-limit breaches, or repeated 401/403 responses.

References