diff --git a/.dockerignore b/.dockerignore
index 333d6134f2..d4441fb599 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,10 +1,14 @@
 .git
 .github
 .opencode
+.codenomad
 node_modules
 **/node_modules
 tmp
 dist
 **/dist
+artifacts
+apps/desktop/src-tauri/target
+**/target
 .env
 .env.*
diff --git a/apps/app/scripts/workspace-endpoint.test.ts b/apps/app/scripts/workspace-endpoint.test.ts
new file mode 100644
index 0000000000..e4d087f068
--- /dev/null
+++ b/apps/app/scripts/workspace-endpoint.test.ts
@@ -0,0 +1,34 @@
+import { describe, expect, test } from "bun:test";
+import { resolveWorkspaceEndpoint } from "../src/app/lib/workspace-endpoint";
+
+describe("resolveWorkspaceEndpoint", () => {
+  test("does not use remote host token as bearer authorization", () => {
+    const endpoint = resolveWorkspaceEndpoint({
+      id: "rem_ws_123",
+      workspaceType: "remote",
+      baseUrl: "https://worker.example.test",
+      openworkHostUrl: "https://worker.example.test",
+      openworkToken: null,
+      openworkClientToken: null,
+      openworkHostToken: "host-token-must-not-be-bearer",
+      openworkWorkspaceId: "ws_123",
+    } as never, { baseUrl: "http://127.0.0.1:8791", token: "local-token" });
+
+    expect(endpoint?.token).toBe("");
+  });
+
+  test("uses remote client token before local server token", () => {
+    const endpoint = resolveWorkspaceEndpoint({
+      id: "rem_ws_123",
+      workspaceType: "remote",
+      baseUrl: "https://worker.example.test",
+      openworkHostUrl: "https://worker.example.test",
+      openworkToken: null,
+      openworkClientToken: "remote-client-token",
+      openworkHostToken: "host-token",
+      openworkWorkspaceId: "ws_123",
+    } as never, { baseUrl: "http://127.0.0.1:8791", token: "local-token" });
+
+    expect(endpoint?.token).toBe("remote-client-token");
+  });
+});
diff --git a/apps/app/src/app/cloud/managed-provider-models.ts b/apps/app/src/app/cloud/managed-provider-models.ts
new file mode 100644
index 0000000000..6758262118
--- /dev/null
+++ b/apps/app/src/app/cloud/managed-provider-models.ts
@@ -0,0 +1,63 @@
+import type { CloudImportedProvider } from "./import-state";
+import type { ModelOption, ProviderListItem } from "../types";
+
+export function buildCloudManagedModelIdsByProvider(
+  importedCloudProviders: Record<string, CloudImportedProvider> | null | undefined,
+): Map<string, Set<string>> {
+  const next = new Map<string, Set<string>>();
+  for (const imported of Object.values(importedCloudProviders ?? {})) {
+    const providerId = imported.providerId.trim();
+    if (!providerId) continue;
+    const modelIds = imported.modelIds.map((id) => id.trim()).filter(Boolean);
+    if (!modelIds.length) continue;
+    const merged = next.get(providerId) ?? new Set<string>();
+    for (const modelId of modelIds) merged.add(modelId);
+    next.set(providerId, merged);
+  }
+  return next;
+}
+
+export function isCloudManagedModelAllowed(
+  cloudManagedModelIdsByProvider: Map<string, Set<string>>,
+  providerId: string,
+  modelId: string,
+) {
+  const allowedModelIds = cloudManagedModelIdsByProvider.get(providerId);
+  return !allowedModelIds || allowedModelIds.has(modelId);
+}
+
+export function hasCloudManagedModelAllowlist(
+  cloudManagedModelIdsByProvider: Map<string, Set<string>>,
+  providerId: string,
+) {
+  return cloudManagedModelIdsByProvider.has(providerId);
+}
+
+export function buildCloudManagedModelOptions(input: {
+  providers: ProviderListItem[];
+  cloudManagedModelIdsByProvider: Map<string, Set<string>>;
+  isRecommendedProvider?: (providerId: string) => boolean;
+}): ModelOption[] {
+  const options: ModelOption[] = [];
+  for (const provider of input.providers) {
+    const isCloudManaged = hasCloudManagedModelAllowlist(input.cloudManagedModelIdsByProvider, provider.id);
+    for (const [modelId, model] of Object.entries(provider.models)) {
+      if (!isCloudManagedModelAllowed(input.cloudManagedModelIdsByProvider, provider.id, modelId)) continue;
+      options.push({
+        providerID: provider.id,
+        modelID: modelId,
+        title: model.name || modelId,
+        description: provider.name,
+        behaviorTitle: "Reasoning",
+        behaviorLabel: "Default",
+        behaviorDescription: "",
+        behaviorValue: null,
+        isFree: false,
+        isConnected: true,
+        isRecommended: input.isRecommendedProvider?.(provider.id),
+        source: isCloudManaged || /^lpr_/i.test(provider.id) ? "cloud" : undefined,
+      });
+    }
+  }
+  return options;
+}
diff --git a/apps/app/src/app/lib/den.ts b/apps/app/src/app/lib/den.ts
index 8e592ebcd9..c6e766d7a2 100644
--- a/apps/app/src/app/lib/den.ts
+++ b/apps/app/src/app/lib/den.ts
@@ -119,6 +119,15 @@ export type DenMcpToken = {
   resource: string;
 };
 
+export type DenStaticWorkerAttachInput = {
+  name: string;
+  description?: string | null;
+  url: string;
+  clientToken: string;
+  hostToken: string;
+  activityToken?: string | null;
+};
+
 export type DenOrgLlmProviderModel = {
   id: string;
   name: string;
@@ -129,10 +138,13 @@ export type DenOrgLlmProviderModel = {
 export type DenOrgLlmProvider = {
   id: string;
   source: "models_dev" | "custom" | "openwork";
+  credentialKind: "api_key" | "opencode_oauth";
   providerId: string;
   name: string;
   providerConfig: Record<string, unknown>;
   hasApiKey: boolean;
+  hasOpencodeAuth: boolean;
+  hasCredential: boolean;
   models: DenOrgLlmProviderModel[];
   createdAt: string | null;
   updatedAt: string | null;
@@ -140,6 +152,15 @@ export type DenOrgLlmProvider = {
 
 export type DenOrgLlmProviderConnection = DenOrgLlmProvider & {
   apiKey: string | null;
+  opencodeAuth: string | null;
+};
+
+export type DenManagedProviderSyncResult = {
+  status: "applied" | "failed";
+  providerCount: number;
+  revision: string;
+  providerIds?: string[];
+  reason?: string;
 };
 
 export type DenPluginConfigObjectType = "skill" | "agent" | "command" | "tool" | "mcp" | "hook" | "context" | "custom";
@@ -590,8 +611,20 @@ function syncBootstrapSettingsToLocalStorage(config: DenBootstrapConfig) {
     return;
   }
 
+  const previousBaseUrl = window.localStorage.getItem(STORAGE_BASE_URL);
+  const previousOrigin = normalizeDenBaseUrl(previousBaseUrl) ?? "";
+  const nextOrigin = normalizeDenBaseUrl(config.baseUrl) ?? "";
+  const denOriginChanged = Boolean(previousOrigin && nextOrigin && previousOrigin !== nextOrigin);
+
   window.localStorage.setItem(STORAGE_BASE_URL, config.baseUrl);
   window.localStorage.setItem(STORAGE_API_BASE_URL, config.apiBaseUrl);
+
+  if (denOriginChanged) {
+    window.localStorage.removeItem(STORAGE_AUTH_TOKEN);
+    window.localStorage.removeItem(STORAGE_ACTIVE_ORG_ID);
+    window.localStorage.removeItem(STORAGE_ACTIVE_ORG_SLUG);
+    window.localStorage.removeItem(STORAGE_ACTIVE_ORG_NAME);
+  }
 }
 
 function getPendingBootstrapConfig(next: DenSettings): DenBootstrapConfig | null {
@@ -626,51 +659,18 @@ export async function initializeDenBootstrapConfig(): Promise<DenBootstrapConfig
     return desktopBootstrapConfig;
   }
 
-  // The shell IPC bridge can be momentarily unavailable at first paint;
-  // retry briefly before giving up so a boot race does not poison the
-  // session with build defaults.
-  const SHELL_BOOTSTRAP_ATTEMPTS = 3;
-  const SHELL_BOOTSTRAP_RETRY_DELAY_MS = 350;
-  for (let attempt = 1; attempt <= SHELL_BOOTSTRAP_ATTEMPTS; attempt += 1) {
-    try {
-      const bootstrap = await getDesktopBootstrapConfigFromShell() as ShellDesktopBootstrapConfig;
-      applyDesktopBootstrapConfig(resolveDenBootstrapConfig(bootstrap));
-      return desktopBootstrapConfig;
-    } catch (error) {
-      console.error("[den-bootstrap] shell read failed", attempt, error);
-      if (attempt < SHELL_BOOTSTRAP_ATTEMPTS) {
-        await new Promise((resolve) => setTimeout(resolve, SHELL_BOOTSTRAP_RETRY_DELAY_MS));
-      }
-    }
+  try {
+    const bootstrap = await getDesktopBootstrapConfigFromShell() as ShellDesktopBootstrapConfig;
+    applyDesktopBootstrapConfig(resolveDenBootstrapConfig(bootstrap));
+  } catch {
+    desktopBootstrapConfig = resolveDenBootstrapConfig({
+      baseUrl: BUILD_DEN_BASE_URL,
+      apiBaseUrl: BUILD_DEN_API_BASE_URL,
+      requireSignin: BUILD_DEN_REQUIRE_SIGNIN,
+    });
+    syncBootstrapSettingsToLocalStorage(desktopBootstrapConfig);
   }
 
-  // All quick attempts failed. Keep build defaults in memory only — do NOT
-  // sync them to localStorage: previously synced values from a successful
-  // boot are more trustworthy than build defaults, and clobbering them
-  // silently reverted custom/self-hosted control planes to the production
-  // URL until a manual reload.
-  desktopBootstrapConfig = resolveDenBootstrapConfig({
-    baseUrl: BUILD_DEN_BASE_URL,
-    apiBaseUrl: BUILD_DEN_API_BASE_URL,
-    requireSignin: BUILD_DEN_REQUIRE_SIGNIN,
-  });
-
-  // Heal in the background without blocking boot: once the bridge comes up,
-  // apply the real shell config and notify listeners.
-  void (async () => {
-    for (let attempt = 0; attempt < 15; attempt += 1) {
-      await new Promise((resolve) => setTimeout(resolve, 2_000));
-      try {
-        const bootstrap = await getDesktopBootstrapConfigFromShell() as ShellDesktopBootstrapConfig;
-        applyDesktopBootstrapConfig(resolveDenBootstrapConfig(bootstrap));
-        dispatchDenSettingsChanged({ settings: readDenSettings() });
-        return;
-      } catch {
-        // Bridge still unavailable — keep trying.
-      }
-    }
-  })();
-
   return desktopBootstrapConfig;
 }
 
@@ -1110,10 +1110,13 @@ function parseDenOrgLlmProvider(value: unknown): DenOrgLlmProvider | null {
   return {
     id: value.id,
     source: value.source,
+    credentialKind: value.credentialKind === "opencode_oauth" ? "opencode_oauth" : "api_key",
     providerId: value.providerId,
     name: value.name,
     providerConfig: parseJsonRecord(value.providerConfig),
     hasApiKey: value.hasApiKey === true,
+    hasOpencodeAuth: value.hasOpencodeAuth === true,
+    hasCredential: value.hasCredential === true || value.hasApiKey === true || value.hasOpencodeAuth === true,
     models: Array.isArray(value.models)
       ? value.models.flatMap((model) => {
           const parsed = parseDenOrgLlmProviderModel(model);
@@ -1149,6 +1152,28 @@ function getDenOrgLlmProviderConnection(payload: unknown): DenOrgLlmProviderConn
   return {
     ...provider,
     apiKey: typeof payload.llmProvider.apiKey === "string" ? payload.llmProvider.apiKey : null,
+    opencodeAuth: typeof payload.llmProvider.opencodeAuth === "string" ? payload.llmProvider.opencodeAuth : null,
+  };
+}
+
+function getDenManagedProviderSyncResult(payload: unknown): DenManagedProviderSyncResult | null {
+  if (!isRecord(payload)) return null;
+  if (payload.status !== "applied" && payload.status !== "failed") return null;
+  if (typeof payload.providerCount !== "number" || !Number.isInteger(payload.providerCount) || payload.providerCount < 0) return null;
+  if (typeof payload.revision !== "string") return null;
+  const rawProviderIds = Array.isArray(payload.providerIds)
+    ? payload.providerIds
+    : Array.isArray(payload.appliedProviderIds)
+      ? payload.appliedProviderIds
+      : undefined;
+  const providerIds = rawProviderIds ? readStringArray(rawProviderIds) : undefined;
+  if (rawProviderIds && providerIds?.length !== payload.providerCount) return null;
+  return {
+    status: payload.status,
+    providerCount: payload.providerCount,
+    revision: payload.revision,
+    ...(providerIds ? { providerIds } : {}),
+    ...(typeof payload.reason === "string" ? { reason: payload.reason } : {}),
   };
 }
 
@@ -1914,6 +1939,32 @@ export function createDenClient(options: { baseUrl: string; apiBaseUrl?: string
       return tokens;
     },
 
+    async attachStaticWorker(orgId: string, input: DenStaticWorkerAttachInput): Promise<DenWorkerSummary> {
+      const payload = await requestJson<unknown>(baseUrls, "/v1/workers/static-attach", {
+        method: "POST",
+        token,
+        organizationId: orgId,
+        body: {
+          name: input.name,
+          description: input.description ?? undefined,
+          url: input.url,
+          clientToken: input.clientToken,
+          hostToken: input.hostToken,
+          activityToken: input.activityToken ?? undefined,
+        },
+      });
+      const workers = getWorkers({
+        workers: isRecord(payload) && isRecord(payload.worker)
+          ? [{ ...payload.worker, instance: isRecord(payload.instance) ? payload.instance : null }]
+          : [],
+      });
+      const worker = workers[0];
+      if (!worker) {
+        throw new DenApiError(500, "invalid_worker_attach_payload", "Static worker attach response was missing worker details.");
+      }
+      return worker;
+    },
+
     async listOrgSkills(orgId: string): Promise<DenOrgSkillCard[]> {
       const payload = await requestJson<unknown>(baseUrls, "/v1/skills", {
         method: "GET",
@@ -1987,7 +2038,7 @@ export function createDenClient(options: { baseUrl: string; apiBaseUrl?: string
     async getOrgLlmProviderConnection(orgId: string, llmProviderId: string): Promise<DenOrgLlmProviderConnection> {
       const payload = await requestJson<unknown>(
         baseUrls,
-        `/v1/llm-providers/${encodeURIComponent(llmProviderId)}/connect`,
+        `/v1/llm-providers/${encodeURIComponent(llmProviderId)}/import-credential`,
         {
           method: "GET",
           token,
@@ -2001,6 +2052,27 @@ export function createDenClient(options: { baseUrl: string; apiBaseUrl?: string
       return provider;
     },
 
+    async syncWorkerManagedProviders(orgId: string, workerId: string): Promise<DenManagedProviderSyncResult> {
+      const payload = await requestJson<unknown>(
+        baseUrls,
+        `/v1/workers/${encodeURIComponent(workerId)}/managed-providers/sync`,
+        {
+          method: "POST",
+          token,
+          organizationId: orgId,
+          body: {},
+        },
+      );
+      const result = getDenManagedProviderSyncResult(payload);
+      if (!result) {
+        throw new DenApiError(500, "invalid_managed_provider_sync_payload", "Managed provider sync response was invalid.");
+      }
+      if (result.status !== "applied") {
+        throw new DenApiError(502, "managed_provider_sync_failed", result.reason ?? "Managed provider sync failed.");
+      }
+      return result;
+    },
+
     async listOrgMarketplaces(orgId: string): Promise<DenOrgMarketplace[]> {
       const payload = await requestJson<unknown>(
         baseUrls,
diff --git a/apps/app/src/app/lib/desktop-types.ts b/apps/app/src/app/lib/desktop-types.ts
index c84e6b6124..cc8faebbbc 100644
--- a/apps/app/src/app/lib/desktop-types.ts
+++ b/apps/app/src/app/lib/desktop-types.ts
@@ -81,6 +81,9 @@ export type WorkspaceInfo = {
   openworkHostToken?: string | null;
   openworkWorkspaceId?: string | null;
   openworkWorkspaceName?: string | null;
+  openworkDenBaseUrl?: string | null;
+  openworkDenOrgId?: string | null;
+  openworkDenWorkerId?: string | null;
   sandboxBackend?: "docker" | "microsandbox" | null;
   sandboxRunId?: string | null;
   sandboxContainerName?: string | null;
diff --git a/apps/app/src/app/lib/openwork-server.ts b/apps/app/src/app/lib/openwork-server.ts
index c738e2e599..e8c8d6a769 100644
--- a/apps/app/src/app/lib/openwork-server.ts
+++ b/apps/app/src/app/lib/openwork-server.ts
@@ -532,6 +532,28 @@ export function parseOpenworkWorkspaceIdFromUrl(input: string) {
   }
 }
 
+export function stripOpenworkWorkspaceMount(input: string) {
+  const normalized = normalizeOpenworkServerUrl(input) ?? "";
+  if (!normalized) return "";
+
+  try {
+    const url = new URL(normalized);
+    const segments = url.pathname.split("/").filter(Boolean);
+    const workspaceIndex = segments.indexOf("workspace");
+    const legacyIndex = segments.indexOf("w");
+    const mountIndex = workspaceIndex >= 0 ? workspaceIndex : legacyIndex;
+    if (mountIndex >= 0 && segments[mountIndex + 1]) {
+      const prefix = segments.slice(0, mountIndex).join("/");
+      url.pathname = prefix ? `/${prefix}` : "/";
+      return url.toString().replace(/\/+$/, "");
+    }
+  } catch {
+    // Fall through to the normalized value below.
+  }
+
+  return normalized.replace(/\/+$/, "");
+}
+
 export function buildOpenworkWorkspaceBaseUrl(hostUrl: string, workspaceId?: string | null) {
   const normalized = normalizeOpenworkServerUrl(hostUrl) ?? "";
   if (!normalized) return null;
@@ -650,7 +672,7 @@ export function stripOpenworkConnectInviteFromUrl(input: string) {
 export function readOpenworkServerSettings(): OpenworkServerSettings {
   if (typeof window === "undefined") return {};
   try {
-    const urlOverride = normalizeOpenworkServerUrl(
+    const urlOverride = stripOpenworkWorkspaceMount(
       window.localStorage.getItem(STORAGE_URL_OVERRIDE) ?? "",
     );
     const portRaw = window.localStorage.getItem(STORAGE_PORT_OVERRIDE) ?? "";
@@ -659,7 +681,7 @@ export function readOpenworkServerSettings(): OpenworkServerSettings {
     const hostToken = window.localStorage.getItem(STORAGE_HOST_AUTH_KEY) ?? undefined;
     const remoteAccessRaw = window.localStorage.getItem(STORAGE_REMOTE_ACCESS) ?? "";
     return {
-      urlOverride: urlOverride ?? undefined,
+      urlOverride: urlOverride || undefined,
       portOverride: Number.isNaN(portOverride) ? undefined : portOverride,
       token: token?.trim() || undefined,
       hostToken: hostToken?.trim() || undefined,
diff --git a/apps/app/src/app/lib/workspace-endpoint.ts b/apps/app/src/app/lib/workspace-endpoint.ts
index 20c0d72979..87b2bbae00 100644
--- a/apps/app/src/app/lib/workspace-endpoint.ts
+++ b/apps/app/src/app/lib/workspace-endpoint.ts
@@ -31,6 +31,8 @@ export type ResolvedWorkspaceEndpoint = {
   baseUrl: string;
   /** Auth token for that server. May be empty for unauthenticated local servers. */
   token: string;
+  /** Host/admin token for routes that require worker mutation privileges. */
+  hostToken: string;
   /** Workspace id as the owning server expects it in URL paths. No `rem_` prefix. */
   workspaceId: string;
   /** True when the workspace lives on a remote OpenWork worker, not the user's local server. */
@@ -93,13 +95,17 @@ function pickRemoteBaseUrl(workspace: WorkspaceEndpointInput): string {
 function pickRemoteToken(workspace: WorkspaceEndpointInput): string {
   if (!workspace) return "";
   return (
-    workspace.openworkToken ??
     workspace.openworkClientToken ??
-    workspace.openworkHostToken ??
+    workspace.openworkToken ??
     ""
   ).trim();
 }
 
+function pickRemoteHostToken(workspace: WorkspaceEndpointInput): string {
+  if (!workspace) return "";
+  return (workspace.openworkHostToken ?? "").trim();
+}
+
 /**
  * Resolve the right server endpoint for a workspace. Returns null when the
  * workspace can't be reached (remote with no baseUrl, or local with no local
@@ -116,10 +122,12 @@ export function resolveWorkspaceEndpoint(
     const baseUrl = pickRemoteBaseUrl(workspace);
     if (!baseUrl) return null;
     const token = pickRemoteToken(workspace);
+    const hostToken = pickRemoteHostToken(workspace);
     const workspaceId = workspaceServerId(workspace);
     const client = createOpenworkServerClient({
       baseUrl,
       token: token || undefined,
+      hostToken: hostToken || undefined,
     });
     const mountedBaseUrl = (
       buildOpenworkWorkspaceBaseUrl(baseUrl, workspaceId) ?? baseUrl
@@ -127,6 +135,7 @@ export function resolveWorkspaceEndpoint(
     return {
       baseUrl,
       token,
+      hostToken,
       workspaceId,
       isRemote: true,
       client,
@@ -149,6 +158,7 @@ export function resolveWorkspaceEndpoint(
   return {
     baseUrl: localBaseUrl,
     token: localToken,
+    hostToken: "",
     workspaceId,
     isRemote: false,
     client,
diff --git a/apps/app/src/components/model-select.tsx b/apps/app/src/components/model-select.tsx
index b0386536c1..d18f131446 100644
--- a/apps/app/src/components/model-select.tsx
+++ b/apps/app/src/components/model-select.tsx
@@ -45,6 +45,7 @@ import {
 import { isDesktopProviderBlocked } from "@/app/cloud/desktop-app-restrictions";
 import { openModelPickerEvent } from "@/react-app/shell/new-providers-toast";
 import { newProvidersEvent } from "@/app/lib/provider-events";
+import { buildCloudManagedModelOptions } from "@/app/cloud/managed-provider-models";
 
 function getProviderDisplayName(providerId: string) {
   return providerId
@@ -55,7 +56,7 @@ function getProviderDisplayName(providerId: string) {
 }
 
 function useModelOptions(open: boolean) {
-  const { client, opencodeBaseUrl, selectedWorkspaceRoot } = useWorkspace();
+  const { client, opencodeBaseUrl, selectedWorkspaceRoot, cloudManagedModelIdsByProvider } = useWorkspace();
   const checkDesktopRestriction = useCheckDesktopRestriction();
 
   const { data, refetch } = useProviderListQuery({
@@ -89,21 +90,10 @@ function useModelOptions(open: boolean) {
       restriction: "allowCustomProviders",
     });
 
-    const options = getConnectedProviderItems(data)
-      .flatMap((provider) =>
-        Object.entries(provider.models).map(([id, model]) => ({
-          providerID: provider.id,
-          modelID: id,
-          title: model.name,
-          description: provider.name,
-          behaviorTitle: "Reasoning",
-          behaviorLabel: "Default",
-          behaviorDescription: "",
-          behaviorValue: null,
-          isFree: false,
-          isConnected: true,
-        })),
-      );
+    const options = buildCloudManagedModelOptions({
+      providers: getConnectedProviderItems(data),
+      cloudManagedModelIdsByProvider,
+    });
 
     return options.filter((option) => {
       if (
@@ -121,7 +111,7 @@ function useModelOptions(open: boolean) {
 
       return true;
     });
-  }, [checkDesktopRestriction, data]);
+  }, [checkDesktopRestriction, cloudManagedModelIdsByProvider, data]);
 }
 
 type ModelSelectModelItem = {
diff --git a/apps/app/src/react-app/domains/cloud/org-onboarding-page.tsx b/apps/app/src/react-app/domains/cloud/org-onboarding-page.tsx
index d9790776ae..3a24cf561d 100644
--- a/apps/app/src/react-app/domains/cloud/org-onboarding-page.tsx
+++ b/apps/app/src/react-app/domains/cloud/org-onboarding-page.tsx
@@ -25,8 +25,22 @@ import {
   type DenOrgSummary,
   type DenWorkerSummary,
 } from "@/app/lib/den";
+import {
+  resolveWorkspaceListSelectedId,
+  workspaceCreateRemote,
+  workspaceSetRuntimeActive,
+  workspaceSetSelected,
+  type WorkspaceList,
+} from "@/app/lib/desktop";
+import {
+  stripOpenworkWorkspaceMount,
+  writeOpenworkServerSettings,
+} from "@/app/lib/openwork-server";
 import { usePlatform } from "../../kernel/platform";
+import { useLocal } from "../../kernel/local-provider";
 import { useBootState } from "../../shell/boot-state";
+import { writeActiveWorkspaceId } from "../../shell/session-memory";
+import { workspaceSessionRoute } from "../../shell/workspace-routes";
 import { resolveModelDisplayName, resolveProviderDisplayName } from "@/app/utils";
 import { ProviderIcon } from "../../design-system/provider-icon";
 import { writeStoredDefaultModel } from "../../kernel/model-config";
@@ -204,6 +218,7 @@ export function OrgOnboardingPage() {
 export function ResourceSelectionPage() {
   const navigate = useNavigate();
   const platform = usePlatform();
+  const local = useLocal();
   const { markRouteReady } = useBootState();
   const { authToken, denClient, orgId, orgName, settings } = useDenClient();
 
@@ -212,6 +227,8 @@ export function ResourceSelectionPage() {
     modelId: string;
     label: string;
   } | null>(null);
+  const [continueBusy, setContinueBusy] = useState(false);
+  const [continueError, setContinueError] = useState<string | null>(null);
 
   // Redirect if no auth or no org — can't show onboarding without them
   useEffect(() => {
@@ -255,24 +272,93 @@ export function ResourceSelectionPage() {
     }),
   });
 
-  const handleContinue = useCallback(() => {
-    // If user picked a default model, write it
-    if (selectedDefault) {
-      writeStoredDefaultModel({
-        providerID: selectedDefault.providerId,
-        modelID: selectedDefault.modelId,
-      });
+  const connectHealthyWorker = useCallback(async () => {
+    if (!orgId) {
+      return null;
+    }
+
+    const healthyWorker = workers.find((worker) => worker.status === "healthy") ?? null;
+    if (!healthyWorker) {
+      if (workers.length > 0) {
+        throw new Error("No healthy cloud worker is attached to this organization yet.");
+      }
+      return null;
+    }
+
+    const tokens = await denClient.getWorkerTokens(healthyWorker.workerId, orgId);
+    const openworkUrl = tokens.openworkUrl?.trim() ?? "";
+    const openworkHostUrl = stripOpenworkWorkspaceMount(openworkUrl);
+    const accessToken = tokens.clientToken?.trim() || tokens.ownerToken?.trim() || "";
+    if (!openworkUrl || !accessToken) {
+      throw new Error("The shared worker is not ready yet.");
     }
-    // Mark all providers shown on this page as "seen" so the global
-    // toast doesn't re-fire for them on the next sync interval.
-    markProvidersSeen(providers);
-    if (providers.length > 0) {
-      try {
-        window.localStorage.setItem(RELOAD_AFTER_ONBOARDING_KEY, "1");
-      } catch {}
+
+    const list = await workspaceCreateRemote({
+      baseUrl: openworkUrl,
+      openworkHostUrl: openworkUrl,
+      openworkToken: accessToken,
+      openworkClientToken: tokens.clientToken?.trim() || null,
+      openworkHostToken: tokens.hostToken?.trim() || null,
+      openworkDenBaseUrl: settings.baseUrl,
+      openworkDenOrgId: orgId,
+      openworkDenWorkerId: healthyWorker.workerId,
+      displayName: healthyWorker.workerName,
+      directory: null,
+      remoteType: "openwork",
+    }) as WorkspaceList;
+
+    const createdId =
+      resolveWorkspaceListSelectedId(list) ||
+      list.workspaces[list.workspaces.length - 1]?.id ||
+      "";
+
+    if (createdId) {
+      await workspaceSetSelected(createdId).catch(() => undefined);
+      await workspaceSetRuntimeActive(createdId).catch(() => undefined);
+      writeActiveWorkspaceId(createdId);
     }
-    navigate("/session", { replace: true });
-  }, [navigate, providers, selectedDefault]);
+
+    writeOpenworkServerSettings({
+      urlOverride: openworkHostUrl || openworkUrl,
+      token: accessToken,
+      hostToken: tokens.hostToken?.trim() || undefined,
+    });
+    try {
+      window.dispatchEvent(new CustomEvent("openwork-server-settings-changed"));
+    } catch {
+      // Best-effort only.
+    }
+
+    return createdId || null;
+  }, [denClient, orgId, settings.baseUrl, workers]);
+
+  const handleContinue = useCallback(async () => {
+    setContinueBusy(true);
+    setContinueError(null);
+    try {
+      if (selectedDefault) {
+        writeStoredDefaultModel({
+          providerID: selectedDefault.providerId,
+          modelID: selectedDefault.modelId,
+        });
+      }
+
+      markProvidersSeen(providers);
+      if (providers.length > 0) {
+        try {
+          window.localStorage.setItem(RELOAD_AFTER_ONBOARDING_KEY, "1");
+        } catch {}
+      }
+
+      const workspaceId = await connectHealthyWorker();
+      local.setPrefs((previous) => ({ ...previous, hasCompletedOnboarding: true }));
+      navigate(workspaceId ? workspaceSessionRoute(workspaceId) : "/session", { replace: true });
+    } catch (error) {
+      setContinueError(error instanceof Error ? error.message : "Could not connect the shared worker.");
+    } finally {
+      setContinueBusy(false);
+    }
+  }, [connectHealthyWorker, local, navigate, providers, selectedDefault]);
 
   const totalModels = providers.reduce((sum, provider) => sum + provider.models.length, 0);
   const hasResources = providers.length > 0 || marketplaces.length > 0 || workers.length > 0;
@@ -298,6 +384,11 @@ export function ResourceSelectionPage() {
               <CircleAlert />
               <AlertDescription>{error}</AlertDescription>
             </Alert>
+          ) : continueError ? (
+            <Alert variant="destructive">
+              <CircleAlert />
+              <AlertDescription>{continueError}</AlertDescription>
+            </Alert>
           ) : hasResources ? (
             <PageDescription>
               You have access to the following resources.
@@ -410,10 +501,10 @@ export function ResourceSelectionPage() {
             className="w-fit"
             type="button"
             size="lg"
-            onClick={handleContinue}
-            disabled={loading}
+            onClick={() => void handleContinue()}
+            disabled={loading || continueBusy}
           >
-            {hasResources ? "Continue to workspace" : "Continue"}
+            {continueBusy ? "Connecting workspace..." : hasResources ? "Continue to workspace" : "Continue"}
             <ArrowRight data-icon="inline-end" />
           </Button>
         </PageFooter>
diff --git a/apps/app/src/react-app/domains/connections/provider-auth/store.ts b/apps/app/src/react-app/domains/connections/provider-auth/store.ts
index 80791a51c2..152fa5bbcd 100644
--- a/apps/app/src/react-app/domains/connections/provider-auth/store.ts
+++ b/apps/app/src/react-app/domains/connections/provider-auth/store.ts
@@ -32,7 +32,7 @@ import {
   filterProviderList,
 } from "../../../../app/utils/providers";
 import { getReactQueryClient } from "../../../infra/query-client";
-import { ensureProviderListQuery } from "../provider-list-query";
+import { ensureProviderListQuery, refreshProviderListQueries } from "../provider-list-query";
 import type { OpenworkServerStore } from "../openwork-server-store";
 import {
   denSessionUpdatedEvent,
@@ -119,6 +119,36 @@ type MutableState = {
 
 export type ProviderAuthStore = ReturnType<typeof createProviderAuthStore>;
 
+export const getCloudManagedProviderId = (
+  provider: Pick<DenOrgLlmProvider, "id" | "providerId" | "source" | "credentialKind">,
+) => {
+  if (provider.source === "openwork") return "openwork";
+  if (provider.credentialKind === "opencode_oauth") return provider.providerId.trim();
+  return provider.id.trim();
+};
+
+export function resolveAppliedManagedProvidersFromSyncResult(
+  result: { providerCount: number; providerIds?: string[] },
+  liveProviders: DenOrgLlmProvider[],
+) {
+  if (Array.isArray(result.providerIds)) {
+    const appliedIds = new Set(result.providerIds.map((id) => id.trim()).filter(Boolean));
+    return liveProviders.filter((provider) => appliedIds.has(provider.id));
+  }
+
+  if (result.providerCount === liveProviders.length) {
+    return liveProviders;
+  }
+
+  if (result.providerCount === 0) {
+    return [];
+  }
+
+  throw new Error(
+    "Remote worker synced only part of the organization provider set but did not identify which providers were applied. Imported provider state was left unchanged.",
+  );
+}
+
 export function createProviderAuthStore(options: CreateProviderAuthStoreOptions) {
   const listeners = new Set<() => void>();
 
@@ -164,10 +194,6 @@ export function createProviderAuthStore(options: CreateProviderAuthStoreOptions)
   const sameStringList = (a: string[], b: string[]) =>
     a.length === b.length && a.every((value, index) => value === b[index]);
 
-  const getCloudManagedProviderId = (
-    provider: Pick<DenOrgLlmProvider, "id" | "providerId" | "source">,
-  ) => provider.source === "openwork" ? "openwork" : provider.id.trim();
-
   const getProviderAuthWorkerType = (): "local" | "remote" =>
     options.selectedWorkspaceDisplay().workspaceType === "remote" ? "remote" : "local";
 
@@ -1344,14 +1370,45 @@ export function createProviderAuthStore(options: CreateProviderAuthStoreOptions)
       const existingImported = state.importedCloudProviders[cloudProviderId] ?? null;
       const localProviderId = getCloudManagedProviderId(provider);
       const apiKey = provider.apiKey?.trim() ?? "";
+      const opencodeAuth = provider.opencodeAuth?.trim() ?? "";
       const env = getCloudProviderEnv(provider.providerConfig);
-      if (!apiKey && env.length > 0) {
+      if (provider.credentialKind === "opencode_oauth" && !opencodeAuth) {
+        throw new Error(`${provider.name} does not have a stored OpenCode OAuth credential yet.`);
+      }
+      if (provider.credentialKind === "api_key" && !apiKey && env.length > 0) {
         throw new Error(`${provider.name} does not have a stored organization credential yet.`);
       }
 
       await assertCloudProviderImportSafe(provider);
 
-      if (apiKey) {
+      if (provider.credentialKind === "opencode_oauth" && opencodeAuth) {
+        let parsedAuth: unknown;
+        try {
+          parsedAuth = JSON.parse(opencodeAuth);
+        } catch {
+          throw new Error(`${provider.name} has invalid OpenCode OAuth JSON.`);
+        }
+        if (!parsedAuth || typeof parsedAuth !== "object" || Array.isArray(parsedAuth)) {
+          throw new Error(`${provider.name} OpenCode OAuth auth must be a JSON object.`);
+        }
+        const authRecord = parsedAuth as Record<string, unknown>;
+        if (authRecord.type !== "oauth") {
+          throw new Error(`${provider.name} OpenCode OAuth auth must include type "oauth".`);
+        }
+        if (typeof authRecord.access !== "string" || !authRecord.access.trim()) {
+          throw new Error(`${provider.name} OpenCode OAuth auth must include an access token.`);
+        }
+        if (typeof authRecord.refresh !== "string" || !authRecord.refresh.trim()) {
+          throw new Error(`${provider.name} OpenCode OAuth auth must include a refresh token.`);
+        }
+        if (typeof authRecord.expires !== "number" || !Number.isFinite(authRecord.expires) || authRecord.expires < 0) {
+          throw new Error(`${provider.name} OpenCode OAuth auth must include a non-negative numeric expires value.`);
+        }
+        await c.auth.set({
+          providerID: localProviderId,
+          auth: parsedAuth as Parameters<typeof c.auth.set>[0]["auth"],
+        });
+      } else if (apiKey) {
         await c.auth.set({
           providerID: localProviderId,
           auth: { type: "api", key: apiKey },
@@ -1411,6 +1468,23 @@ export function createProviderAuthStore(options: CreateProviderAuthStoreOptions)
   }
 
   async function connectCloudProvider(cloudProviderId: string) {
+    const target = getRemoteManagedProviderSyncTarget();
+    if (target) {
+      setStateField("providerAuthError", null);
+      try {
+        const liveProviders = await refreshCloudOrgProviders({ force: true });
+        const provider = liveProviders.find((entry) => entry.id === cloudProviderId);
+        if (!provider) {
+          throw new Error("Organization provider is no longer available.");
+        }
+        await syncRemoteManagedProviders("settings_cloud_opened", liveProviders, state.importedCloudProviders);
+        return `${t("status.connected")} ${provider.name}`;
+      } catch (error) {
+        const message = describeProviderError(error, "Failed to sync organization provider to the remote worker.");
+        setStateField("providerAuthError", message);
+        throw error instanceof Error ? error : new Error(message);
+      }
+    }
     return await connectCloudProviderInternal(cloudProviderId);
   }
 
@@ -1472,6 +1546,9 @@ export function createProviderAuthStore(options: CreateProviderAuthStoreOptions)
     return message;
   };
 
+  const shouldSurfaceCloudProviderSyncError = (reason: CloudProviderSyncReason) =>
+    reason === "settings_cloud_opened";
+
   const getCloudProviderSyncContextKey = () => {
     const settings = readDenSettings();
     return [
@@ -1508,6 +1585,78 @@ export function createProviderAuthStore(options: CreateProviderAuthStoreOptions)
     (importedProvider.updatedAt ?? null) !== (provider.updatedAt ?? null) ||
     !sameStringList(importedProvider.modelIds, sortStrings(provider.models.map((model) => model.id)));
 
+  const getRemoteManagedProviderSyncTarget = () => {
+    const workspace = options.selectedWorkspaceDisplay();
+    if (workspace.workspaceType !== "remote") return null;
+    const workerId = workspace.openworkDenWorkerId?.trim() ?? "";
+    if (!workerId) return null;
+
+    const settings = readDenSettings();
+    const orgId = settings.activeOrgId?.trim() ?? "";
+    if (!settings.authToken?.trim() || !orgId) return null;
+    const workspaceOrgId = workspace.openworkDenOrgId?.trim() ?? "";
+    if (workspaceOrgId && workspaceOrgId !== orgId) return null;
+
+    return { settings, orgId, workerId };
+  };
+
+  const rememberRemoteManagedProviderSync = async (providers: DenOrgLlmProvider[]) => {
+    const nextImportedProviders = Object.fromEntries(
+      providers.map((provider) => [
+        provider.id,
+        {
+          cloudProviderId: provider.id,
+          providerId: getCloudManagedProviderId(provider),
+          sourceProviderId: provider.providerId,
+          name: provider.name,
+          source: provider.source,
+          updatedAt: provider.updatedAt ?? null,
+          modelIds: getProviderModelIds(provider),
+          importedAt: Date.now(),
+        },
+      ]),
+    );
+    await persistImportedCloudProviders(nextImportedProviders);
+  };
+
+  const syncRemoteManagedProviders = async (
+    reason: CloudProviderSyncReason,
+    liveProviders: DenOrgLlmProvider[],
+    importedProviders: Record<string, CloudImportedProvider>,
+  ) => {
+    const target = getRemoteManagedProviderSyncTarget();
+    if (!target) return false;
+
+    const den = createDenClient({
+      baseUrl: target.settings.baseUrl,
+      apiBaseUrl: target.settings.apiBaseUrl,
+      token: target.settings.authToken,
+    });
+    const syncResult = await den.syncWorkerManagedProviders(target.orgId, target.workerId);
+    const appliedProviders = resolveAppliedManagedProvidersFromSyncResult(syncResult, liveProviders);
+    await rememberRemoteManagedProviderSync(appliedProviders);
+    await refreshProviders({ dispose: true }).catch(() => null);
+    await refreshProviderListQueries(getReactQueryClient()).catch(() => undefined);
+    const newlyImported = appliedProviders.filter((provider) => !importedProviders[provider.id]);
+    if (newlyImported.length > 0) {
+      dispatchNewProviders({
+        providers: newlyImported.map((provider) => {
+          const firstModel = provider.models[0] ?? null;
+          const localProviderId = getCloudManagedProviderId(provider);
+          return {
+            id: localProviderId,
+            name: provider.name,
+            providerId: localProviderId,
+            firstModelId: firstModel?.id,
+            firstModelName: firstModel?.name ?? firstModel?.id,
+          };
+        }),
+        source: reason === "sign_in" ? "sign_in" : "cloud_sync",
+      });
+    }
+    return true;
+  };
+
   async function performCloudProviderSync(reason: CloudProviderSyncReason) {
     if (!hasCloudProviderSyncPrerequisites()) {
       return;
@@ -1517,6 +1666,11 @@ export function createProviderAuthStore(options: CreateProviderAuthStoreOptions)
       refreshImportedCloudProviders(),
       refreshCloudOrgProviders({ force: true }),
     ]);
+
+    if (await syncRemoteManagedProviders(reason, liveProviders, importedProviders)) {
+      return;
+    }
+
     const liveProviderMap = new Map(liveProviders.map((provider) => [provider.id, provider]));
     const failures: string[] = [];
     const processedLiveProviderIds = new Set<string>();
@@ -1577,6 +1731,7 @@ export function createProviderAuthStore(options: CreateProviderAuthStoreOptions)
 
     if (configChanged) {
       await refreshProviders({ dispose: true }).catch(() => null);
+      await refreshProviderListQueries(getReactQueryClient()).catch(() => undefined);
     }
 
     // Notify the UI about newly imported providers so the global toast
@@ -1602,7 +1757,7 @@ export function createProviderAuthStore(options: CreateProviderAuthStoreOptions)
     const request = performCloudProviderSync(reason)
       .catch((error) => {
         const message = logCloudProviderSyncError(reason, error);
-        if (reason === "settings_cloud_opened") {
+        if (shouldSurfaceCloudProviderSyncError(reason)) {
           setStateField("providerAuthError", message);
         }
       })
diff --git a/apps/app/src/react-app/domains/settings/pages/cloud-providers-view.tsx b/apps/app/src/react-app/domains/settings/pages/cloud-providers-view.tsx
index 1e48065a12..7b92f31c4f 100644
--- a/apps/app/src/react-app/domains/settings/pages/cloud-providers-view.tsx
+++ b/apps/app/src/react-app/domains/settings/pages/cloud-providers-view.tsx
@@ -11,6 +11,7 @@ import { useCloudSession } from "@/react-app/domains/settings/cloud/cloud-sessio
 import { CloudProvidersSection, type CloudProviderRow } from "@/react-app/domains/settings/cloud/sections";
 import type { useDenSession } from "@/react-app/domains/settings/cloud/use-den-session";
 import { SettingsNotice, SettingsStack } from "@/react-app/domains/settings/settings-section";
+import { getCloudManagedProviderId } from "@/react-app/domains/connections/provider-auth/store";
 
 type CloudProvidersSession = Pick<
   ReturnType<typeof useDenSession>,
@@ -54,9 +55,10 @@ export function CloudProvidersView({
   const rows = React.useMemo<CloudProviderRow[]>(() => {
     const nextRows: CloudProviderRow[] = cloudOrgProviders.map((provider) => {
       const imported = importedCloudProviders[provider.id] ?? null;
+      const localProviderId = getCloudManagedProviderId(provider);
       const status = !imported
         ? "available"
-        : imported.providerId !== provider.id.trim() ||
+        : imported.providerId !== localProviderId ||
             imported.sourceProviderId !== provider.providerId ||
             (imported.source ?? null) !== (provider.source ?? null) ||
             (imported.updatedAt ?? null) !== (provider.updatedAt ?? null) ||
diff --git a/apps/app/src/react-app/domains/settings/pages/cloud-workers-view.tsx b/apps/app/src/react-app/domains/settings/pages/cloud-workers-view.tsx
index e2b08b5207..a57dd36081 100644
--- a/apps/app/src/react-app/domains/settings/pages/cloud-workers-view.tsx
+++ b/apps/app/src/react-app/domains/settings/pages/cloud-workers-view.tsx
@@ -3,6 +3,7 @@ import * as React from "react";
 import { toast } from "@/components/ui/sonner";
 
 import { Button } from "@/components/ui/button";
+import { Input } from "@/components/ui/input";
 import { Separator } from "@/components/ui/separator";
 import { t } from "@/i18n";
 import { useCloudSession } from "@/react-app/domains/settings/cloud/cloud-session-provider";
@@ -13,6 +14,11 @@ export type CloudWorkersViewProps = {
   connectRemoteWorkspace: (input: {
     openworkHostUrl?: string | null;
     openworkToken?: string | null;
+    openworkClientToken?: string | null;
+    openworkHostToken?: string | null;
+    openworkDenBaseUrl?: string | null;
+    openworkDenOrgId?: string | null;
+    openworkDenWorkerId?: string | null;
     directory?: string | null;
     displayName?: string | null;
   }) => Promise<boolean>;
@@ -23,11 +29,18 @@ export function CloudWorkersView({
   connectRemoteWorkspace,
   onOpenAccount,
 }: CloudWorkersViewProps) {
-  const { activeOrganization: activeOrg, authToken, client, isSignedIn, user } = useCloudSession();
+  const { activeOrganization: activeOrg, authToken, baseUrl, client, isSignedIn, user } = useCloudSession();
   const [workersBusy, setWorkersBusy] = React.useState(false);
   const [openingWorkerId, setOpeningWorkerId] = React.useState<string | null>(null);
+  const [attachBusy, setAttachBusy] = React.useState(false);
   const [workers, setWorkers] = React.useState<CloudWorker[]>([]);
   const [workersError, setWorkersError] = React.useState<string | null>(null);
+  const [staticWorkerForm, setStaticWorkerForm] = React.useState({
+    name: "LAN static worker",
+    url: "",
+    clientToken: "",
+    hostToken: "",
+  });
   const activeOrgId = activeOrg?.id ?? "";
 
   const refreshWorkers = React.useCallback(
@@ -82,7 +95,7 @@ export function CloudWorkersView({
       try {
         const tokens = await client.getWorkerTokens(workerId, activeOrgId);
         const openworkUrl = tokens.openworkUrl?.trim() ?? "";
-        const accessToken = tokens.ownerToken?.trim() || tokens.clientToken?.trim() || "";
+        const accessToken = tokens.clientToken?.trim() || tokens.ownerToken?.trim() || "";
         if (!openworkUrl || !accessToken) {
           throw new Error(t("den.error_worker_not_ready"));
         }
@@ -90,6 +103,11 @@ export function CloudWorkersView({
         const ok = await connectRemoteWorkspace({
           openworkHostUrl: openworkUrl,
           openworkToken: accessToken,
+          openworkClientToken: tokens.clientToken?.trim() || null,
+          openworkHostToken: tokens.hostToken?.trim() || null,
+          openworkDenBaseUrl: baseUrl,
+          openworkDenOrgId: activeOrgId,
+          openworkDenWorkerId: workerId,
           directory: null,
           displayName: workerName,
         });
@@ -108,9 +126,47 @@ export function CloudWorkersView({
         setOpeningWorkerId(null);
       }
     },
-    [activeOrgId, client, connectRemoteWorkspace],
+    [activeOrgId, baseUrl, client, connectRemoteWorkspace],
   );
 
+  const attachStaticWorker = React.useCallback(async () => {
+    if (!activeOrgId) {
+      setWorkersError(t("den.error_choose_org"));
+      return;
+    }
+
+    const name = staticWorkerForm.name.trim();
+    const url = staticWorkerForm.url.trim();
+    const clientToken = staticWorkerForm.clientToken.trim();
+    const hostToken = staticWorkerForm.hostToken.trim();
+    if (!name || !url || !clientToken || !hostToken) {
+      setWorkersError("Name, URL, client token, and host token are required to attach a static worker.");
+      return;
+    }
+
+    setAttachBusy(true);
+    setWorkersError(null);
+    try {
+      const worker = await client.attachStaticWorker(activeOrgId, {
+        name,
+        url,
+        clientToken,
+        hostToken,
+      });
+      setWorkers((current) => [worker, ...current.filter((entry) => entry.workerId !== worker.workerId)]);
+      setStaticWorkerForm((current) => ({ ...current, url: "", clientToken: "", hostToken: "" }));
+      toast.success(`Attached ${worker.workerName}`);
+      void refreshWorkers(true);
+    } catch (error) {
+      const status = typeof error === "object" && error !== null && "status" in error ? Number((error as { status?: unknown }).status) : null;
+      setWorkersError(status === 403
+        ? "Only organization owners and admins can attach static workers. Ask an operator to register this worker."
+        : error instanceof Error ? error.message : "Static worker attach failed.");
+    } finally {
+      setAttachBusy(false);
+    }
+  }, [activeOrgId, client, refreshWorkers, staticWorkerForm]);
+
   if (!isSignedIn) {
     return (
       <SettingsStack>
@@ -130,6 +186,45 @@ export function CloudWorkersView({
   return (
     <SettingsStack>
       <Separator />
+      <SettingsNotice>
+        <div className="flex flex-col gap-3">
+          <div>
+            <div className="text-sm font-medium">Admin/operator: attach LAN static worker</div>
+            <div className="text-xs text-muted-foreground">
+              Organization owners and admins can register a pre-running OpenWork worker without manual database changes. The URL and tokens must match the worker container environment.
+            </div>
+          </div>
+          <div className="grid gap-2 md:grid-cols-2">
+            <Input
+              value={staticWorkerForm.name}
+              onChange={(event) => setStaticWorkerForm((current) => ({ ...current, name: event.currentTarget.value }))}
+              placeholder="Worker name"
+            />
+            <Input
+              value={staticWorkerForm.url}
+              onChange={(event) => setStaticWorkerForm((current) => ({ ...current, url: event.currentTarget.value }))}
+              placeholder="http://192.168.1.50:8787"
+            />
+            <Input
+              value={staticWorkerForm.clientToken}
+              onChange={(event) => setStaticWorkerForm((current) => ({ ...current, clientToken: event.currentTarget.value }))}
+              placeholder="OPENWORK_TOKEN"
+              type="password"
+            />
+            <Input
+              value={staticWorkerForm.hostToken}
+              onChange={(event) => setStaticWorkerForm((current) => ({ ...current, hostToken: event.currentTarget.value }))}
+              placeholder="OPENWORK_HOST_TOKEN"
+              type="password"
+            />
+          </div>
+          <div>
+            <Button size="sm" onClick={() => void attachStaticWorker()} disabled={attachBusy || workersBusy || !activeOrgId}>
+              {attachBusy ? "Attaching..." : "Attach static worker"}
+            </Button>
+          </div>
+        </div>
+      </SettingsNotice>
       <CloudWorkersSection
         openingWorkerId={openingWorkerId}
         workers={workers}
diff --git a/apps/app/src/react-app/domains/workspace/types.ts b/apps/app/src/react-app/domains/workspace/types.ts
index d4753233b5..56db0a64de 100644
--- a/apps/app/src/react-app/domains/workspace/types.ts
+++ b/apps/app/src/react-app/domains/workspace/types.ts
@@ -7,6 +7,9 @@ export type RemoteWorkspaceInput = {
   openworkToken?: string | null;
   openworkClientToken?: string | null;
   openworkHostToken?: string | null;
+  openworkDenBaseUrl?: string | null;
+  openworkDenOrgId?: string | null;
+  openworkDenWorkerId?: string | null;
   directory?: string | null;
   displayName?: string | null;
   closeModal?: boolean;
diff --git a/apps/app/src/react-app/shell/session-route.tsx b/apps/app/src/react-app/shell/session-route.tsx
index 2fb6cb23ee..4ccc73caad 100644
--- a/apps/app/src/react-app/shell/session-route.tsx
+++ b/apps/app/src/react-app/shell/session-route.tsx
@@ -145,6 +145,10 @@ import { useReactRenderWatchdog } from "./react-render-watchdog";
 
 import { readDenSettings } from "@/app/lib/den";
 import { denSessionUpdatedEvent } from "@/app/lib/den-session-events";
+import {
+  buildCloudManagedModelOptions,
+  buildCloudManagedModelIdsByProvider,
+} from "@/app/cloud/managed-provider-models";
 
 import { openModelPickerEvent, pendingModelPickerProviderIdsKey } from "./new-providers-toast";
 import { getModelBehaviorSummary } from "@/app/lib/model-behavior";
@@ -1430,8 +1434,8 @@ export function SessionRoute() {
     if (loading) return;
     if (workspaces.length > 0) return;
     if (local.prefs.hasCompletedOnboarding) return;
-    navigate("/welcome", { replace: true });
-  }, [loading, local.prefs.hasCompletedOnboarding, navigate, workspaces.length]);
+    navigate(denAuth.isSignedIn ? "/onboarding" : "/welcome", { replace: true });
+  }, [denAuth.isSignedIn, loading, local.prefs.hasCompletedOnboarding, navigate, workspaces.length]);
 
   // NOTE: Blueprint seeding was removed from the route.
   // It was firing `materializeBlueprintSessions` + a session re-fetch on every
@@ -1722,6 +1726,10 @@ export function SessionRoute() {
   // sync here so sign-in applies opencode.json changes before Settings opens.
   useCloudProviderAutoSync(sessionProviderAuthStore.runCloudProviderSync);
   const sessionProviderAuthSnapshot = useProviderAuthStoreSnapshot(sessionProviderAuthStore);
+  const cloudManagedModelIdsByProvider = useMemo(
+    () => buildCloudManagedModelIdsByProvider(sessionProviderAuthSnapshot.importedCloudProviders),
+    [sessionProviderAuthSnapshot.importedCloudProviders],
+  );
   const permissionQueryKey = useMemo(
     () =>
       selectedWorkspaceId && selectedSessionId
@@ -1998,28 +2006,11 @@ export function SessionRoute() {
         } catch {
           seenIds = new Set();
         }
-        const options: ModelOption[] = [];
-        for (const provider of getConnectedProviderItems(data)) {
-          const modelIds = Object.keys(provider.models);
-          const isNew = !seenIds.has(provider.id) || recentProviderIds.has(provider.id);
-          for (const id of modelIds) {
-            const model = provider.models[id];
-            options.push({
-              providerID: provider.id,
-              modelID: id,
-              title: model.name || id,
-              description: provider.name,
-              behaviorTitle: "Reasoning",
-              behaviorLabel: "Default",
-              behaviorDescription: "",
-              behaviorValue: null,
-              isFree: false,
-              isConnected: true,
-              isRecommended: isNew,
-              source: /^lpr_/i.test(provider.id) ? "cloud" as const : undefined,
-            });
-          }
-        }
+        const options = buildCloudManagedModelOptions({
+          providers: getConnectedProviderItems(data),
+          cloudManagedModelIdsByProvider,
+          isRecommendedProvider: (providerId) => !seenIds.has(providerId) || recentProviderIds.has(providerId),
+        });
         setModelOptions(options);
       } catch {
         // Silent: the picker surfaces an empty list rather than blocking the UI.
@@ -2028,7 +2019,7 @@ export function SessionRoute() {
     return () => {
       cancelled = true;
     };
-  }, [modelPickerOpen, opencodeBaseUrl, opencodeClient, recentProviderIds, selectedWorkspaceRoot]);
+  }, [cloudManagedModelIdsByProvider, modelPickerOpen, opencodeBaseUrl, opencodeClient, recentProviderIds, selectedWorkspaceRoot]);
 
   // Apply org-level restrictions (dev #1505) on top of the raw model list
   // so the picker never surfaces blocked options:
@@ -2892,6 +2883,7 @@ export function SessionRoute() {
       client={opencodeClient}
       opencodeBaseUrl={opencodeBaseUrl}
       selectedWorkspaceRoot={selectedWorkspaceRoot}
+      cloudManagedModelIdsByProvider={cloudManagedModelIdsByProvider}
     >
     {opencodeClient && selectedWorkspaceEndpoint && opencodeBaseUrl && selectedWorkspaceServerToken ? (
       <ReactSessionRuntime
diff --git a/apps/app/src/react-app/shell/settings-route.tsx b/apps/app/src/react-app/shell/settings-route.tsx
index aa317b1907..2afa5bd325 100644
--- a/apps/app/src/react-app/shell/settings-route.tsx
+++ b/apps/app/src/react-app/shell/settings-route.tsx
@@ -97,7 +97,6 @@ import { useCheckDesktopRestriction, useDesktopConfig } from "@/react-app/domain
 import { useRestrictionNotice } from "@/react-app/domains/cloud/restriction-notice-provider";
 import { useCloudProviderAutoSync } from "@/react-app/domains/cloud/use-cloud-provider-auto-sync";
 import {
-  hasOpenWorkModelsProvider,
   hideOpenWorkModelsPromo,
   isOpenWorkModelsPromoHidden,
   openWorkModelsPromoChangedEvent,
@@ -132,6 +131,7 @@ import { abortSessionSafe } from "@/app/lib/opencode-session";
 import { useReloadCoordinator } from "./reload-coordinator";
 import { buildFeedbackUrl } from "@/app/lib/feedback";
 import { getDenInferenceUrl } from "@/app/lib/den";
+import { buildCloudManagedModelIdsByProvider, buildCloudManagedModelOptions } from "@/app/cloud/managed-provider-models";
 import { readActiveWorkspaceId, writeActiveWorkspaceId } from "./session-memory";
 import { workspaceSessionRoute, workspaceSettingsRoute } from "./workspace-routes";
 import { getReactQueryClient } from "@/react-app/infra/query-client";
@@ -593,6 +593,7 @@ function SettingsRouteContent(props: SettingsSurfaceProps = {}) {
     () =>
       selectedWorkspace
         ? {
+            ...selectedWorkspace,
             id: selectedWorkspace.id,
             name: selectedWorkspace.name ?? selectedWorkspace.displayNameResolved,
             path: selectedWorkspace.path ?? "",
@@ -819,12 +820,12 @@ function SettingsRouteContent(props: SettingsSurfaceProps = {}) {
       Object.values(providerAuthSnapshot.importedCloudProviders ?? {}).some(isOpenWorkCloudProvider),
     [providerAuthSnapshot.cloudOrgProviders, providerAuthSnapshot.importedCloudProviders],
   );
+  const cloudManagedModelIdsByProvider = useMemo(
+    () => buildCloudManagedModelIdsByProvider(providerAuthSnapshot.importedCloudProviders),
+    [providerAuthSnapshot.importedCloudProviders],
+  );
   const [openWorkModelsPromoHidden, setOpenWorkModelsPromoHidden] = useState(isOpenWorkModelsPromoHidden);
-  const openWorkModelsConnected =
-    (cloudSession.isSignedIn && hasOpenWorkCloudProvider) ||
-    hasOpenWorkModelsProvider(providerConnectedIds);
-  const showOpenWorkModelsSubscribe = !openWorkModelsConnected && !openWorkModelsPromoHidden;
-  const showOpenWorkModelsConnect = !openWorkModelsConnected && openWorkModelsPromoHidden;
+  const showOpenWorkModelsSubscribe = (!cloudSession.isSignedIn || !hasOpenWorkCloudProvider) && !openWorkModelsPromoHidden;
 
   useEffect(() => {
     const handlePromoChanged = () => setOpenWorkModelsPromoHidden(isOpenWorkModelsPromoHidden());
@@ -925,7 +926,11 @@ function SettingsRouteContent(props: SettingsSurfaceProps = {}) {
   );
   const opencodeBaseUrl = selectedWorkspaceEndpoint?.opencodeBaseUrl ?? "";
   const runtimeWorkspaceId = selectedWorkspaceEndpoint?.workspaceId ?? selectedWorkspace?.id ?? null;
+  const workspaceOpenworkClient = selectedWorkspaceEndpoint?.client ?? openworkClient;
   routeStateRef.current.runtimeWorkspaceId = runtimeWorkspaceId;
+  routeStateRef.current.openworkServerClient = workspaceOpenworkClient;
+  routeStateRef.current.openworkServerStatus = workspaceOpenworkClient ? "connected" : "disconnected";
+  routeStateRef.current.openworkServerCapabilities = workspaceOpenworkClient ? ROUTE_OPENWORK_CAPABILITIES : null;
 
   const opencodeClient = useMemo(() => {
     if (!selectedWorkspaceEndpoint || !selectedWorkspaceEndpoint.token) return null;
@@ -1211,28 +1216,11 @@ function SettingsRouteContent(props: SettingsSurfaceProps = {}) {
         } catch {
           seenIds = new Set();
         }
-        const options: ModelOption[] = [];
-        for (const provider of getConnectedProviderItems(data)) {
-          const modelIds = Object.keys(provider.models);
-          const isNew = !seenIds.has(provider.id);
-          for (const id of modelIds) {
-            const model = provider.models[id];
-            options.push({
-              providerID: provider.id,
-              modelID: id,
-              title: model.name || id,
-              description: provider.name,
-              behaviorTitle: "Reasoning",
-              behaviorLabel: "Default",
-              behaviorDescription: "",
-              behaviorValue: null,
-              isFree: false,
-              isConnected: true,
-              isRecommended: isNew,
-              source: /^lpr_/i.test(provider.id) ? "cloud" as const : undefined,
-            });
-          }
-        }
+        const options = buildCloudManagedModelOptions({
+          providers: getConnectedProviderItems(data),
+          cloudManagedModelIdsByProvider,
+          isRecommendedProvider: (providerId) => !seenIds.has(providerId),
+        });
         setModelOptions(options);
       } catch (error) {
         toast.error(
@@ -1245,7 +1233,7 @@ function SettingsRouteContent(props: SettingsSurfaceProps = {}) {
     return () => {
       cancelled = true;
     };
-  }, [modelPickerOpen, opencodeBaseUrl, opencodeClient, selectedWorkspaceRoot]);
+  }, [cloudManagedModelIdsByProvider, modelPickerOpen, opencodeBaseUrl, opencodeClient, selectedWorkspaceRoot]);
 
   useEffect(() => {
     local.setUi((previous) => ({ ...previous, view: "settings", tab: route.tab }));
@@ -1601,10 +1589,6 @@ function SettingsRouteContent(props: SettingsSurfaceProps = {}) {
   // the settings route owns the provider-auth store.
   useCloudProviderAutoSync(providerAuthStore.runCloudProviderSync);
 
-  // Keep the Den cloud MCP configured with a fresh first-party token while
-  // signed in: connects on sign-in, re-mints on org switch and before expiry.
-  useCloudProviderAutoSync(() => connectionsStore.syncCloudControlMcp());
-
   useEffect(() => {
     if (route.tab !== "cloud-providers") return;
     void providerAuthStore.runCloudProviderSync("settings_cloud_opened");
@@ -1974,6 +1958,11 @@ function SettingsRouteContent(props: SettingsSurfaceProps = {}) {
   const handleCreateRemoteWorkspace = async (input: {
     openworkHostUrl?: string | null;
     openworkToken?: string | null;
+    openworkClientToken?: string | null;
+    openworkHostToken?: string | null;
+    openworkDenBaseUrl?: string | null;
+    openworkDenOrgId?: string | null;
+    openworkDenWorkerId?: string | null;
     directory?: string | null;
     displayName?: string | null;
   }) => {
@@ -1987,6 +1976,11 @@ function SettingsRouteContent(props: SettingsSurfaceProps = {}) {
         baseUrl: baseUrlValue,
         openworkHostUrl: baseUrlValue,
         openworkToken: input.openworkToken?.trim() || null,
+        openworkClientToken: input.openworkClientToken?.trim() || null,
+        openworkHostToken: input.openworkHostToken?.trim() || null,
+        openworkDenBaseUrl: input.openworkDenBaseUrl?.trim() || null,
+        openworkDenOrgId: input.openworkDenOrgId?.trim() || null,
+        openworkDenWorkerId: input.openworkDenWorkerId?.trim() || null,
         displayName: input.displayName?.trim() || null,
         directory: input.directory?.trim() || null,
         remoteType,
@@ -2120,7 +2114,6 @@ function SettingsRouteContent(props: SettingsSurfaceProps = {}) {
               Object.values(providerAuthSnapshot.importedCloudProviders ?? {}).map((p) => p.providerId)
             )}
             showOpenWorkModelsSubscribe={showOpenWorkModelsSubscribe}
-            showOpenWorkModelsConnect={showOpenWorkModelsConnect}
             onSubscribeOpenWorkModels={subscribeToOpenWorkModels}
             onDismissOpenWorkModels={dismissOpenWorkModelsPromo}
             cloudProvidersView={
@@ -2207,7 +2200,7 @@ function SettingsRouteContent(props: SettingsSurfaceProps = {}) {
                 mcpConnectingName={connectionsSnapshot.mcpConnectingName}
                 selectedMcp={connectionsSnapshot.selectedMcp}
                 setSelectedMcp={(name) => connectionsStore.setSelectedMcp(name)}
-                quickConnect={extensionItems.quickConnectEntries}
+                quickConnect={extensionItems.installedMcpEntries}
                 enablementContext={enablementContext}
                 builtInExtensionsDisabled={builtInExtensionsDisabled}
                 connectMcp={(entry) => {
@@ -2281,7 +2274,7 @@ function SettingsRouteContent(props: SettingsSurfaceProps = {}) {
       case "cloud-workers":
         return (
           <CloudWorkersView
-            connectRemoteWorkspace={async () => false}
+            connectRemoteWorkspace={handleCreateRemoteWorkspace}
             onOpenAccount={openCloudAccountSettings}
           />
         );
diff --git a/apps/app/src/react-app/shell/welcome-route.tsx b/apps/app/src/react-app/shell/welcome-route.tsx
index 2eafdd78bd..af9d407f93 100644
--- a/apps/app/src/react-app/shell/welcome-route.tsx
+++ b/apps/app/src/react-app/shell/welcome-route.tsx
@@ -29,6 +29,7 @@ import { buildDenAuthUrl, readDenSettings } from "../../app/lib/den";
 import { writeActiveWorkspaceId, writeLastSessionFor } from "./session-memory";
 import { workspaceSessionRoute } from "./workspace-routes";
 import { ensureDesktopLocalOpenworkConnection } from "./desktop-local-openwork";
+import { useDenAuth } from "../domains/cloud/den-auth-provider";
 
 function folderNameFromPath(path: string) {
   const normalized = path.replace(/\\/g, "/").replace(/\/+$/, "");
@@ -110,15 +111,21 @@ export function WelcomeRoute() {
   const navigate = useNavigate();
   const local = useLocal();
   const platform = usePlatform();
+  const denAuth = useDenAuth();
   const [state, dispatch] = useReducer(welcomeReducer, initialWelcomeState);
   const [manualFolder, setManualFolder] = useState("");
 
-  // If user already completed onboarding, redirect away immediately.
+  // Cloud-signed-in users should continue through org onboarding rather than
+  // the local workspace welcome flow.
   useEffect(() => {
+    if (denAuth.isSignedIn) {
+      navigate("/onboarding", { replace: true });
+      return;
+    }
     if (local.prefs.hasCompletedOnboarding) {
       navigate("/session", { replace: true });
     }
-  }, [local.prefs.hasCompletedOnboarding, navigate]);
+  }, [denAuth.isSignedIn, local.prefs.hasCompletedOnboarding, navigate]);
 
   const markOnboardingComplete = useCallback(() => {
     local.setPrefs((prev) => ({ ...prev, hasCompletedOnboarding: true }));
diff --git a/apps/app/src/react-app/shell/workspace-provider.ts b/apps/app/src/react-app/shell/workspace-provider.ts
index fc3af36762..78f8970205 100644
--- a/apps/app/src/react-app/shell/workspace-provider.ts
+++ b/apps/app/src/react-app/shell/workspace-provider.ts
@@ -6,6 +6,7 @@ type WorkspaceContextValue = {
   client: Client | null;
   opencodeBaseUrl: string;
   selectedWorkspaceRoot: string;
+  cloudManagedModelIdsByProvider: Map<string, Set<string>>;
 };
 
 const WorkspaceContext = React.createContext<WorkspaceContextValue | null>(null);
@@ -14,6 +15,7 @@ type WorkspaceProviderProps = {
   client: Client | null;
   opencodeBaseUrl?: string;
   selectedWorkspaceRoot: string;
+  cloudManagedModelIdsByProvider?: Map<string, Set<string>>;
   children: React.ReactNode;
 };
 
@@ -21,11 +23,17 @@ export function WorkspaceProvider({
   client,
   opencodeBaseUrl = "",
   selectedWorkspaceRoot,
+  cloudManagedModelIdsByProvider,
   children,
 }: WorkspaceProviderProps) {
   const value = React.useMemo(
-    () => ({ client, opencodeBaseUrl, selectedWorkspaceRoot }),
-    [client, opencodeBaseUrl, selectedWorkspaceRoot],
+    () => ({
+      client,
+      opencodeBaseUrl,
+      selectedWorkspaceRoot,
+      cloudManagedModelIdsByProvider: cloudManagedModelIdsByProvider ?? new Map<string, Set<string>>(),
+    }),
+    [client, cloudManagedModelIdsByProvider, opencodeBaseUrl, selectedWorkspaceRoot],
   );
 
   return React.createElement(WorkspaceContext.Provider, { value }, children);
diff --git a/apps/app/tests/den-managed-provider-sync.test.ts b/apps/app/tests/den-managed-provider-sync.test.ts
new file mode 100644
index 0000000000..51adc79fef
--- /dev/null
+++ b/apps/app/tests/den-managed-provider-sync.test.ts
@@ -0,0 +1,102 @@
+import { afterEach, describe, expect, test } from "bun:test";
+
+import { createDenClient, DenApiError } from "../src/app/lib/den";
+
+const originalFetch = globalThis.fetch;
+
+describe("Den managed provider worker sync client", () => {
+  afterEach(() => {
+    Object.defineProperty(globalThis, "fetch", {
+      configurable: true,
+      value: originalFetch,
+    });
+  });
+
+  test("posts to the org-scoped worker sync endpoint", async () => {
+    const calls: Array<{ url: string; method: string; org: string | null; authorized: boolean; body: string | null }> = [];
+    const fetchMock: typeof fetch = async (input, init) => {
+      const headers = new Headers(init?.headers);
+      calls.push({
+        url: String(input),
+        method: init?.method ?? "GET",
+        org: headers.get("x-openwork-legacy-org-id"),
+        authorized: headers.get("authorization") === "Bearer user-token",
+        body: typeof init?.body === "string" ? init.body : null,
+      });
+      return new Response(JSON.stringify({
+        status: "applied",
+        providerCount: 1,
+        revision: "safe-revision",
+        providerIds: ["lpr_applied"],
+      }), {
+        headers: { "Content-Type": "application/json" },
+        status: 200,
+      });
+    };
+
+    Object.defineProperty(globalThis, "fetch", {
+      configurable: true,
+      value: fetchMock,
+    });
+
+    const client = createDenClient({ baseUrl: "http://den.local", token: "user-token" });
+    const result = await client.syncWorkerManagedProviders("org_test", "wrk_test");
+
+    expect(result).toEqual({ status: "applied", providerCount: 1, revision: "safe-revision", providerIds: ["lpr_applied"] });
+    expect(calls).toEqual([{
+      url: "http://den.local/v1/workers/wrk_test/managed-providers/sync",
+      method: "POST",
+      org: "org_test",
+      authorized: true,
+      body: "{}",
+    }]);
+  });
+
+  test("surfaces sanitized worker sync failures", async () => {
+    const secret = "sk-secret-value";
+    const fetchMock: typeof fetch = async () => new Response(JSON.stringify({
+      error: "managed_provider_sync_failed",
+      message: "Worker provider sync failed.",
+      details: { redacted: true },
+      secret,
+    }), {
+      headers: { "Content-Type": "application/json" },
+      status: 502,
+    });
+
+    Object.defineProperty(globalThis, "fetch", {
+      configurable: true,
+      value: fetchMock,
+    });
+
+    const client = createDenClient({ baseUrl: "http://den.local", token: "user-token" });
+
+    await expect(client.syncWorkerManagedProviders("org_test", "wrk_test")).rejects.toThrow("Worker provider sync failed.");
+    try {
+      await client.syncWorkerManagedProviders("org_test", "wrk_test");
+    } catch (error) {
+      expect(error).toBeInstanceOf(DenApiError);
+      expect(error instanceof Error ? error.message.includes(secret) : true).toBe(false);
+    }
+  });
+
+  test("rejects sync payloads whose applied provider IDs do not match the provider count", async () => {
+    const fetchMock: typeof fetch = async () => new Response(JSON.stringify({
+      status: "applied",
+      providerCount: 2,
+      revision: "mismatch-revision",
+      providerIds: ["lpr_only_one"],
+    }), {
+      headers: { "Content-Type": "application/json" },
+      status: 200,
+    });
+
+    Object.defineProperty(globalThis, "fetch", {
+      configurable: true,
+      value: fetchMock,
+    });
+
+    const client = createDenClient({ baseUrl: "http://den.local", token: "user-token" });
+    await expect(client.syncWorkerManagedProviders("org_test", "wrk_test")).rejects.toThrow("Managed provider sync response was invalid.");
+  });
+});
diff --git a/apps/app/tests/managed-provider-models.test.ts b/apps/app/tests/managed-provider-models.test.ts
new file mode 100644
index 0000000000..3dbc991528
--- /dev/null
+++ b/apps/app/tests/managed-provider-models.test.ts
@@ -0,0 +1,154 @@
+import { describe, expect, test } from "bun:test";
+
+import {
+  buildCloudManagedModelOptions,
+  buildCloudManagedModelIdsByProvider,
+  hasCloudManagedModelAllowlist,
+  isCloudManagedModelAllowed,
+} from "../src/app/cloud/managed-provider-models";
+import type { CloudImportedProvider } from "../src/app/cloud/import-state";
+import type { ProviderListItem } from "../src/app/types";
+
+function importedProvider(input: Pick<CloudImportedProvider, "cloudProviderId" | "providerId" | "sourceProviderId" | "name" | "modelIds">): CloudImportedProvider {
+  return {
+    ...input,
+    source: "models_dev",
+    updatedAt: null,
+    importedAt: 1,
+  };
+}
+
+function visibleModelIds(providerId: string, modelIds: string[], allowlist: Map<string, Set<string>>) {
+  return modelIds.filter((modelId) => isCloudManagedModelAllowed(allowlist, providerId, modelId));
+}
+
+function provider(id: string, name: string, modelIds: string[]): ProviderListItem {
+  return {
+    id,
+    name,
+    source: "config",
+    models: Object.fromEntries(modelIds.map((modelId) => [modelId, { id: modelId, name: modelId }])),
+  };
+}
+
+function staleOpenAiModelIds(): string[] {
+  const explicit = [
+    "gpt-5.4",
+    "gpt-5.5",
+    "gpt-5.5-pro",
+    "gpt-5.5-fast",
+    "text-embedding-3-large",
+    "gpt-4o",
+    "gpt-image-1-mini",
+    "gpt-5.4-fast",
+    "o4-mini",
+  ];
+  const generated = Array.from({ length: 45 }, (_, index) => `stale-openai-catalog-${index + 1}`);
+  return [...explicit, ...generated];
+}
+
+describe("managed cloud provider model allowlists", () => {
+  test("session modal and compact select option builder filters 54 stale OpenAI models to selected IDs", () => {
+    const allowlist = buildCloudManagedModelIdsByProvider({
+      lpr_openai: importedProvider({
+        cloudProviderId: "lpr_openai",
+        providerId: "openai",
+        sourceProviderId: "openai",
+        name: "openAI_server",
+        modelIds: ["gpt-5.4", "gpt-5.5"],
+      }),
+    });
+
+    const rawOpenAiProviderListIds = staleOpenAiModelIds();
+
+    expect(rawOpenAiProviderListIds).toHaveLength(54);
+    expect(hasCloudManagedModelAllowlist(allowlist, "openai")).toBe(true);
+    expect(visibleModelIds("openai", rawOpenAiProviderListIds, allowlist)).toEqual(["gpt-5.4", "gpt-5.5"]);
+    expect(buildCloudManagedModelOptions({
+      providers: [provider("openai", "openAI_server", rawOpenAiProviderListIds)],
+      cloudManagedModelIdsByProvider: allowlist,
+      isRecommendedProvider: (providerId) => providerId === "openai",
+    }).map((option) => ({
+      providerID: option.providerID,
+      modelID: option.modelID,
+      source: option.source,
+      isRecommended: option.isRecommended,
+    }))).toEqual([
+      { providerID: "openai", modelID: "gpt-5.4", source: "cloud", isRecommended: true },
+      { providerID: "openai", modelID: "gpt-5.5", source: "cloud", isRecommended: true },
+    ]);
+  });
+
+  test("keeps API-key NVIDIA managed provider selected IDs intact", () => {
+    const allowlist = buildCloudManagedModelIdsByProvider({
+      lpr_nvidia: importedProvider({
+        cloudProviderId: "lpr_nvidia",
+        providerId: "lpr_nvidia",
+        sourceProviderId: "nvidia",
+        name: "nvidia",
+        modelIds: ["deepseek-ai/deepseek-v4-flash", "google/gemma-4-31b-it"],
+      }),
+    });
+
+    expect(visibleModelIds("lpr_nvidia", ["deepseek-ai/deepseek-v4-flash", "google/gemma-4-31b-it"], allowlist)).toEqual([
+      "deepseek-ai/deepseek-v4-flash",
+      "google/gemma-4-31b-it",
+    ]);
+    expect(buildCloudManagedModelOptions({
+      providers: [provider("lpr_nvidia", "nvidia", ["deepseek-ai/deepseek-v4-flash", "google/gemma-4-31b-it"])],
+      cloudManagedModelIdsByProvider: allowlist,
+    }).map((option) => option.modelID)).toEqual([
+      "deepseek-ai/deepseek-v4-flash",
+      "google/gemma-4-31b-it",
+    ]);
+  });
+
+  test("does not filter non-managed providers without imported model IDs", () => {
+    const allowlist = buildCloudManagedModelIdsByProvider({});
+
+    expect(visibleModelIds("anthropic", ["claude-sonnet", "claude-opus"], allowlist)).toEqual([
+      "claude-sonnet",
+      "claude-opus",
+    ]);
+  });
+
+  test("merges duplicate imported provider model allowlists by provider ID", () => {
+    const allowlist = buildCloudManagedModelIdsByProvider({
+      llmProvider_openai_one: importedProvider({
+        cloudProviderId: "llmProvider_openai_one",
+        providerId: "openai",
+        sourceProviderId: "openai",
+        name: "OpenAI one",
+        modelIds: ["gpt-5.4"],
+      }),
+      llmProvider_openai_two: importedProvider({
+        cloudProviderId: "llmProvider_openai_two",
+        providerId: "openai",
+        sourceProviderId: "openai",
+        name: "OpenAI two",
+        modelIds: ["gpt-5.5"],
+      }),
+    });
+
+    expect(visibleModelIds("openai", ["gpt-5.4", "gpt-5.5", "gpt-4o"], allowlist)).toEqual(["gpt-5.4", "gpt-5.5"]);
+  });
+
+  test("model picker options for OAuth-managed providers keep runtime provider IDs for defaults", () => {
+    const allowlist = buildCloudManagedModelIdsByProvider({
+      lpr_den_openai: importedProvider({
+        cloudProviderId: "lpr_den_openai",
+        providerId: "openai",
+        sourceProviderId: "openai",
+        name: "OpenAI from Den",
+        modelIds: ["gpt-5.5"],
+      }),
+    });
+
+    expect(buildCloudManagedModelOptions({
+      providers: [provider("openai", "OpenAI", ["gpt-5.5"])],
+      cloudManagedModelIdsByProvider: allowlist,
+    }).map((option) => ({ providerID: option.providerID, modelID: option.modelID }))).toEqual([
+      { providerID: "openai", modelID: "gpt-5.5" },
+    ]);
+  });
+});
diff --git a/apps/app/tests/provider-auth-managed-providers.test.ts b/apps/app/tests/provider-auth-managed-providers.test.ts
new file mode 100644
index 0000000000..38f73db0c1
--- /dev/null
+++ b/apps/app/tests/provider-auth-managed-providers.test.ts
@@ -0,0 +1,72 @@
+import { describe, expect, test } from "bun:test";
+
+import type { DenOrgLlmProvider } from "../src/app/lib/den";
+import {
+  getCloudManagedProviderId,
+  resolveAppliedManagedProvidersFromSyncResult,
+} from "../src/react-app/domains/connections/provider-auth/store";
+
+function provider(input: Partial<DenOrgLlmProvider> & Pick<DenOrgLlmProvider, "id" | "providerId">): DenOrgLlmProvider {
+  return {
+    source: "models_dev",
+    credentialKind: "api_key",
+    name: input.providerId,
+    providerConfig: {},
+    hasApiKey: true,
+    hasOpencodeAuth: false,
+    hasCredential: true,
+    models: [],
+    createdAt: null,
+    updatedAt: null,
+    ...input,
+  };
+}
+
+describe("cloud managed provider import identity", () => {
+  test("resolves runtime provider IDs for OAuth and OpenWork managed providers", () => {
+    expect(getCloudManagedProviderId(provider({
+      id: "lpr_openai",
+      providerId: "openai",
+      credentialKind: "opencode_oauth",
+    }))).toBe("openai");
+
+    expect(getCloudManagedProviderId(provider({
+      id: "lpr_openwork",
+      providerId: "openwork-cloud",
+      source: "openwork",
+    }))).toBe("openwork");
+
+    expect(getCloudManagedProviderId(provider({
+      id: "lpr_nvidia",
+      providerId: "nvidia",
+      credentialKind: "api_key",
+    }))).toBe("lpr_nvidia");
+  });
+
+  test("remote sync only records providers identified as applied by Den", () => {
+    const liveProviders = [
+      provider({ id: "lpr_applied", providerId: "openai" }),
+      provider({ id: "lpr_filtered", providerId: "anthropic" }),
+    ];
+
+    expect(resolveAppliedManagedProvidersFromSyncResult({
+      providerCount: 1,
+      providerIds: ["lpr_applied"],
+    }, liveProviders).map((entry) => entry.id)).toEqual(["lpr_applied"]);
+  });
+
+  test("remote sync clears imported state when Den applies an empty provider set", () => {
+    expect(resolveAppliedManagedProvidersFromSyncResult({
+      providerCount: 0,
+    }, [provider({ id: "lpr_filtered", providerId: "anthropic" })])).toEqual([]);
+  });
+
+  test("remote sync refuses ambiguous partial results without applied provider IDs", () => {
+    expect(() => resolveAppliedManagedProvidersFromSyncResult({
+      providerCount: 1,
+    }, [
+      provider({ id: "lpr_applied", providerId: "openai" }),
+      provider({ id: "lpr_filtered", providerId: "anthropic" }),
+    ])).toThrow("did not identify which providers were applied");
+  });
+});
diff --git a/apps/desktop/electron/bootstrap-config.mjs b/apps/desktop/electron/bootstrap-config.mjs
new file mode 100644
index 0000000000..6ecab7abfe
--- /dev/null
+++ b/apps/desktop/electron/bootstrap-config.mjs
@@ -0,0 +1,151 @@
+import os from "node:os";
+import path from "node:path";
+
+export const DEFAULT_DEN_BASE_URL = "https://app.openworklabs.com";
+
+export function envFlagEnabled(name, env = process.env) {
+  const value = env[name]?.trim().toLowerCase();
+  return value === "1" || value === "true" || value === "yes" || value === "on";
+}
+
+function configHomePath({ env = process.env, platform = process.platform, homedir = os.homedir() } = {}) {
+  if (env.XDG_CONFIG_HOME?.trim()) return env.XDG_CONFIG_HOME.trim();
+  if (platform === "win32" && env.APPDATA?.trim()) return env.APPDATA.trim();
+  return path.join(homedir, ".config");
+}
+
+export function managedDesktopBootstrapPath({ env = process.env, platform = process.platform } = {}) {
+  if (platform === "win32") {
+    const programData = env.ProgramData?.trim() || env.PROGRAMDATA?.trim() || "C:\\ProgramData";
+    return path.join(programData, "OpenWork", "desktop-bootstrap.json");
+  }
+  if (platform === "darwin") {
+    return path.join("/Library", "Application Support", "OpenWork", "desktop-bootstrap.json");
+  }
+  return path.join("/etc", "openwork", "desktop-bootstrap.json");
+}
+
+export function userDesktopBootstrapPath(options = {}) {
+  return path.join(configHomePath(options), "openwork", "desktop-bootstrap.json");
+}
+
+export function legacyDevDesktopBootstrapPath({ homedir = os.homedir() } = {}) {
+  return path.join(homedir, ".config", "openwork", "desktop-bootstrap.json");
+}
+
+export function desktopBootstrapCandidates(options = {}) {
+  const { env = process.env } = options;
+  const candidates = [];
+  const envOverride = env.OPENWORK_DESKTOP_BOOTSTRAP_PATH?.trim();
+  if (envOverride) {
+    candidates.push({ source: "env", path: envOverride });
+  }
+  candidates.push(
+    { source: "managed", path: managedDesktopBootstrapPath(options) },
+    { source: "user", path: userDesktopBootstrapPath(options) },
+  );
+  const legacyDevPath = legacyDevDesktopBootstrapPath(options);
+  if (!candidates.some((candidate) => candidate.path === legacyDevPath)) {
+    candidates.push({ source: "user-dev", path: legacyDevPath });
+  }
+  return candidates;
+}
+
+export function defaultDesktopBootstrapConfig({ env = process.env } = {}) {
+  return {
+    baseUrl: DEFAULT_DEN_BASE_URL,
+    apiBaseUrl: null,
+    requireSignin: envFlagEnabled("OPENWORK_FORCE_SIGNIN", env),
+    source: "default",
+    path: null,
+  };
+}
+
+export function normalizeDesktopBootstrapConfig(input, options = {}) {
+  const baseUrl = typeof input?.baseUrl === "string" ? input.baseUrl.trim() : "";
+  if (!baseUrl) throw new Error("baseUrl is required");
+  const apiBaseUrl = typeof input?.apiBaseUrl === "string" && input.apiBaseUrl.trim().length > 0
+    ? input.apiBaseUrl.trim()
+    : null;
+  return {
+    baseUrl,
+    apiBaseUrl,
+    requireSignin: envFlagEnabled("OPENWORK_FORCE_SIGNIN", options.env) || input?.requireSignin === true,
+  };
+}
+
+export function normalizeUrlOrigin(input) {
+  const raw = String(input ?? "").trim();
+  if (!raw) return "";
+  try {
+    return new URL(raw).origin.replace(/\/+$/, "").toLowerCase();
+  } catch {
+    return raw.replace(/\/+$/, "").toLowerCase();
+  }
+}
+
+export function isWorkspaceCompatibleWithManagedDen(workspace, denBaseUrl) {
+  if (workspace?.workspaceType !== "remote" || workspace?.remoteType !== "openwork") return true;
+  const activeDenOrigin = normalizeUrlOrigin(denBaseUrl);
+  if (!activeDenOrigin) return true;
+  const workspaceDenOrigin = normalizeUrlOrigin(workspace?.openworkDenBaseUrl);
+  // Legacy remote OpenWork records predate Den-origin metadata. Keep them in
+  // persisted desktop state so startup/filtering is non-destructive; only hide
+  // records that explicitly belong to a different Den origin.
+  if (!workspaceDenOrigin) return true;
+  return workspaceDenOrigin === activeDenOrigin;
+}
+
+export function filterWorkspacesForManagedDen(workspaces, denBaseUrl) {
+  const input = Array.isArray(workspaces) ? workspaces : [];
+  return input.filter((workspace) => isWorkspaceCompatibleWithManagedDen(workspace, denBaseUrl));
+}
+
+const PERSISTED_WORKSPACES_FOR_WRITE = "__openworkPersistedWorkspacesForWrite";
+
+export function runtimeWorkspaceStateForManagedDen(state, denBaseUrl) {
+  const persistedWorkspaces = Array.isArray(state?.workspaces) ? state.workspaces : [];
+  const runtimeState = {
+    ...state,
+    workspaces: filterWorkspacesForManagedDen(persistedWorkspaces, denBaseUrl),
+  };
+  return attachPersistedWorkspacesForWrite(runtimeState, persistedWorkspaces);
+}
+
+export function attachPersistedWorkspacesForWrite(state, persistedWorkspaces) {
+  Object.defineProperty(state, PERSISTED_WORKSPACES_FOR_WRITE, {
+    value: Array.isArray(persistedWorkspaces) ? persistedWorkspaces : [],
+    enumerable: false,
+  });
+  return state;
+}
+
+export function mergeWorkspaceListsPreservingHidden(persistedWorkspaces, runtimeWorkspaces) {
+  const output = Array.isArray(persistedWorkspaces) ? [...persistedWorkspaces] : [];
+  const indexById = new Map();
+  output.forEach((workspace, index) => {
+    const workspaceId = String(workspace?.id ?? "").trim();
+    if (workspaceId) indexById.set(workspaceId, index);
+  });
+  for (const workspace of Array.isArray(runtimeWorkspaces) ? runtimeWorkspaces : []) {
+    const workspaceId = String(workspace?.id ?? "").trim();
+    if (!workspaceId) {
+      output.push(workspace);
+      continue;
+    }
+    const existingIndex = indexById.get(workspaceId);
+    if (existingIndex === undefined) {
+      indexById.set(workspaceId, output.length);
+      output.push(workspace);
+      continue;
+    }
+    output[existingIndex] = workspace;
+  }
+  return output;
+}
+
+export function persistedWorkspacesForRuntimeState(state) {
+  return Array.isArray(state?.[PERSISTED_WORKSPACES_FOR_WRITE])
+    ? state[PERSISTED_WORKSPACES_FOR_WRITE]
+    : null;
+}
diff --git a/apps/desktop/electron/bootstrap-config.test.mjs b/apps/desktop/electron/bootstrap-config.test.mjs
new file mode 100644
index 0000000000..4644272e48
--- /dev/null
+++ b/apps/desktop/electron/bootstrap-config.test.mjs
@@ -0,0 +1,106 @@
+import assert from "node:assert/strict";
+import path from "node:path";
+import test from "node:test";
+
+import {
+  attachPersistedWorkspacesForWrite,
+  desktopBootstrapCandidates,
+  filterWorkspacesForManagedDen,
+  managedDesktopBootstrapPath,
+  mergeWorkspaceListsPreservingHidden,
+  normalizeDesktopBootstrapConfig,
+  persistedWorkspacesForRuntimeState,
+  runtimeWorkspaceStateForManagedDen,
+} from "./bootstrap-config.mjs";
+
+test("desktop bootstrap candidates use env, managed, user/dev, then defaults", () => {
+  const env = {
+    OPENWORK_DESKTOP_BOOTSTRAP_PATH: "D:\\managed\\override.json",
+    ProgramData: "C:\\ProgramData",
+    APPDATA: "C:\\Users\\Alice\\AppData\\Roaming",
+  };
+
+  const candidates = desktopBootstrapCandidates({
+    env,
+    platform: "win32",
+    homedir: "C:\\Users\\Alice",
+  });
+
+  assert.deepEqual(candidates.map((candidate) => candidate.source), [
+    "env",
+    "managed",
+    "user",
+    "user-dev",
+  ]);
+  assert.equal(candidates[0].path, env.OPENWORK_DESKTOP_BOOTSTRAP_PATH);
+  assert.equal(candidates[1].path, path.join("C:\\ProgramData", "OpenWork", "desktop-bootstrap.json"));
+  assert.equal(candidates[2].path, path.join("C:\\Users\\Alice\\AppData\\Roaming", "openwork", "desktop-bootstrap.json"));
+  assert.equal(candidates[3].path, path.join("C:\\Users\\Alice", ".config", "openwork", "desktop-bootstrap.json"));
+});
+
+test("windows managed bootstrap defaults to ProgramData without env override", () => {
+  assert.equal(
+    managedDesktopBootstrapPath({ env: {}, platform: "win32" }),
+    path.join("C:\\ProgramData", "OpenWork", "desktop-bootstrap.json"),
+  );
+});
+
+test("normalize desktop bootstrap honors forced sign-in env", () => {
+  assert.deepEqual(
+    normalizeDesktopBootstrapConfig(
+      { baseUrl: " http://den.local:3005 ", apiBaseUrl: "", requireSignin: false },
+      { env: { OPENWORK_FORCE_SIGNIN: "true" } },
+    ),
+    { baseUrl: "http://den.local:3005", apiBaseUrl: null, requireSignin: true },
+  );
+});
+
+test("managed Den filtering keeps legacy remote OpenWork workspaces non-destructively", () => {
+  const workspaces = [
+    { id: "local", workspaceType: "local" },
+    { id: "legacy", workspaceType: "remote", remoteType: "openwork", openworkHostUrl: "http://old-worker:8787" },
+    { id: "wrong-den", workspaceType: "remote", remoteType: "openwork", openworkDenBaseUrl: "http://old-den:3005" },
+    { id: "current-den", workspaceType: "remote", remoteType: "openwork", openworkDenBaseUrl: "http://den.company.local:3005/api/den" },
+    { id: "other-remote", workspaceType: "remote", remoteType: "opencode" },
+  ];
+
+  assert.deepEqual(
+    filterWorkspacesForManagedDen(workspaces, "http://den.company.local:3005").map((workspace) => workspace.id),
+    ["local", "legacy", "current-den", "other-remote"],
+  );
+});
+
+test("managed Den runtime state hides incompatible workspaces while preserving persistence input", () => {
+  const persistedWorkspaces = [
+    { id: "wrong-den", workspaceType: "remote", remoteType: "openwork", openworkDenBaseUrl: "http://old-den:3005" },
+    { id: "current-den", workspaceType: "remote", remoteType: "openwork", openworkDenBaseUrl: "http://den.company.local:3005" },
+    { id: "local", workspaceType: "local", path: "/repo" },
+  ];
+
+  const runtimeState = runtimeWorkspaceStateForManagedDen(
+    { selectedId: "current-den", workspaces: persistedWorkspaces },
+    "http://den.company.local:3005/api/den",
+  );
+
+  assert.deepEqual(runtimeState.workspaces.map((workspace) => workspace.id), ["current-den", "local"]);
+  assert.deepEqual(persistedWorkspacesForRuntimeState(runtimeState), persistedWorkspaces);
+});
+
+test("managed Den writes merge compatible runtime edits without dropping hidden persisted entries", () => {
+  const persistedWorkspaces = [
+    { id: "wrong-den", workspaceType: "remote", remoteType: "openwork", openworkDenBaseUrl: "http://old-den:3005" },
+    { id: "current-den", workspaceType: "remote", remoteType: "openwork", openworkDenBaseUrl: "http://den.company.local:3005", name: "Before" },
+  ];
+  const runtimeState = attachPersistedWorkspacesForWrite(
+    { workspaces: [{ id: "current-den", workspaceType: "remote", remoteType: "openwork", openworkDenBaseUrl: "http://den.company.local:3005", name: "After" }] },
+    persistedWorkspaces,
+  );
+
+  assert.deepEqual(
+    mergeWorkspaceListsPreservingHidden(persistedWorkspacesForRuntimeState(runtimeState), runtimeState.workspaces),
+    [
+      { id: "wrong-den", workspaceType: "remote", remoteType: "openwork", openworkDenBaseUrl: "http://old-den:3005" },
+      { id: "current-den", workspaceType: "remote", remoteType: "openwork", openworkDenBaseUrl: "http://den.company.local:3005", name: "After" },
+    ],
+  );
+});
diff --git a/apps/desktop/electron/browser-mcp.mjs b/apps/desktop/electron/browser-mcp.mjs
new file mode 100644
index 0000000000..76a8a4c3aa
--- /dev/null
+++ b/apps/desktop/electron/browser-mcp.mjs
@@ -0,0 +1,377 @@
+/**
+ * In-process browser MCP servers.
+ *
+ * Two servers:
+ *   1. "openwork-browser" — controls the embedded WebContentsView using
+ *      native Electron webContents APIs (no Puppeteer, no app-level CDP).
+ *   2. "chrome" — connects to the user's external Chrome via Puppeteer/CDP.
+ *
+ * Both are exposed as HTTP MCP endpoints that OpenCode connects to as
+ * remote MCP servers.
+ */
+
+import { createServer } from "node:http";
+import { randomUUID } from "node:crypto";
+
+// ── Native built-in browser server ────────────────────────────────────
+import { createNativeBuiltinServer } from "./browser-native-tools.mjs";
+
+// ── Chrome DevTools MCP internals (for EXTERNAL Chrome only) ──────────
+// IMPORTANT: never import main.js — it runs parseArguments at module load.
+import "chrome-devtools-mcp/build/src/polyfill.js";
+
+import {
+  McpServer,
+  SetLevelRequestSchema,
+  puppeteer,
+} from "chrome-devtools-mcp/build/src/third_party/index.js";
+
+import { tools as chromeDevtoolsTools } from "chrome-devtools-mcp/build/src/tools/tools.js";
+import { McpContext } from "chrome-devtools-mcp/build/src/McpContext.js";
+import { McpResponse } from "chrome-devtools-mcp/build/src/McpResponse.js";
+import { Mutex } from "chrome-devtools-mcp/build/src/Mutex.js";
+
+// MCP SDK HTTP transport — works with the same McpServer
+import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
+
+// ── Helpers ────────────────────────────────────────────────────────────
+
+function noop() {}
+
+/** Wrap a promise with a timeout. Rejects with a descriptive error. */
+function withTimeout(promise, ms, label) {
+  let timer;
+  return Promise.race([
+    promise,
+    new Promise((_, reject) => {
+      timer = setTimeout(() => reject(new Error(`${label}: timed out after ${ms}ms`)), ms);
+    }),
+  ]).finally(() => clearTimeout(timer));
+}
+
+/**
+ * Target filter for the EXTERNAL Chrome server — accept all normal pages,
+ * skip chrome:// and extension pages.
+ */
+const EXTERNAL_TARGET_FILTER = (target) => {
+  const url = target.url();
+  if (url === "chrome://newtab/") return true;
+  if (url.startsWith("chrome://") || url.startsWith("chrome-extension://")) return false;
+  return true;
+};
+
+async function connectExternalBrowser(browserURL) {
+  return withTimeout(
+    puppeteer.connect({
+      browserURL,
+      targetFilter: EXTERNAL_TARGET_FILTER,
+      defaultViewport: null,
+    }),
+    10_000,
+    "connectExternalBrowser",
+  );
+}
+
+/**
+ * Create an MCP server backed by chrome-devtools-mcp tools.
+ * Used ONLY for the external Chrome server.
+ */
+function createExternalChromeServer({ getBrowser }) {
+  const server = new McpServer(
+    { name: "chrome", version: "0.1.0" },
+    { capabilities: { logging: {} } },
+  );
+
+  server.server.setRequestHandler(SetLevelRequestSchema, () => ({}));
+
+  const mutex = new Mutex();
+  let context = null;
+  let lastBrowser = null;
+
+  async function getContext() {
+    const browser = await getBrowser();
+    if (!browser?.connected) {
+      throw new Error("Browser not connected for chrome");
+    }
+    if (browser !== lastBrowser) {
+      lastBrowser = browser;
+      context = await McpContext.from(browser, noop, {
+        experimentalDevToolsDebugging: false,
+        experimentalIncludeAllPages: false,
+        performanceCrux: false,
+      });
+    }
+    return context;
+  }
+
+  for (const tool of chromeDevtoolsTools) {
+    server.tool(
+      tool.name,
+      tool.description,
+      tool.schema,
+      async (params) => {
+        const guard = await mutex.acquire();
+        try {
+          const ctx = await getContext();
+          const response = new McpResponse();
+          const TOOL_TIMEOUT = 30_000;
+          await withTimeout(
+            tool.handler({ params }, response, ctx),
+            TOOL_TIMEOUT,
+            `chrome/${tool.name}`,
+          );
+          const { content } = await response.handle(tool.name, ctx);
+          return { content };
+        } catch (err) {
+          const msg = err instanceof Error ? err.message : String(err);
+          return { content: [{ type: "text", text: `Error: ${msg}` }] };
+        } finally {
+          guard.dispose();
+        }
+      },
+    );
+  }
+
+  return server;
+}
+
+// ── HTTP wrappers ──────────────────────────────────────────────────────
+
+/**
+ * Start an MCP-over-HTTP server on a random localhost port.
+ *
+ * Uses one StreamableHTTPServerTransport per session.  Each new session
+ * (no mcp-session-id header) gets its own transport + server instance
+ * created by the factory.
+ *
+ * Returns { port, close }.
+ */
+async function startMcpHttpServer(mcpServerFactory, preferredPort = 0) {
+  const sessions = new Map();
+
+  const httpServer = createServer(async (req, res) => {
+    try {
+      const url = new URL(req.url ?? "/", `http://127.0.0.1`);
+
+      if (req.method === "GET" && url.pathname === "/health") {
+        res.writeHead(200, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ ok: true }));
+        return;
+      }
+
+      if (url.pathname !== "/mcp") {
+        res.writeHead(404);
+        res.end("Not found");
+        return;
+      }
+
+      const sessionId = req.headers["mcp-session-id"];
+
+      if (req.method === "POST") {
+        // Existing session
+        if (sessionId && sessions.has(sessionId)) {
+          const transport = sessions.get(sessionId);
+          await transport.handleRequest(req, res);
+          return;
+        }
+
+        // New session — create a fresh transport + server
+        const transport = new StreamableHTTPServerTransport({
+          sessionIdGenerator: () => randomUUID(),
+          onsessioninitialized: (id) => {
+            sessions.set(id, transport);
+          },
+        });
+        const server = mcpServerFactory();
+        await server.connect(transport);
+        await transport.handleRequest(req, res);
+        return;
+      }
+
+      if (req.method === "GET") {
+        if (sessionId && sessions.has(sessionId)) {
+          await sessions.get(sessionId).handleRequest(req, res);
+          return;
+        }
+        res.writeHead(400, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "No session. Send a POST first." }));
+        return;
+      }
+
+      if (req.method === "DELETE") {
+        if (sessionId && sessions.has(sessionId)) {
+          const transport = sessions.get(sessionId);
+          sessions.delete(sessionId);
+          await transport.close();
+        }
+        res.writeHead(200);
+        res.end();
+        return;
+      }
+
+      res.writeHead(405);
+      res.end("Method not allowed");
+    } catch (err) {
+      if (!res.headersSent) {
+        res.writeHead(500, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: err instanceof Error ? err.message : String(err) }));
+      }
+    }
+  });
+
+  async function listen(portToTry) {
+    return new Promise((resolve, reject) => {
+      httpServer.once("error", reject);
+      httpServer.listen(portToTry, "127.0.0.1", () => {
+        const address = httpServer.address();
+        resolve(typeof address === "object" && address ? address.port : portToTry);
+      });
+    });
+  }
+
+  let port;
+  try {
+    port = await listen(preferredPort);
+  } catch (error) {
+    if (!preferredPort || error?.code !== "EADDRINUSE") throw error;
+    port = await listen(0);
+  }
+
+  return {
+    port,
+    close: () => new Promise((resolve) => httpServer.close(resolve)),
+  };
+}
+
+// ── Public API ─────────────────────────────────────────────────────────
+
+/**
+ * Boot both MCP servers.
+ *
+ * @param {object}   opts
+ * @param {Function} opts.getWebContents    — () => WebContents | null (active built-in browser tab)
+ * @param {Function} opts.listTabs          — () => BrowserTabInfo[]
+ * @param {Function} opts.createTab         — (url?: string) => tabId
+ * @param {Function} opts.closeTab          — (tabId: string) => tabId | null
+ * @param {Function} opts.selectTab         — (tabId: string) => tabId
+ * @param {Function} opts.onBuiltinToolCall — called before each built-in browser tool (opens panel)
+ * @param {Function} opts.onHideBrowser     — called to close the browser panel
+ * @returns {Promise<{ builtinPort: number, externalPort: number, _snapshotReset: () => void, stop: () => Promise<void> }>}
+ */
+export async function startBrowserMcpServers({
+  getWebContents,
+  listTabs,
+  createTab,
+  closeTab,
+  selectTab,
+  onBuiltinToolCall,
+  onHideBrowser,
+}) {
+  let externalBrowser = null;
+
+  // ── Built-in browser: native Electron APIs ────────────────────────
+  let builtinSnapshotReset = null;
+  function createBuiltinFactory() {
+    const srv = createNativeBuiltinServer({
+      getWebContents,
+      listTabs,
+      createTab,
+      closeTab,
+      selectTab,
+      onToolCall: onBuiltinToolCall,
+      onHideBrowser,
+    });
+    builtinSnapshotReset = /** @type {any} */ (srv)._snapshotReset;
+    return srv;
+  }
+
+  // ── External Chrome: Puppeteer + CDP (unchanged) ──────────────────
+
+  async function probeExternalChrome() {
+    for (const port of [9222, 9229]) {
+      try {
+        const res = await fetch(`http://127.0.0.1:${port}/json/version`, {
+          signal: AbortSignal.timeout(2000),
+        });
+        if (res.ok) return { connected: true, port };
+      } catch { /* not available */ }
+    }
+    return { connected: false, port: null };
+  }
+
+  function createExternalFactory() {
+    const server = createExternalChromeServer({
+      getBrowser: async () => {
+        if (!externalBrowser?.connected) {
+          for (const port of [9222, 9229]) {
+            try {
+              externalBrowser = await connectExternalBrowser(`http://127.0.0.1:${port}`);
+              return externalBrowser;
+            } catch { /* not available */ }
+          }
+          throw new Error(
+            "Chrome is not reachable. " +
+            "Enable remote debugging in your Chrome: go to chrome://inspect/#remote-debugging and turn it on. " +
+            "No restart needed on Chrome 144+."
+          );
+        }
+        return externalBrowser;
+      },
+    });
+
+    // Diagnostic tool — lets the agent check Chrome availability before
+    // attempting browsing, so it can guide the user instead of failing.
+    server.tool(
+      "chrome_status",
+      "Check whether the user's real Chrome browser is reachable via remote " +
+      "debugging. Call this BEFORE using any other chrome tool. If status is " +
+      "unavailable, tell the user to enable remote debugging in Chrome: " +
+      "chrome://inspect/#remote-debugging → enable → allow connections. " +
+      "No Chrome restart is needed on Chrome 144+.",
+      {},
+      async () => {
+        const probe = await probeExternalChrome();
+        if (probe.connected) {
+          return {
+            content: [{
+              type: "text",
+              text: JSON.stringify({
+                connected: true,
+                port: probe.port,
+                hint: "Chrome is reachable. You can now use chrome tools to control the user's browser.",
+              }),
+            }],
+          };
+        }
+        return {
+          content: [{
+            type: "text",
+            text: JSON.stringify({
+              connected: false,
+              port: null,
+              hint: "Chrome is not reachable. Ask the user to enable remote debugging: " +
+                "open chrome://inspect/#remote-debugging in Chrome, enable it, and allow " +
+                "incoming connections. No restart needed on Chrome 144+. " +
+                "Alternatively, offer to use the built-in openwork-browser instead.",
+            }),
+          }],
+        };
+      },
+    );
+
+    return server;
+  }
+
+  const builtin = await startMcpHttpServer(createBuiltinFactory, 64883);
+  const external = await startMcpHttpServer(createExternalFactory, 64884);
+
+  return {
+    builtinPort: builtin.port,
+    externalPort: external.port,
+    _snapshotReset: () => builtinSnapshotReset?.(),
+    async stop() {
+      await Promise.all([builtin.close(), external.close()]);
+      try { externalBrowser?.disconnect(); } catch {}
+    },
+  };
+}
diff --git a/apps/desktop/electron/browser-native-tools.mjs b/apps/desktop/electron/browser-native-tools.mjs
new file mode 100644
index 0000000000..69c09add0c
--- /dev/null
+++ b/apps/desktop/electron/browser-native-tools.mjs
@@ -0,0 +1,918 @@
+/**
+ * Native Electron MCP server for the built-in WebContentsView.
+ *
+ * Replaces Puppeteer-over-CDP with direct webContents APIs.
+ * Minimal CDP is used via webContents.debugger for:
+ *   - Accessibility tree snapshots (Accessibility.getFullAXTree)
+ *   - DOM node resolution for uid-based click/fill (DOM.resolveNode)
+ *   - Input dispatch for drag/key operations (Input.dispatch*)
+ *   - Emulation overrides (Emulation.*)
+ *
+ * Everything else uses Electron's native webContents methods:
+ *   - loadURL(), goBack(), goForward(), reload()
+ *   - capturePage()
+ *   - executeJavaScript()
+ */
+
+import { writeFile } from "node:fs/promises";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+
+// Import MCP SDK + zod directly — no chrome-devtools-mcp dependency.
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { z } from "zod";
+
+export const SCREENSHOT_FORMATS = ["png", "jpeg"];
+
+export function evaluateScriptCallFunctionOptions(functionDeclaration, argObjectIds) {
+  return {
+    objectId: argObjectIds[0],
+    functionDeclaration: `function(...args) {
+      const fn = (${functionDeclaration});
+      return fn.apply(args[0] ?? this, args);
+    }`,
+    arguments: argObjectIds.map((objectId) => ({ objectId })),
+    returnByValue: true,
+  };
+}
+
+// ── Snapshot manager ──────────────────────────────────────────────────
+//
+// Manages the a11y tree snapshot and uid→backendDOMNodeId mapping.
+// Uses webContents.debugger for CDP Accessibility calls (scoped to
+// this single WebContentsView, no app-level --remote-debugging-port).
+
+class NativeSnapshot {
+  #getWebContents;
+  #nodes = new Map(); // uid → node data
+  #snapshotCounter = 0;
+  #stableIdMap = new Map(); // backendDOMNodeId → uid (stable across snapshots)
+  #debuggerReady = false;
+  #attachedWebContents = null;
+
+  constructor(getWebContents) {
+    this.#getWebContents = getWebContents;
+  }
+
+  #ensureDebugger() {
+    const wc = this.#getWebContents();
+    if (!wc || wc.isDestroyed()) throw new Error("No browser page available.");
+    if (this.#attachedWebContents && this.#attachedWebContents !== wc) {
+      try { this.#attachedWebContents.debugger?.detach(); } catch { /* ok */ }
+      this.#debuggerReady = false;
+      this.#attachedWebContents = null;
+    }
+    if (!this.#debuggerReady) {
+      try {
+        wc.debugger.attach("1.3");
+      } catch {
+        // Already attached — fine
+      }
+      this.#debuggerReady = true;
+      this.#attachedWebContents = wc;
+      wc.once("destroyed", () => {
+        if (this.#attachedWebContents === wc) this.#attachedWebContents = null;
+        this.#debuggerReady = false;
+      });
+    }
+    return wc;
+  }
+
+  async take(verbose = false) {
+    const wc = this.#ensureDebugger();
+    await wc.debugger.sendCommand("Accessibility.enable");
+    const { nodes: rawNodes } = await wc.debugger.sendCommand(
+      "Accessibility.getFullAXTree",
+    );
+
+    // Build a lookup from CDP nodeId → raw node
+    const cdpById = new Map();
+    for (const n of rawNodes) cdpById.set(n.nodeId, n);
+
+    this.#snapshotCounter++;
+    const sid = this.#snapshotCounter;
+    let counter = 0;
+    this.#nodes.clear();
+    const seenBackendIds = new Set();
+
+    const processNode = (cdpNode) => {
+      const bid = cdpNode.backendDOMNodeId;
+      const bidKey = String(bid ?? "");
+
+      // Re-use stable uid when the same DOM node appears across snapshots
+      let uid;
+      if (bidKey && this.#stableIdMap.has(bidKey)) {
+        uid = this.#stableIdMap.get(bidKey);
+      } else {
+        uid = `${sid}_${counter++}`;
+        if (bidKey) this.#stableIdMap.set(bidKey, uid);
+      }
+      if (bidKey) seenBackendIds.add(bidKey);
+
+      const role = cdpNode.role?.value ?? "";
+      const name = cdpNode.name?.value ?? "";
+      const value = cdpNode.value?.value;
+      const ignored = cdpNode.ignored ?? false;
+
+      // Extract meaningful properties
+      const props = {};
+      for (const p of cdpNode.properties ?? []) {
+        if (p.value?.value !== undefined) props[p.name] = p.value.value;
+      }
+
+      const children = (cdpNode.childIds ?? [])
+        .map((id) => cdpById.get(id))
+        .filter(Boolean)
+        .map(processNode);
+
+      const node = { uid, role, name, value, ignored, backendDOMNodeId: bid, props, children };
+      this.#nodes.set(uid, node);
+      return node;
+    };
+
+    if (!rawNodes[0]) return "Empty page — no accessibility tree.";
+    const root = processNode(rawNodes[0]);
+
+    // Prune stale mappings
+    for (const key of this.#stableIdMap.keys()) {
+      if (!seenBackendIds.has(key)) this.#stableIdMap.delete(key);
+    }
+
+    return this.#format(root, verbose);
+  }
+
+  #format(node, verbose, depth = 0) {
+    if (!node) return "";
+    if ((node.ignored || node.role === "none") && !verbose) {
+      return node.children.map((c) => this.#format(c, verbose, depth)).join("");
+    }
+
+    const indent = "  ".repeat(depth);
+    const parts = [`uid=${node.uid}`];
+    if (node.role) parts.push(node.role === "none" ? "ignored" : node.role);
+    if (node.name) parts.push(`"${node.name}"`);
+    if (node.value !== undefined) parts.push(`value="${node.value}"`);
+
+    for (const [k, v] of Object.entries(node.props)) {
+      if (typeof v === "boolean" && v) parts.push(k);
+      else if (typeof v === "string" || typeof v === "number") parts.push(`${k}="${v}"`);
+    }
+
+    const lines = [indent + parts.join(" ")];
+    for (const child of node.children) {
+      const s = this.#format(child, verbose, depth + 1);
+      if (s) lines.push(s);
+    }
+    return lines.join("\n");
+  }
+
+  /** Resolve a snapshot uid to a CDP RemoteObject objectId. */
+  async resolveElement(uid) {
+    if (!this.#nodes.size) {
+      throw new Error("No snapshot found. Use take_snapshot to capture one.");
+    }
+    const node = this.#nodes.get(uid);
+    if (!node) throw new Error(`No such element found in the snapshot (uid: ${uid}).`);
+    if (!node.backendDOMNodeId) {
+      throw new Error(`Element "${uid}" (${node.role}) has no backing DOM node.`);
+    }
+
+    const wc = this.#ensureDebugger();
+    const { object } = await wc.debugger.sendCommand("DOM.resolveNode", {
+      backendNodeId: node.backendDOMNodeId,
+    });
+    if (!object?.objectId) {
+      throw new Error(`Element "${uid}" no longer exists on the page.`);
+    }
+    return object.objectId;
+  }
+
+  /** Get node data for a uid (used by upload_file for backendDOMNodeId). */
+  getNodeData(uid) {
+    return this.#nodes.get(uid);
+  }
+
+  /** Reset snapshot state. Call when the WebContentsView is destroyed. */
+  reset() {
+    try { this.#attachedWebContents?.debugger?.detach(); } catch { /* ok */ }
+    this.#debuggerReady = false;
+    this.#attachedWebContents = null;
+    this.#nodes.clear();
+    this.#stableIdMap.clear();
+  }
+}
+
+// ── MCP server factory ────────────────────────────────────────────────
+
+/**
+ * Create an MCP server for the built-in browser using native Electron APIs.
+ *
+ * @param {object}   opts
+ * @param {Function} opts.getWebContents - () => active webContents | null
+ * @param {Function} [opts.listTabs] - () => browser tab info[]
+ * @param {Function} [opts.createTab] - (url?: string) => tabId
+ * @param {Function} [opts.closeTab] - (tabId: string) => tabId | null
+ * @param {Function} [opts.selectTab] - (tabId: string) => tabId
+ * @param {Function} [opts.onToolCall] - called before each tool
+ * @param {Function} [opts.onHideBrowser] - called to close the browser panel
+ * @returns {McpServer}
+ */
+export function createNativeBuiltinServer({
+  getWebContents,
+  listTabs,
+  createTab,
+  closeTab,
+  selectTab,
+  onToolCall,
+  onHideBrowser,
+}) {
+  const server = new McpServer(
+    { name: "openwork-browser", version: "0.2.0" },
+    { capabilities: { logging: {} } },
+  );
+
+  const snap = new NativeSnapshot(getWebContents);
+
+  // Expose reset so main.mjs can call it when the view is destroyed
+  /** @type {any} */ (server)._snapshotReset = () => snap.reset();
+
+  function wc() {
+    const c = getWebContents();
+    if (!c || c.isDestroyed()) throw new Error("Built-in browser is not open.");
+    return c;
+  }
+
+  function tabs() {
+    return typeof listTabs === "function" ? listTabs() : [];
+  }
+
+  function resolveTabId(pageId) {
+    const availableTabs = tabs();
+    if (typeof pageId === "number") {
+      return availableTabs[pageId - 1]?.tabId ?? null;
+    }
+    const id = String(pageId ?? "").trim();
+    return availableTabs.some((tab) => tab.tabId === id) ? id : null;
+  }
+
+  /** Navigate and wait for the page to load. Simple event-based wait —
+   *  the about:blank preload in createBrowserView prevents session-restore races. */
+  function navigateAndWait(webContents, url, timeoutMs = 30_000) {
+    return new Promise((resolve) => {
+      const timer = setTimeout(resolve, timeoutMs);
+      const done = () => { clearTimeout(timer); resolve(); };
+      webContents.once("did-finish-load", done);
+      webContents.once("did-fail-load", done);
+      webContents.loadURL(url);
+    });
+  }
+
+  /** Wait for a navigation action (back/forward/reload) to complete.
+   *  Rejects on timeout so the caller reports the failure honestly. */
+  function waitForNav(webContents, timeoutMs = 30_000) {
+    return new Promise((resolve, reject) => {
+      const timer = setTimeout(() => reject(new Error("Navigation timed out")), timeoutMs);
+      const done = () => { clearTimeout(timer); resolve(); };
+      webContents.once("did-finish-load", done);
+      webContents.once("did-fail-load", done);
+    });
+  }
+
+  // Helper: run a tool body inside an error boundary
+  function defineTool(name, description, schema, handler) {
+    server.tool(name, description, schema, async (params) => {
+      try {
+        await onToolCall?.(name, params);
+        return await handler(params);
+      } catch (err) {
+        return { content: [{ type: "text", text: `Error: ${err.message ?? err}` }] };
+      }
+    });
+  }
+
+  // ── Navigation ────────────────────────────────────────────────────
+
+  defineTool(
+    "navigate_page",
+    "Go to a URL, or back, forward, or reload.",
+    {
+      url: z.string().optional().describe("Target URL (only type=url)"),
+      type: z.enum(["url", "back", "forward", "reload"]).optional()
+        .describe("Navigate by URL, back/forward in history, or reload."),
+      timeout: z.number().int().optional()
+        .describe("Maximum wait time in milliseconds. Default: 30000"),
+      ignoreCache: z.boolean().optional()
+        .describe("Whether to ignore cache on reload."),
+    },
+    async (params) => {
+      const w = wc();
+      const type = params.type ?? "url";
+      const timeout = params.timeout ?? 30_000;
+
+      if (type === "url") {
+        const url = String(params.url ?? "").trim();
+        if (!url) throw new Error("navigate_page requires a url for type=url");
+        await navigateAndWait(w, url, timeout);
+      } else if (type === "back") {
+        if (w.navigationHistory?.canGoBack?.() ?? w.canGoBack()) {
+          const p = waitForNav(w, timeout);
+          w.goBack();
+          await p;
+        }
+      } else if (type === "forward") {
+        if (w.navigationHistory?.canGoForward?.() ?? w.canGoForward()) {
+          const p = waitForNav(w, timeout);
+          w.goForward();
+          await p;
+        }
+      } else if (type === "reload") {
+        const p = waitForNav(w, timeout);
+        params.ignoreCache ? w.reloadIgnoringCache() : w.reload();
+        await p;
+      }
+
+      return { content: [{ type: "text", text: `Navigated to ${w.getURL()}` }] };
+    },
+  );
+
+  // ── Snapshot ──────────────────────────────────────────────────────
+
+  defineTool(
+    "take_snapshot",
+    "Take a text snapshot of the currently selected page based on the a11y tree. " +
+    "The snapshot lists page elements along with a unique identifier (uid). " +
+    "Always use the latest snapshot. Prefer taking a snapshot over taking a screenshot.",
+    {
+      verbose: z.boolean().optional()
+        .describe("Include all possible information in the full a11y tree. Default: false."),
+      filePath: z.string().optional()
+        .describe("Save snapshot to this path instead of returning inline."),
+    },
+    async (params) => {
+      const text = await snap.take(params.verbose ?? false);
+      if (params.filePath) {
+        await writeFile(params.filePath, text, "utf8");
+        return { content: [{ type: "text", text: `Saved snapshot to ${params.filePath}.` }] };
+      }
+      return { content: [{ type: "text", text: "## Latest page snapshot\n" + text }] };
+    },
+  );
+
+  // ── Screenshot ────────────────────────────────────────────────────
+
+  defineTool(
+    "take_screenshot",
+    "Take a screenshot of the page or element.",
+    {
+      format: z.enum(SCREENSHOT_FORMATS).default("png")
+        .describe('Format. Default: "png"'),
+      quality: z.number().min(0).max(100).optional()
+        .describe("JPEG quality (0-100). Ignored for PNG."),
+      uid: z.string().optional()
+        .describe("Element uid from snapshot. Omit for page screenshot."),
+      fullPage: z.boolean().optional()
+        .describe("Full scrollable page screenshot. Incompatible with uid."),
+      filePath: z.string().optional()
+        .describe("Save screenshot to this path instead of returning inline."),
+    },
+    async (params) => {
+      const w = wc();
+      if (params.uid && params.fullPage) throw new Error('Cannot use both "uid" and "fullPage".');
+
+      let imageBuffer;
+      const fmt = params.format ?? "png";
+
+      if (params.uid) {
+        // Element screenshot via bounding rect — clamp to viewport
+        const objectId = await snap.resolveElement(params.uid);
+        const { result } = await w.debugger.sendCommand("Runtime.callFunctionOn", {
+          objectId,
+          functionDeclaration: `function() {
+            this.scrollIntoViewIfNeeded();
+            const r = this.getBoundingClientRect();
+            return JSON.stringify({
+              x: Math.max(0, Math.round(r.x)),
+              y: Math.max(0, Math.round(r.y)),
+              width: Math.round(Math.min(r.width, window.innerWidth - Math.max(0, r.x))),
+              height: Math.round(Math.min(r.height, window.innerHeight - Math.max(0, r.y)))
+            });
+          }`,
+          returnByValue: true,
+        });
+        const rect = JSON.parse(result.value);
+        if (rect.width > 0 && rect.height > 0) {
+          const img = await w.capturePage(rect);
+          imageBuffer = fmt === "jpeg" ? img.toJPEG(params.quality ?? 80) : img.toPNG();
+        } else {
+          // Element not visible — fall back to viewport screenshot
+          const img = await w.capturePage();
+          imageBuffer = fmt === "jpeg" ? img.toJPEG(params.quality ?? 80) : img.toPNG();
+        }
+      } else {
+        const img = await w.capturePage();
+        imageBuffer = fmt === "jpeg" ? img.toJPEG(params.quality ?? 80) : img.toPNG();
+      }
+
+      if (params.filePath) {
+        await writeFile(params.filePath, imageBuffer);
+        return { content: [{ type: "text", text: `Screenshot saved to ${params.filePath}.` }] };
+      }
+      if (imageBuffer.length >= 2_000_000) {
+        const p = join(tmpdir(), `openwork-ss-${Date.now()}.${fmt}`);
+        await writeFile(p, imageBuffer);
+        return { content: [{ type: "text", text: `Screenshot saved to ${p} (${(imageBuffer.length / 1024) | 0} KB).` }] };
+      }
+      return { content: [{ type: "image", mimeType: `image/${fmt}`, data: imageBuffer.toString("base64") }] };
+    },
+  );
+
+  // ── Click ─────────────────────────────────────────────────────────
+
+  defineTool(
+    "click",
+    "Clicks on the provided element.",
+    {
+      uid: z.string().describe("Element uid from page snapshot"),
+      dblClick: z.boolean().optional().describe("Double click. Default: false."),
+      includeSnapshot: z.boolean().optional().describe("Include snapshot in response. Default: false."),
+    },
+    async (params) => {
+      const objectId = await snap.resolveElement(params.uid);
+      const w = wc();
+      await w.debugger.sendCommand("Runtime.callFunctionOn", {
+        objectId,
+        functionDeclaration: `function(dbl) {
+          this.scrollIntoViewIfNeeded();
+          this.click();
+          if (dbl) this.click();
+        }`,
+        arguments: [{ value: !!params.dblClick }],
+      });
+      const text = params.dblClick ? "Successfully double clicked on the element" : "Successfully clicked on the element";
+      if (params.includeSnapshot) {
+        return { content: [{ type: "text", text }, { type: "text", text: await snap.take(false) }] };
+      }
+      return { content: [{ type: "text", text }] };
+    },
+  );
+
+  // ── Hover ─────────────────────────────────────────────────────────
+
+  defineTool(
+    "hover",
+    "Hover over the provided element.",
+    {
+      uid: z.string().describe("Element uid from page snapshot"),
+      includeSnapshot: z.boolean().optional(),
+    },
+    async (params) => {
+      const objectId = await snap.resolveElement(params.uid);
+      const w = wc();
+      await w.debugger.sendCommand("Runtime.callFunctionOn", {
+        objectId,
+        functionDeclaration: `function() {
+          this.scrollIntoViewIfNeeded();
+          this.dispatchEvent(new MouseEvent('mouseenter', { bubbles: true }));
+          this.dispatchEvent(new MouseEvent('mouseover', { bubbles: true }));
+        }`,
+      });
+      const text = "Successfully hovered over the element";
+      if (params.includeSnapshot) {
+        return { content: [{ type: "text", text }, { type: "text", text: await snap.take(false) }] };
+      }
+      return { content: [{ type: "text", text }] };
+    },
+  );
+
+  // ── Fill ──────────────────────────────────────────────────────────
+
+  const FILL_FN = `function(val) {
+    this.scrollIntoViewIfNeeded();
+    this.focus();
+    if (this.tagName === 'SELECT') {
+      const opt = Array.from(this.options).find(o => o.text === val || o.value === val);
+      if (opt) this.value = opt.value; else this.value = val;
+    } else {
+      const setter = Object.getOwnPropertyDescriptor(window.HTMLInputElement.prototype, 'value')?.set
+        || Object.getOwnPropertyDescriptor(window.HTMLTextAreaElement.prototype, 'value')?.set;
+      if (setter) setter.call(this, val); else this.value = val;
+    }
+    this.dispatchEvent(new Event('input', { bubbles: true }));
+    this.dispatchEvent(new Event('change', { bubbles: true }));
+  }`;
+
+  defineTool(
+    "fill",
+    "Type text into an input, text area, or select an option from a <select> element.",
+    {
+      uid: z.string().describe("Element uid from page snapshot"),
+      value: z.string().describe("The value to fill in"),
+      includeSnapshot: z.boolean().optional(),
+    },
+    async (params) => {
+      const objectId = await snap.resolveElement(params.uid);
+      await wc().debugger.sendCommand("Runtime.callFunctionOn", {
+        objectId,
+        functionDeclaration: FILL_FN,
+        arguments: [{ value: params.value }],
+      });
+      const text = "Successfully filled out the element";
+      if (params.includeSnapshot) {
+        return { content: [{ type: "text", text }, { type: "text", text: await snap.take(false) }] };
+      }
+      return { content: [{ type: "text", text }] };
+    },
+  );
+
+  // ── Fill form ─────────────────────────────────────────────────────
+
+  defineTool(
+    "fill_form",
+    "Fill out multiple form elements at once.",
+    {
+      elements: z.array(z.object({
+        uid: z.string().describe("Element uid to fill out"),
+        value: z.string().describe("Value for the element"),
+      })).describe("Elements from snapshot to fill out."),
+      includeSnapshot: z.boolean().optional(),
+    },
+    async (params) => {
+      for (const el of params.elements) {
+        const objectId = await snap.resolveElement(el.uid);
+        await wc().debugger.sendCommand("Runtime.callFunctionOn", {
+          objectId,
+          functionDeclaration: FILL_FN,
+          arguments: [{ value: el.value }],
+        });
+      }
+      const text = "Successfully filled out the form";
+      if (params.includeSnapshot) {
+        return { content: [{ type: "text", text }, { type: "text", text: await snap.take(false) }] };
+      }
+      return { content: [{ type: "text", text }] };
+    },
+  );
+
+  // ── Drag ──────────────────────────────────────────────────────────
+
+  defineTool(
+    "drag",
+    "Drag an element onto another element.",
+    {
+      from_uid: z.string().describe("Element uid to drag"),
+      to_uid: z.string().describe("Element uid to drop into"),
+      includeSnapshot: z.boolean().optional(),
+    },
+    async (params) => {
+      const w = wc();
+      const fromId = await snap.resolveElement(params.from_uid);
+      const toId = await snap.resolveElement(params.to_uid);
+
+      const getCenter = async (objectId) => {
+        const { result } = await w.debugger.sendCommand("Runtime.callFunctionOn", {
+          objectId,
+          functionDeclaration: `function() { this.scrollIntoViewIfNeeded(); const r = this.getBoundingClientRect(); return JSON.stringify({ x: r.x + r.width/2, y: r.y + r.height/2 }); }`,
+          returnByValue: true,
+        });
+        return JSON.parse(result.value);
+      };
+
+      const from = await getCenter(fromId);
+      const to = await getCenter(toId);
+      const steps = 10;
+
+      await w.debugger.sendCommand("Input.dispatchMouseEvent", { type: "mouseMoved", x: from.x, y: from.y });
+      await w.debugger.sendCommand("Input.dispatchMouseEvent", { type: "mousePressed", x: from.x, y: from.y, button: "left", clickCount: 1 });
+      for (let i = 1; i <= steps; i++) {
+        const t = i / steps;
+        await w.debugger.sendCommand("Input.dispatchMouseEvent", {
+          type: "mouseMoved",
+          x: from.x + (to.x - from.x) * t,
+          y: from.y + (to.y - from.y) * t,
+        });
+      }
+      await w.debugger.sendCommand("Input.dispatchMouseEvent", { type: "mouseReleased", x: to.x, y: to.y, button: "left", clickCount: 1 });
+
+      const text = "Successfully dragged an element";
+      if (params.includeSnapshot) {
+        return { content: [{ type: "text", text }, { type: "text", text: await snap.take(false) }] };
+      }
+      return { content: [{ type: "text", text }] };
+    },
+  );
+
+  // ── Upload file ───────────────────────────────────────────────────
+
+  defineTool(
+    "upload_file",
+    "Upload a file through a provided element.",
+    {
+      uid: z.string().describe("Element uid of file input or trigger element"),
+      filePath: z.string().describe("Local path of the file to upload"),
+      includeSnapshot: z.boolean().optional(),
+    },
+    async (params) => {
+      const node = snap.getNodeData(params.uid);
+      if (!node?.backendDOMNodeId) throw new Error(`Element "${params.uid}" has no DOM node.`);
+      await wc().debugger.sendCommand("DOM.setFileInputFiles", {
+        files: [params.filePath],
+        backendNodeId: node.backendDOMNodeId,
+      });
+      const text = `File uploaded from ${params.filePath}.`;
+      if (params.includeSnapshot) {
+        return { content: [{ type: "text", text }, { type: "text", text: await snap.take(false) }] };
+      }
+      return { content: [{ type: "text", text }] };
+    },
+  );
+
+  // ── Press key ─────────────────────────────────────────────────────
+
+  defineTool(
+    "press_key",
+    'Press a key or key combination (e.g. "Enter", "Control+A", "Control+Shift+R"). Modifiers: Control, Shift, Alt, Meta.',
+    {
+      key: z.string().describe('A key or combination, e.g. "Enter", "Control+A"'),
+      includeSnapshot: z.boolean().optional(),
+    },
+    async (params) => {
+      const w = wc();
+      const tokens = params.key.split("+");
+      const mainKey = tokens.pop();
+      const modifiers = [...tokens]; // defensive copy before reverse
+
+      let flags = 0;
+      for (const m of modifiers) {
+        if (m === "Alt") flags |= 1;
+        if (m === "Control") flags |= 2;
+        if (m === "Meta") flags |= 4;
+        if (m === "Shift") flags |= 8;
+      }
+
+      const dbg = w.debugger;
+      for (const m of modifiers) {
+        await dbg.sendCommand("Input.dispatchKeyEvent", { type: "rawKeyDown", key: m, modifiers: flags });
+      }
+      await dbg.sendCommand("Input.dispatchKeyEvent", { type: "rawKeyDown", key: mainKey, text: mainKey.length === 1 ? mainKey : "", modifiers: flags });
+      if (mainKey.length === 1) {
+        await dbg.sendCommand("Input.dispatchKeyEvent", { type: "char", text: mainKey, modifiers: flags });
+      }
+      await dbg.sendCommand("Input.dispatchKeyEvent", { type: "keyUp", key: mainKey, modifiers: flags });
+      for (const m of [...modifiers].reverse()) {
+        await dbg.sendCommand("Input.dispatchKeyEvent", { type: "keyUp", key: m, modifiers: flags });
+      }
+
+      const text = `Successfully pressed key: ${params.key}`;
+      if (params.includeSnapshot) {
+        return { content: [{ type: "text", text }, { type: "text", text: await snap.take(false) }] };
+      }
+      return { content: [{ type: "text", text }] };
+    },
+  );
+
+  // ── Type text ─────────────────────────────────────────────────────
+
+  defineTool(
+    "type_text",
+    "Type text using keyboard into a previously focused input.",
+    {
+      text: z.string().describe("The text to type"),
+      submitKey: z.string().optional().describe('Optional key to press after typing, e.g. "Enter", "Tab"'),
+    },
+    async (params) => {
+      const dbg = wc().debugger;
+      for (const ch of params.text) {
+        await dbg.sendCommand("Input.dispatchKeyEvent", { type: "char", text: ch });
+      }
+      if (params.submitKey) {
+        await dbg.sendCommand("Input.dispatchKeyEvent", { type: "rawKeyDown", key: params.submitKey });
+        await dbg.sendCommand("Input.dispatchKeyEvent", { type: "keyUp", key: params.submitKey });
+      }
+      return { content: [{ type: "text", text: `Typed "${params.text}"${params.submitKey ? ` and pressed ${params.submitKey}` : ""}` }] };
+    },
+  );
+
+  // ── Evaluate script ───────────────────────────────────────────────
+
+  defineTool(
+    "evaluate_script",
+    "Evaluate a JavaScript function inside the current page. Returns JSON-serializable values.",
+    {
+      function: z.string().describe(
+        'A JavaScript function declaration, e.g. `() => { return document.title }` or `(el) => { return el.innerText; }`',
+      ),
+      args: z.array(z.string()).optional()
+        .describe("Optional list of element uids from the page snapshot to pass as arguments to the function"),
+      dialogAction: z.string().optional()
+        .describe('Handle dialogs during execution: "accept", "dismiss", or prompt response text. Default: accept.'),
+    },
+    async (params) => {
+      const w = wc();
+
+      if (params.args?.length) {
+        const argIds = [];
+        for (const uid of params.args) argIds.push(await snap.resolveElement(uid));
+        const { result } = await w.debugger.sendCommand(
+          "Runtime.callFunctionOn",
+          evaluateScriptCallFunctionOptions(params.function, argIds),
+        );
+        return { content: [{ type: "text", text: JSON.stringify(result?.value, null, 2) ?? "undefined" }] };
+      }
+
+      const result = await w.executeJavaScript(`(${params.function})()`);
+      return { content: [{ type: "text", text: JSON.stringify(result, null, 2) ?? "undefined" }] };
+    },
+  );
+
+  // ── Wait for ──────────────────────────────────────────────────────
+
+  defineTool(
+    "wait_for",
+    "Wait for the specified text to appear on the selected page.",
+    {
+      text: z.union([z.string(), z.array(z.string()).min(1)])
+        .describe("Non-empty list of texts. Resolves when any value appears on the page."),
+      timeout: z.number().int().optional()
+        .describe("Maximum wait time in milliseconds. Default: 30000"),
+    },
+    async (params) => {
+      const w = wc();
+      const texts = Array.isArray(params.text) ? params.text : [params.text];
+      const deadline = Date.now() + (params.timeout ?? 30_000);
+
+      while (Date.now() < deadline) {
+        for (const t of texts) {
+          const found = await w.executeJavaScript(
+            `document.body?.innerText?.includes(${JSON.stringify(t)}) ?? false`,
+          );
+          if (found) {
+            const snapText = await snap.take(false);
+            return { content: [
+              { type: "text", text: `Element with text "${t}" found.` },
+              { type: "text", text: snapText },
+            ] };
+          }
+        }
+        await new Promise((r) => setTimeout(r, 500));
+      }
+
+      throw new Error(`Timeout: none of [${texts.map(t => `"${t}"`).join(", ")}] appeared within ${params.timeout ?? 30_000}ms.`);
+    },
+  );
+
+  // ── Handle dialog ─────────────────────────────────────────────────
+
+  defineTool(
+    "handle_dialog",
+    "Handle a browser dialog (alert, confirm, prompt).",
+    {
+      action: z.enum(["accept", "dismiss"]).describe("Whether to dismiss or accept the dialog"),
+      promptText: z.string().optional().describe("Optional prompt text to enter"),
+    },
+    async (params) => {
+      await wc().debugger.sendCommand("Page.handleJavaScriptDialog", {
+        accept: params.action === "accept",
+        promptText: params.promptText,
+      });
+      return { content: [{ type: "text", text: `Dialog ${params.action}ed.` }] };
+    },
+  );
+
+  // ── Page management ───────────────────────────────────────────────
+
+  defineTool(
+    "list_pages",
+    "Get a list of tabs open in the built-in browser. Use select_page before interacting with a non-selected tab.",
+    {},
+    async () => {
+      const pages = tabs().map((tab, index) => ({
+        pageId: tab.tabId,
+        index: index + 1,
+        url: tab.url,
+        title: tab.title,
+        selected: tab.isActive,
+        isLoading: tab.isLoading,
+        canGoBack: tab.canGoBack,
+        canGoForward: tab.canGoForward,
+      }));
+      return { content: [{ type: "text", text: JSON.stringify(pages, null, 2) }] };
+    },
+  );
+
+  defineTool(
+    "select_page",
+    "Select a tab as context for future tool calls. After switching tabs, take a fresh snapshot before using element uids.",
+    { pageId: z.union([z.string(), z.number()]).describe("Page ID from list_pages. Numeric 1-based indexes are also accepted.") },
+    async (params) => {
+      if (typeof selectTab !== "function") throw new Error("Tab selection is not available.");
+      const tabId = resolveTabId(params.pageId);
+      if (!tabId) throw new Error(`No such page: ${params.pageId}`);
+      await selectTab(tabId);
+      snap.reset();
+      return { content: [{ type: "text", text: `Page ${tabId} selected. Take a fresh snapshot before interacting.` }] };
+    },
+  );
+
+  defineTool(
+    "create_page",
+    "Create a new browser tab, optionally navigate it to a URL, and select it for future tool calls.",
+    {
+      url: z.string().optional().describe("Optional URL to open in the new tab."),
+    },
+    async (params) => {
+      if (typeof createTab !== "function") throw new Error("Tab creation is not available.");
+      const tabId = await createTab(params.url);
+      snap.reset();
+      return { content: [{ type: "text", text: `Created and selected page ${tabId}.` }] };
+    },
+  );
+
+  defineTool(
+    "close_page",
+    "Close a browser tab by page ID. If the selected tab is closed, another tab may become selected; take a fresh snapshot before interacting.",
+    {
+      pageId: z.union([z.string(), z.number()]).describe("Page ID from list_pages. Numeric 1-based indexes are also accepted."),
+    },
+    async (params) => {
+      if (typeof closeTab !== "function") throw new Error("Tab closing is not available.");
+      const tabId = resolveTabId(params.pageId);
+      if (!tabId) throw new Error(`No such page: ${params.pageId}`);
+      await closeTab(tabId);
+      snap.reset();
+      return { content: [{ type: "text", text: `Closed page ${tabId}.` }] };
+    },
+  );
+
+  // ── Resize ────────────────────────────────────────────────────────
+
+  defineTool(
+    "resize_page",
+    "Resizes the selected page's window so that the page has specified dimension.",
+    {
+      width: z.number().describe("Page width"),
+      height: z.number().describe("Page height"),
+    },
+    async (params) => {
+      return { content: [{ type: "text", text: `Resize requested (${params.width}x${params.height}). Actual size depends on app layout.` }] };
+    },
+  );
+
+  // ── Emulate ───────────────────────────────────────────────────────
+
+  defineTool(
+    "emulate",
+    "Emulates various features on the selected page.",
+    {
+      colorScheme: z.enum(["dark", "light", "auto"]).optional()
+        .describe('Emulate dark or light mode. "auto" to reset.'),
+      userAgent: z.string().optional()
+        .describe("User agent to emulate. Empty string to clear."),
+    },
+    async (params) => {
+      const dbg = wc().debugger;
+      const results = [];
+
+      if (params.colorScheme) {
+        const media = params.colorScheme === "auto" ? "" : params.colorScheme;
+        await dbg.sendCommand("Emulation.setEmulatedMedia", {
+          features: [{ name: "prefers-color-scheme", value: media || "" }],
+        });
+        results.push(`Color scheme: ${params.colorScheme}`);
+      }
+
+      if (params.userAgent !== undefined) {
+        await dbg.sendCommand("Emulation.setUserAgentOverride", {
+          userAgent: params.userAgent || "",
+        });
+        results.push(`User agent: ${params.userAgent || "(cleared)"}`);
+      }
+
+      return { content: [{ type: "text", text: results.length ? results.join("; ") : "No emulation changes applied." }] };
+    },
+  );
+
+  // ── Show / Hide browser ───────────────────────────────────────────
+
+  server.tool(
+    "show_browser",
+    "Open the built-in browser panel inside the OpenWork app. " +
+    "Called automatically when any browser tool runs, but can also be called explicitly.",
+    {},
+    async () => {
+      await onToolCall?.("show_browser");
+      return { content: [{ type: "text", text: "Browser panel opened." }] };
+    },
+  );
+
+  server.tool(
+    "hide_browser",
+    "Close the built-in browser panel. Call when the browsing task is finished.",
+    {},
+    async () => {
+      onHideBrowser?.();
+      return { content: [{ type: "text", text: "Browser panel closed." }] };
+    },
+  );
+
+  return server;
+}
diff --git a/apps/desktop/electron/browser-native-tools.test.mjs b/apps/desktop/electron/browser-native-tools.test.mjs
new file mode 100644
index 0000000000..9abe706e83
--- /dev/null
+++ b/apps/desktop/electron/browser-native-tools.test.mjs
@@ -0,0 +1,59 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+
+import {
+  createNativeBuiltinServer,
+  evaluateScriptCallFunctionOptions,
+  SCREENSHOT_FORMATS,
+} from "./browser-native-tools.mjs";
+
+test("screenshot formats match Electron NativeImage encoders", () => {
+  assert.deepEqual(SCREENSHOT_FORMATS, ["png", "jpeg"]);
+});
+
+test("evaluate script passes every snapshot argument as a function parameter", () => {
+  const options = evaluateScriptCallFunctionOptions("(first, second) => first.id + second.id", ["object-1", "object-2"]);
+
+  assert.equal(options.objectId, "object-1");
+  assert.deepEqual(options.arguments, [{ objectId: "object-1" }, { objectId: "object-2" }]);
+  assert.equal(options.returnByValue, true);
+  assert.match(options.functionDeclaration, /fn\.apply\(args\[0\] \?\? this, args\)/);
+});
+
+test("page management tools use provided tab callbacks", async () => {
+  const tabs = [
+    { tabId: "tab-1", url: "https://example.test/one", title: "One", isActive: true, isLoading: false, canGoBack: false, canGoForward: false },
+    { tabId: "tab-2", url: "https://example.test/two", title: "Two", isActive: false, isLoading: false, canGoBack: true, canGoForward: false },
+  ];
+  const calls = [];
+  const server = createNativeBuiltinServer({
+    getWebContents: () => ({ isDestroyed: () => false }),
+    listTabs: () => tabs,
+    createTab: async (url) => {
+      calls.push(["create", url]);
+      return "tab-3";
+    },
+    selectTab: async (tabId) => {
+      calls.push(["select", tabId]);
+      return tabId;
+    },
+    closeTab: async (tabId) => {
+      calls.push(["close", tabId]);
+      return tabId;
+    },
+  });
+  const tools = /** @type {any} */ (server)._registeredTools;
+
+  const pages = await tools.list_pages.handler({});
+  assert.deepEqual(JSON.parse(pages.content[0].text).map((page) => page.pageId), ["tab-1", "tab-2"]);
+
+  await tools.select_page.handler({ pageId: 2 });
+  await tools.create_page.handler({ url: "https://example.test/three" });
+  await tools.close_page.handler({ pageId: "tab-1" });
+
+  assert.deepEqual(calls, [
+    ["select", "tab-2"],
+    ["create", "https://example.test/three"],
+    ["close", "tab-1"],
+  ]);
+});
diff --git a/apps/desktop/electron/desktop-fetch.mjs b/apps/desktop/electron/desktop-fetch.mjs
new file mode 100644
index 0000000000..ca5bc9c846
--- /dev/null
+++ b/apps/desktop/electron/desktop-fetch.mjs
@@ -0,0 +1,40 @@
+/**
+ * @param {unknown} urlInput
+ * @param {any} [initInput]
+ * @param {typeof fetch} [fetchImpl]
+ */
+export async function desktopFetch(urlInput, initInput = {}, fetchImpl = fetch) {
+  const url = String(urlInput ?? "").trim();
+  const init = /** @type {any} */ (initInput && typeof initInput === "object" ? initInput : {});
+  if (!url) throw new Error("URL is required.");
+
+  const timeoutMs = Number(init.timeoutMs);
+  const timeout = Number.isFinite(timeoutMs) && timeoutMs > 0
+    ? Math.max(1, Math.floor(timeoutMs))
+    : null;
+  const controller = timeout ? new AbortController() : null;
+  const timer = timeout && controller ? setTimeout(() => controller.abort(), timeout) : null;
+  const signal = controller?.signal;
+  let response;
+  try {
+    response = await fetchImpl(url, {
+      method: typeof init.method === "string" ? init.method : undefined,
+      headers: init.headers && typeof init.headers === "object" ? init.headers : undefined,
+      body: typeof init.body === "string" ? init.body : undefined,
+      signal,
+    });
+  } catch (error) {
+    if (signal?.aborted) {
+      throw new Error(`Fetch timed out after ${timeout}ms`);
+    }
+    throw error;
+  } finally {
+    if (timer) clearTimeout(timer);
+  }
+  return {
+    status: response.status,
+    statusText: response.statusText,
+    headers: Array.from(response.headers.entries()),
+    body: await response.text(),
+  };
+}
diff --git a/apps/desktop/electron/desktop-fetch.test.mjs b/apps/desktop/electron/desktop-fetch.test.mjs
new file mode 100644
index 0000000000..928b94604c
--- /dev/null
+++ b/apps/desktop/electron/desktop-fetch.test.mjs
@@ -0,0 +1,38 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+
+import { desktopFetch } from "./desktop-fetch.mjs";
+
+test("desktop fetch forwards method, headers, body, and response details", async () => {
+  const calls = [];
+  const result = await desktopFetch("https://worker.example.test/env", {
+    method: "POST",
+    headers: { Authorization: "Bearer client-token" },
+    body: "{}",
+  }, async (url, init) => {
+    calls.push({ url, init });
+    return new Response("ok", {
+      status: 202,
+      statusText: "Accepted",
+      headers: { "x-test": "yes" },
+    });
+  });
+
+  assert.equal(calls[0].url, "https://worker.example.test/env");
+  assert.equal(calls[0].init.method, "POST");
+  assert.deepEqual(calls[0].init.headers, { Authorization: "Bearer client-token" });
+  assert.equal(calls[0].init.body, "{}");
+  assert.equal(result.status, 202);
+  assert.equal(result.statusText, "Accepted");
+  assert.equal(new Map(result.headers).get("x-test"), "yes");
+  assert.equal(result.body, "ok");
+});
+
+test("desktop fetch honors timeoutMs with a controlled error", async () => {
+  await assert.rejects(
+    desktopFetch("https://worker.example.test/slow", { timeoutMs: 1 }, async (_url, init) => new Promise((_resolve, reject) => {
+      init.signal.addEventListener("abort", () => reject(init.signal.reason ?? new Error("aborted")), { once: true });
+    })),
+    /Fetch timed out after 1ms/,
+  );
+});
diff --git a/apps/desktop/electron/main.cjs b/apps/desktop/electron/main.cjs
new file mode 100644
index 0000000000..9256fdce84
--- /dev/null
+++ b/apps/desktop/electron/main.cjs
@@ -0,0 +1,6 @@
+globalThis.__OPENWORK_ELECTRON__ = require("electron");
+
+import("./main.mjs").catch((error) => {
+  console.error(error);
+  process.exit(1);
+});
diff --git a/apps/desktop/electron/main.mjs b/apps/desktop/electron/main.mjs
index 24d5cb51aa..837ea45a16 100644
--- a/apps/desktop/electron/main.mjs
+++ b/apps/desktop/electron/main.mjs
@@ -1,7 +1,6 @@
 import { createHash, randomBytes } from "node:crypto";
 import { execFileSync, spawn } from "node:child_process";
 import { createServer } from "node:http";
-import net from "node:net";
 import { existsSync } from "node:fs";
 import {
   cp,
@@ -19,19 +18,34 @@ import os from "node:os";
 import path from "node:path";
 import { fileURLToPath } from "node:url";
 
-import { app, BrowserWindow, Menu, WebContentsView, clipboard, dialog, ipcMain, nativeImage, nativeTheme, session, shell, systemPreferences } from "electron";
 import { configureFakeMediaForTests, installMediaPermissionHandlers } from "./media-permissions.mjs";
 import { registerMigrationIpc } from "./migration.mjs";
+import { startBrowserMcpServers } from "./browser-mcp.mjs";
 import { createRuntimeManager } from "./runtime.mjs";
 import { registerUpdaterIpc } from "./updater.mjs";
 import { exportWorkspaceConfig, importWorkspaceConfig } from "./workspace-archive.mjs";
+import { parseOpencodeConfig } from "./opencode-config-json.mjs";
 import {
+  discoverOpenworkWorkspace,
+  isDesktopFetchAllowedForWorkspaces,
   openworkWorkspaceDisplayName,
-  selectOpenworkWorkspaceForConnection,
 } from "./remote-workspace.mjs";
+import { desktopFetch } from "./desktop-fetch.mjs";
+import {
+  attachPersistedWorkspacesForWrite,
+  defaultDesktopBootstrapConfig,
+  desktopBootstrapCandidates,
+  filterWorkspacesForManagedDen,
+  mergeWorkspaceListsPreservingHidden,
+  normalizeDesktopBootstrapConfig,
+  persistedWorkspacesForRuntimeState,
+  runtimeWorkspaceStateForManagedDen,
+} from "./bootstrap-config.mjs";
 
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
 const require = createRequire(import.meta.url);
+const electron = globalThis.__OPENWORK_ELECTRON__ ?? require("electron");
+const { app, BrowserWindow, Menu, WebContentsView, clipboard, dialog, ipcMain, nativeImage, nativeTheme, session, shell, systemPreferences } = electron;
 const pty = require(["node", "pty"].join("-"));
 const NATIVE_DEEP_LINK_EVENT = "openwork:deep-link-native";
 const NATIVE_MENU_OPEN_SETTINGS_EVENT = "openwork:native-menu:open-settings";
@@ -383,41 +397,18 @@ if (process.platform === "darwin" && APP_ICON_IMAGE && !APP_ICON_IMAGE.isEmpty()
   app.dock.setIcon(APP_ICON_IMAGE);
 }
 
-// Expose Chrome DevTools Protocol so the opencode-chrome-devtools plugin can
-// drive the built-in browser panel.  Use OPENWORK_ELECTRON_REMOTE_DEBUG_PORT to
-// pin a specific port; otherwise probe for a free one starting at 9223.
-// Must resolve before app.commandLine.appendSwitch (before `ready`).
-function probePort(port) {
-  return new Promise((resolve) => {
-    const srv = net.createServer();
-    srv.once("error", () => resolve(false));
-    srv.listen({ port, host: "127.0.0.1" }, () => {
-      srv.close(() => resolve(true));
-    });
-  });
-}
-
-async function findFreeCdpPort(candidates) {
-  for (const port of candidates) {
-    if (await probePort(port)) return port;
-  }
-  return 0;
-}
-
-const explicitCdpPort = Number.parseInt(
+// Optional: expose Chrome DevTools Protocol so external tools (raw CDP clients,
+// DevTools front-ends) can attach to this Electron instance for debugging.
+// NOT required for the built-in browser — that uses native webContents APIs.
+// Enable by setting OPENWORK_ELECTRON_REMOTE_DEBUG_PORT=<port> before launch.
+const remoteDebugPort = Number.parseInt(
   process.env.OPENWORK_ELECTRON_REMOTE_DEBUG_PORT?.trim() ?? "",
   10,
 );
-const remoteDebugPort = Number.isFinite(explicitCdpPort) && explicitCdpPort > 0
-  ? explicitCdpPort
-  : await findFreeCdpPort([9223, 9224, 9225, 9226, 9227]);
-if (remoteDebugPort > 0) {
+if (Number.isFinite(remoteDebugPort) && remoteDebugPort > 0) {
   app.commandLine.appendSwitch("remote-debugging-port", String(remoteDebugPort));
   app.commandLine.appendSwitch("remote-debugging-address", "127.0.0.1");
 }
-// Make the resolved port available to the embedded server so it flows into
-// agent instructions via ensureOpenworkAgent → resolveAgentTemplate.
-process.env.OPENWORK_ELECTRON_REMOTE_DEBUG_PORT = String(remoteDebugPort);
 
 // Apply extra Chromium flags from ELECTRON_EXTRA_LAUNCH_ARGS.
 // Used in headless/Daytona environments to pass e.g. --disable-gpu.
@@ -434,18 +425,17 @@ if (extraLaunchArgs) {
     }
   }
 }
-configureFakeMediaForTests(app, envFlagEnabled("OPENWORK_ELECTRON_FAKE_MEDIA"));
-const DEFAULT_DEN_BASE_URL = "https://app.openworklabs.com";
-const DEFAULT_LOCAL_BASE_URL = "http://127.0.0.1:4096";
-const FORCE_DESKTOP_REQUIRE_SIGNIN = envFlagEnabled("OPENWORK_FORCE_SIGNIN");
-const DEFAULT_DESKTOP_REQUIRE_SIGNIN = FORCE_DESKTOP_REQUIRE_SIGNIN;
-let applicationMenuVisible = process.platform === "darwin";
 
 function envFlagEnabled(name) {
   const value = process.env[name]?.trim().toLowerCase();
   return value === "1" || value === "true" || value === "yes" || value === "on";
 }
 
+configureFakeMediaForTests(app, envFlagEnabled("OPENWORK_ELECTRON_FAKE_MEDIA"));
+const DEFAULT_DEN_BASE_URL = "https://app.openworklabs.com";
+const DEFAULT_LOCAL_BASE_URL = "http://127.0.0.1:4096";
+let applicationMenuVisible = process.platform === "darwin";
+
 const EMPTY_WORKSPACE_LIST = Object.freeze({
   selectedId: "",
   watchedId: null,
@@ -587,7 +577,7 @@ async function toggleSidebarFromNativeMenu() {
 
 function installApplicationMenu() {
   const isMac = process.platform === "darwin";
-  const template = /** @type {import("electron").MenuItemConstructorOptions[]} */ ([
+  const template = /** @type {any[]} */ ([
     ...(isMac
       ? [
           {
@@ -1173,7 +1163,8 @@ function selectBrowserTab(tabId) {
   if (previousView && previousView !== getActiveBrowserView()) {
     detachBrowserView(previousView);
   }
-    attachActiveBrowserView();
+  _snapshotReset?.();
+  attachActiveBrowserView();
   sendBrowserState();
   return getBrowserTab(tabId);
 }
@@ -1193,6 +1184,7 @@ function closeBrowserTab(tabId = activeBrowserTabId) {
       browserTabOrder[closingIndex - 1] ??
       null;
     activeBrowserTabId = nextTabId;
+    _snapshotReset?.();
     if (nextTabId) {
       attachActiveBrowserView();
     } else {
@@ -1213,6 +1205,7 @@ function closeAllBrowserTabs() {
     .map((tabId) => browserTabs.get(tabId))
     .filter(Boolean);
   hideBrowserView();
+  _snapshotReset?.();
   browserTabs.clear();
   browserTabOrder = [];
   activeBrowserTabId = null;
@@ -1247,7 +1240,7 @@ function sendBrowserState() {
 
 /**
  * Attach the browser view to the main window.
- * @param {object} bounds — { x, y, width, height }
+ * @param {object} bounds - { x, y, width, height }
  * @param {object} [opts]
  * @param {boolean} [opts.preloadDefault=false] - load default URL if the view has no URL
  * @param {boolean} [opts.ensureTab=false] - create a blank tab if needed
@@ -1278,12 +1271,15 @@ function hideBrowserView() {
   }
 }
 
+let _snapshotReset = null; // set by ensureBrowserMcpServers
+
 function destroyBrowserView() {
   hideBrowserView();
   const overlayView = menuOverlayView;
   menuOverlayView = null;
   menuOverlayRequest = null;
   try { overlayView?.webContents.close(); } catch { /* already destroyed */ }
+  _snapshotReset?.();
   for (const tab of browserTabs.values()) {
     try { tab.view.webContents.close(); } catch { /* already destroyed */ }
   }
@@ -1294,6 +1290,120 @@ function destroyBrowserView() {
   sendBrowserState();
 }
 
+// ── In-process browser MCP servers ─────────────────────────────────────
+// Two MCP servers run inside the Electron main process:
+//   "openwork-browser" — controls the embedded WebContentsView
+//   "chrome"           — connects to the user's external Chrome
+// Both are exposed as HTTP endpoints.  OpenCode connects as a remote client.
+let browserMcpPorts = null; // { builtinPort, externalPort, _snapshotReset, stop }
+
+async function ensureBrowserMcpServers() {
+  if (browserMcpPorts) return browserMcpPorts;
+
+  try {
+    browserMcpPorts = await startBrowserMcpServers({
+      getWebContents: () => getActiveWebContents(),
+      listTabs: () => listBrowserTabs(),
+      createTab: async (url) => createBrowserTab(url ?? "about:blank", { select: true }).tabId,
+      closeTab: async (tabId) => closeBrowserTab(tabId),
+      selectTab: async (tabId) => selectBrowserTab(tabId).tabId,
+      onBuiltinToolCall: async (toolName) => {
+        // Ensure the browser panel is open so the agent can interact.
+        // preloadDefault: false — the tool will navigate on its own.
+        if (!mainWindow) return;
+        if (!browserViewVisible) {
+          attachBrowserView(
+            { x: 0, y: 0, width: 0, height: 0 },
+            { preloadDefault: false, ensureTab: toolName !== "create_page" },
+          );
+        }
+        sendToRenderer("openwork:browser:panel-opened");
+      },
+      onHideBrowser: () => {
+        hideBrowserView();
+        sendToRenderer("openwork:browser:panel-closed");
+      },
+    });
+    // Wire snapshot reset so destroyBrowserView clears stale uid state
+    if (browserMcpPorts._snapshotReset) {
+      _snapshotReset = browserMcpPorts._snapshotReset;
+    }
+    console.log(`[browser-mcp] Built-in browser MCP at http://127.0.0.1:${browserMcpPorts.builtinPort}/mcp`);
+    console.log(`[browser-mcp] External Chrome MCP at http://127.0.0.1:${browserMcpPorts.externalPort}/mcp`);
+  } catch (err) {
+    console.error("[browser-mcp] Failed to start:", err);
+    return null;
+  }
+  return browserMcpPorts;
+}
+
+/**
+ * Inject the in-process MCP servers as remote entries in opencode.json.
+ * Replaces any legacy local chrome-devtools entries.
+ *
+ * Browser MCP servers prefer stable localhost ports (64883/64884), so this
+ * remains stable across app restarts instead of writing a fresh random port
+ * every time.
+ */
+async function seedBrowserMcpConfig(workspaceDir) {
+  const ports = await ensureBrowserMcpServers();
+  if (!ports) return;
+
+  const jsoncPath = path.join(workspaceDir, "opencode.jsonc");
+  const jsonPath = path.join(workspaceDir, "opencode.json");
+  const configPath = existsSync(jsoncPath) ? jsoncPath : existsSync(jsonPath) ? jsonPath : null;
+
+  let config;
+  if (configPath) {
+    try { config = parseOpencodeConfig(await readFile(configPath, "utf8")); } catch { return; }
+  } else {
+    config = { $schema: "https://opencode.ai/config.json" };
+  }
+
+  if (!config.mcp || typeof config.mcp !== "object") config.mcp = {};
+
+  let changed = !configPath;
+
+  const builtinUrl = `http://127.0.0.1:${ports.builtinPort}/mcp`;
+  if (config.mcp["openwork-browser"]?.url !== builtinUrl) {
+    config.mcp["openwork-browser"] = { type: "remote", url: builtinUrl };
+    changed = true;
+  }
+
+  const externalUrl = `http://127.0.0.1:${ports.externalPort}/mcp`;
+  if (config.mcp["chrome"]?.url !== externalUrl) {
+    config.mcp["chrome"] = { type: "remote", url: externalUrl };
+    changed = true;
+  }
+
+  // UI control bridge
+  try {
+    const uiDiscovery = JSON.parse(await readFile(path.join(app.getPath("userData"), "openwork-ui-control.json"), "utf8"));
+    if (uiDiscovery?.baseUrl) {
+      const uiUrl = `${uiDiscovery.baseUrl}/mcp`;
+      if (config.mcp["openwork-ui"]?.url !== uiUrl) {
+        config.mcp["openwork-ui"] = { type: "remote", url: uiUrl };
+        changed = true;
+      }
+    }
+  } catch {
+    // UI control bridge not started yet — skip.
+  }
+
+  // Remove legacy entries
+  for (const key of ["chrome-devtools", "control-chrome"]) {
+    if (config.mcp[key]) {
+      delete config.mcp[key];
+      changed = true;
+    }
+  }
+
+  if (changed) {
+    const targetPath = configPath || jsoncPath;
+    await writeFile(targetPath, `${JSON.stringify(config, null, 2)}\n`, "utf8");
+  }
+}
+
 function normalizePlatform(value) {
   if (value === "darwin" || value === "linux") return value;
   if (value === "win32") return "windows";
@@ -1328,27 +1438,47 @@ function flushPendingDeepLinks() {
   mainWindow.webContents.send(NATIVE_DEEP_LINK_EVENT, urls);
 }
 
-function desktopBootstrapPath() {
-  if (process.env.OPENWORK_DESKTOP_BOOTSTRAP_PATH?.trim()) {
-    return process.env.OPENWORK_DESKTOP_BOOTSTRAP_PATH.trim();
-  }
-  // Dev mode swaps process.env.HOME to the sandboxed dev-data home midway
-  // through startup (runtime.mjs buildChildEnv → Object.assign(process.env)),
-  // which changes what os.homedir() returns. Resolve the dev-data home
-  // deterministically so early and late IPC reads target the same file —
-  // otherwise the renderer can bootstrap against the wrong control plane
-  // until a manual reload.
-  if (process.env.OPENWORK_DEV_MODE === "1") {
-    return path.join(
-      app.getPath("userData"),
-      "openwork-dev-data",
-      "home",
-      ".config",
-      "openwork",
-      "desktop-bootstrap.json",
-    );
+function deterministicDevDesktopBootstrapPath() {
+  return path.join(
+    app.getPath("userData"),
+    "openwork-dev-data",
+    "home",
+    ".config",
+    "openwork",
+    "desktop-bootstrap.json",
+  );
+}
+
+function desktopBootstrapCandidatesForRuntime() {
+  const candidates = desktopBootstrapCandidates();
+  if (process.env.OPENWORK_DEV_MODE !== "1") return candidates;
+
+  // Dev mode swaps process.env.HOME/XDG paths to the sandboxed dev-data home
+  // midway through startup (runtime.mjs buildChildEnv → Object.assign(process.env)).
+  // Keep the branch's env/managed/user candidate model, but collapse user-level
+  // dev config reads/writes to the same deterministic path before and after the
+  // environment mutation so the renderer never bootstraps from a stale file.
+  const devPath = deterministicDevDesktopBootstrapPath();
+  const resolved = [];
+  let addedDevUser = false;
+  for (const candidate of candidates) {
+    if (candidate.source === "user" || candidate.source === "user-dev") {
+      if (!addedDevUser) {
+        resolved.push({ source: "user-dev", path: devPath });
+        addedDevUser = true;
+      }
+      continue;
+    }
+    resolved.push(candidate);
   }
-  return path.join(os.homedir(), ".config", "openwork", "desktop-bootstrap.json");
+  if (!addedDevUser) {
+    resolved.push({ source: "user-dev", path: devPath });
+  }
+  return resolved;
+}
+
+function desktopBootstrapPath() {
+  return desktopBootstrapCandidatesForRuntime()[0]?.path ?? path.join(os.homedir(), ".config", "openwork", "desktop-bootstrap.json");
 }
 
 function workspaceStatePath() {
@@ -1488,61 +1618,63 @@ async function writeJsonFileAtomic(outputPath, value) {
   await rename(tempPath, outputPath);
 }
 
-function normalizeDesktopBootstrapConfig(input) {
-  const baseUrl = typeof input?.baseUrl === "string" ? input.baseUrl.trim() : "";
-  if (!baseUrl) {
-    throw new Error("baseUrl is required");
-  }
-
-  const apiBaseUrl =
-    typeof input?.apiBaseUrl === "string" && input.apiBaseUrl.trim().length > 0
-      ? input.apiBaseUrl.trim()
-      : null;
-  return {
-    baseUrl,
-    apiBaseUrl,
-    requireSignin: FORCE_DESKTOP_REQUIRE_SIGNIN || input?.requireSignin === true,
-  };
-}
-
 async function getDesktopBootstrapConfig() {
-  const configPath = desktopBootstrapPath();
-  try {
-    const raw = await readFile(configPath, "utf8");
-    return normalizeDesktopBootstrapConfig(JSON.parse(raw));
-  } catch (error) {
-    console.warn("[desktop-bootstrap] falling back to defaults", {
-      path: configPath,
-      error: error instanceof Error ? error.message : String(error),
-    });
-    return {
-      baseUrl: DEFAULT_DEN_BASE_URL,
-      apiBaseUrl: null,
-      requireSignin: DEFAULT_DESKTOP_REQUIRE_SIGNIN,
-    };
+  const errors = [];
+  for (const candidate of desktopBootstrapCandidatesForRuntime()) {
+    if (!existsSync(candidate.path)) continue;
+    try {
+      const raw = await readFile(candidate.path, "utf8");
+      return {
+        ...normalizeDesktopBootstrapConfig(JSON.parse(raw)),
+        source: candidate.source,
+        path: candidate.path,
+      };
+    } catch (error) {
+      errors.push({
+        source: candidate.source,
+        path: candidate.path,
+        error: error instanceof Error ? error.message : String(error),
+      });
+    }
   }
+  if (errors.length) {
+    console.warn("[desktop-bootstrap] ignored invalid bootstrap config", errors);
+  }
+  return defaultDesktopBootstrapConfig();
 }
 
 async function debugDesktopBootstrapConfig() {
-  const configPath = desktopBootstrapPath();
+  const candidates = desktopBootstrapCandidatesForRuntime();
+  const config = await getDesktopBootstrapConfig();
   const result = {
-    path: configPath,
+    path: config.path ?? candidates[0]?.path ?? null,
+    source: config.source ?? "default",
+    candidates: [],
     home: os.homedir(),
     envHome: process.env.HOME ?? null,
     envOverride: process.env.OPENWORK_DESKTOP_BOOTSTRAP_PATH ?? null,
-    exists: existsSync(configPath),
+    exists: Boolean(config.path && existsSync(config.path)),
     raw: null,
     parsed: null,
-    normalized: null,
+    normalized: config,
     error: null,
   };
 
-  try {
-    result.raw = await readFile(configPath, "utf8");
-    result.parsed = JSON.parse(result.raw);
-    result.normalized = normalizeDesktopBootstrapConfig(result.parsed);
-  } catch (error) {
-    result.error = error instanceof Error ? error.message : String(error);
+  for (const candidate of candidates) {
+    const entry = { ...candidate, exists: existsSync(candidate.path), normalized: null, error: null };
+    if (entry.exists) {
+      try {
+        const raw = await readFile(candidate.path, "utf8");
+        entry.normalized = normalizeDesktopBootstrapConfig(JSON.parse(raw));
+        if (candidate.path === config.path) {
+          result.raw = raw;
+          result.parsed = JSON.parse(raw);
+        }
+      } catch (error) {
+        entry.error = error instanceof Error ? error.message : String(error);
+      }
+    }
+    result.candidates.push(entry);
   }
 
   return result;
@@ -1550,7 +1682,8 @@ async function debugDesktopBootstrapConfig() {
 
 async function setDesktopBootstrapConfig(config) {
   const normalized = normalizeDesktopBootstrapConfig(config);
-  const outputPath = desktopBootstrapPath();
+  const writableSource = process.env.OPENWORK_DEV_MODE === "1" ? "user-dev" : "user";
+  const outputPath = process.env.OPENWORK_DESKTOP_BOOTSTRAP_PATH?.trim() || desktopBootstrapCandidatesForRuntime().find((candidate) => candidate.source === writableSource)?.path || desktopBootstrapPath();
   await mkdir(path.dirname(outputPath), { recursive: true });
   await writeFile(outputPath, `${JSON.stringify(normalized, null, 2)}\n`, "utf8");
   return normalized;
@@ -1695,32 +1828,6 @@ function openworkRemoteWorkspaceId(hostUrl, workspaceId) {
   return `rem_${createHash("sha256").update(`openwork::${hostUrl}`).digest("hex").slice(0, 12)}`;
 }
 
-async function fetchOpenworkWorkspaceList(hostUrl, token, hostToken) {
-  const url = `${String(hostUrl ?? "").replace(/\/+$/, "")}/workspaces`;
-  const controller = new AbortController();
-  const timeout = setTimeout(() => controller.abort(), 8_000);
-  const headers = new Headers();
-  const bearerToken = String(token ?? "").trim();
-  const hostAuthToken = String(hostToken ?? "").trim();
-  if (bearerToken) headers.set("Authorization", `Bearer ${bearerToken}`);
-  if (hostAuthToken) headers.set("X-OpenWork-Host-Token", hostAuthToken);
-
-  try {
-    const response = await fetch(url, { headers, signal: controller.signal });
-    if (!response.ok) {
-      throw new Error(`OpenWork workspace discovery failed (${response.status} ${response.statusText || "HTTP error"})`);
-    }
-    return await response.json();
-  } finally {
-    clearTimeout(timeout);
-  }
-}
-
-async function discoverOpenworkWorkspace({ hostUrl, token, hostToken, directory }) {
-  const list = await fetchOpenworkWorkspaceList(hostUrl, token, hostToken);
-  return selectOpenworkWorkspaceForConnection(list, directory);
-}
-
 async function readWorkspaceOpenworkConfig(workspacePath) {
   const openworkPath = path.join(workspacePath, ".opencode", "openwork.json");
   if (!(await pathExists(openworkPath))) {
@@ -1739,6 +1846,7 @@ async function writeWorkspaceOpenworkConfig(workspacePath, config) {
 
 async function readWorkspaceState() {
   const state = await readJsonFile(workspaceStatePath(), EMPTY_WORKSPACE_LIST);
+  const activeDenBaseUrl = (await getDesktopBootstrapConfig()).baseUrl;
   const selectedId =
     typeof state?.selectedId === "string"
       ? state.selectedId
@@ -1809,26 +1917,58 @@ async function readWorkspaceState() {
   const migratedActiveId = activeId ? idMap.get(activeId) ?? activeId : null;
   if (migratedSelectedId !== selectedId || migratedWatchedId !== watchedId || migratedActiveId !== activeId) changed = true;
 
+  const compatibleWorkspaces = filterWorkspacesForManagedDen(dedupedWorkspaces, activeDenBaseUrl);
+  let nextSelectedId = migratedSelectedId;
+  let nextWatchedId = migratedWatchedId;
+  let nextActiveId = migratedActiveId;
+  if (nextSelectedId && !compatibleWorkspaces.some((entry) => entry?.id === nextSelectedId)) {
+    nextSelectedId = "";
+    changed = true;
+  }
+  if (nextWatchedId && !compatibleWorkspaces.some((entry) => entry?.id === nextWatchedId)) {
+    nextWatchedId = null;
+    changed = true;
+  }
+  if (nextActiveId && !compatibleWorkspaces.some((entry) => entry?.id === nextActiveId)) {
+    nextActiveId = null;
+    changed = true;
+  }
+  const selectedWorkspace = nextSelectedId
+    ? compatibleWorkspaces.find((entry) => entry?.id === nextSelectedId)
+    : null;
+  if (!selectedWorkspace && nextSelectedId) {
+    const fallback = compatibleWorkspaces[0];
+    nextSelectedId = fallback?.id ?? "";
+    nextWatchedId = fallback?.id ?? null;
+    nextActiveId = fallback?.id ?? null;
+    changed = true;
+  }
+
   const nextState = {
     selectedId:
-      migratedSelectedId,
-    watchedId: migratedWatchedId,
-    activeId: migratedActiveId,
+      nextSelectedId,
+    watchedId: nextWatchedId,
+    activeId: nextActiveId,
     workspaces: dedupedWorkspaces,
   };
 
   if (changed) {
     return writeWorkspaceState(nextState);
   }
-  return nextState;
+  return runtimeWorkspaceStateForManagedDen(nextState, activeDenBaseUrl);
 }
 
 async function writeWorkspaceState(nextState) {
   const outputPath = workspaceStatePath();
   const selectedId = String(nextState?.selectedId ?? nextState?.activeId ?? "");
   const watchedId = typeof nextState?.watchedId === "string" ? nextState.watchedId : "";
+  const runtimeWorkspaces = Array.isArray(nextState?.workspaces) ? nextState.workspaces : [];
+  const persistedWorkspaces = persistedWorkspacesForRuntimeState(nextState);
   const output = {
     ...nextState,
+    workspaces: persistedWorkspaces
+      ? mergeWorkspaceListsPreservingHidden(persistedWorkspaces, runtimeWorkspaces)
+      : runtimeWorkspaces,
     // Tauri's Rust state uses selectedWorkspaceId/watchedWorkspaceId on disk
     // (with activeId as a legacy alias). Keep Electron's selectedId/watchedId
     // too so older Electron builds can still read the same file.
@@ -1839,7 +1979,8 @@ async function writeWorkspaceState(nextState) {
     activeId: selectedId || null,
   };
   await writeJsonFileAtomic(outputPath, output);
-  return output;
+  const activeDenBaseUrl = (await getDesktopBootstrapConfig()).baseUrl;
+  return runtimeWorkspaceStateForManagedDen(output, activeDenBaseUrl);
 }
 
 const runtimeManager = createRuntimeManager({
@@ -2003,6 +2144,9 @@ function normalizeWorkspaceEntry(input) {
     openworkHostToken: input.openworkHostToken ?? null,
     openworkWorkspaceId: input.openworkWorkspaceId ?? null,
     openworkWorkspaceName: input.openworkWorkspaceName ?? null,
+    openworkDenBaseUrl: input.openworkDenBaseUrl ?? null,
+    openworkDenOrgId: input.openworkDenOrgId ?? null,
+    openworkDenWorkerId: input.openworkDenWorkerId ?? null,
     sandboxBackend: input.sandboxBackend ?? null,
     sandboxRunId: input.sandboxRunId ?? null,
     sandboxContainerName: input.sandboxContainerName ?? null,
@@ -2011,7 +2155,10 @@ function normalizeWorkspaceEntry(input) {
 
 async function mutateWorkspaceState(mutator) {
   const current = await readWorkspaceState();
-  const next = await mutator({ ...current, workspaces: [...current.workspaces] });
+  const mutableState = { ...current, workspaces: [...current.workspaces] };
+  const persistedWorkspaces = persistedWorkspacesForRuntimeState(current);
+  if (persistedWorkspaces) attachPersistedWorkspacesForWrite(mutableState, persistedWorkspaces);
+  const next = await mutator(mutableState);
   return writeWorkspaceState(next);
 }
 
@@ -2328,6 +2475,8 @@ async function handleDesktopInvoke(event, command, ...args) {
       await mkdir(path.join(folderPath, ".opencode"), { recursive: true });
       await writeWorkspaceOpenworkConfig(folderPath, defaultWorkspaceOpenworkConfig(folderPath, preset));
 
+      // Clean up any legacy browser MCP entries from the new workspace config
+      await seedBrowserMcpConfig(folderPath);
       return mutateWorkspaceState((state) => {
         const workspacePathKey = normalizeWorkspacePathKey(workspace.path);
         state.workspaces = state.workspaces.filter(
@@ -2366,7 +2515,6 @@ async function handleDesktopInvoke(event, command, ...args) {
         const discovered = await discoverOpenworkWorkspace({
           hostUrl: openworkHostUrl ?? baseUrl,
           token: input.openworkToken,
-          hostToken: input.openworkHostToken,
           directory,
         });
         if (!discovered?.id) {
@@ -2398,6 +2546,9 @@ async function handleDesktopInvoke(event, command, ...args) {
         openworkHostToken: input.openworkHostToken ?? null,
         openworkWorkspaceId: resolvedOpenworkWorkspaceId,
         openworkWorkspaceName: resolvedOpenworkWorkspaceName,
+        openworkDenBaseUrl: input.openworkDenBaseUrl ?? null,
+        openworkDenOrgId: input.openworkDenOrgId ?? null,
+        openworkDenWorkerId: input.openworkDenWorkerId ?? null,
         sandboxBackend: input.sandboxBackend ?? null,
         sandboxRunId: input.sandboxRunId ?? null,
         sandboxContainerName: input.sandboxContainerName ?? null,
@@ -2441,7 +2592,6 @@ async function handleDesktopInvoke(event, command, ...args) {
             const discovered = await discoverOpenworkWorkspace({
               hostUrl: hostUrl ?? nextBaseUrl,
               token: nextWorkspace.openworkToken,
-              hostToken: nextWorkspace.openworkHostToken,
               directory,
             });
             if (!discovered?.id) {
@@ -2824,21 +2974,16 @@ async function handleDesktopInvoke(event, command, ...args) {
     }
     case "__fetch": {
       const url = String(args[0] ?? "").trim();
-      const init = args[1] ?? {};
       if (!url) throw new Error("URL is required.");
-      const timeoutMs = Number(init.timeoutMs);
-      const response = await fetch(url, {
-        method: typeof init.method === "string" ? init.method : undefined,
-        headers: init.headers && typeof init.headers === "object" ? init.headers : undefined,
-        body: typeof init.body === "string" ? init.body : undefined,
-        signal: Number.isFinite(timeoutMs) && timeoutMs > 0 ? AbortSignal.timeout(timeoutMs) : undefined,
-      });
-      return {
-        status: response.status,
-        statusText: response.statusText,
-        headers: Array.from(response.headers.entries()),
-        body: await response.text(),
-      };
+      const parsed = new URL(url);
+      if (!["http:", "https:"].includes(parsed.protocol)) {
+        throw new Error("Desktop fetch only supports HTTP(S) URLs.");
+      }
+      const state = await readWorkspaceState();
+      if (!isDesktopFetchAllowedForWorkspaces(parsed.toString(), state.workspaces)) {
+        throw new Error("Desktop fetch is limited to configured remote workspace origins.");
+      }
+      return desktopFetch(args[0], args[1]);
     }
     case "__homeDir":
       return os.homedir();
@@ -2857,6 +3002,10 @@ async function handleDesktopInvoke(event, command, ...args) {
       return applyNativeTheme(String(args[0]));
     case "__setApplicationMenuVisible":
       return setApplicationMenuVisible(args[0]);
+    case "getBrowserMcpPorts":
+      return browserMcpPorts
+        ? { builtinPort: browserMcpPorts.builtinPort, externalPort: browserMcpPorts.externalPort }
+        : null;
     default:
       throw new Error(`Electron desktop bridge method is not implemented yet: ${command}`);
   }
@@ -3264,6 +3413,20 @@ if (!app.requestSingleInstanceLock()) {
       error: error instanceof Error ? error.message : String(error),
     }));
 
+    // Start in-process browser MCP servers and inject stable endpoints into
+    // workspace configs.
+    ensureBrowserMcpServers().then(async (ports) => {
+      if (!ports) return;
+      try {
+        const wsState = await readWorkspaceState();
+        for (const ws of wsState.workspaces ?? []) {
+          if (ws.path && ws.workspaceType === "local") {
+            await seedBrowserMcpConfig(ws.path).catch(() => {});
+          }
+        }
+      } catch {}
+    }).catch((err) => console.warn("[browser-mcp] boot error:", err));
+
     queueDeepLinks(forwardedDeepLinks(process.argv));
     const win = await createMainWindow();
     win.webContents.on("did-finish-load", () => {
diff --git a/apps/desktop/electron/menu-overlay-preload.mjs b/apps/desktop/electron/menu-overlay-preload.mjs
index adfb334f71..699539fb1e 100644
--- a/apps/desktop/electron/menu-overlay-preload.mjs
+++ b/apps/desktop/electron/menu-overlay-preload.mjs
@@ -1,4 +1,8 @@
-import { contextBridge, ipcRenderer } from "electron";
+import { createRequire } from "node:module";
+
+const require = createRequire(import.meta.url);
+const electron = require("electron");
+const { contextBridge, ipcRenderer } = electron;
 
 let latestRequest = null;
 let showCallback = null;
diff --git a/apps/desktop/electron/opencode-config-json.mjs b/apps/desktop/electron/opencode-config-json.mjs
new file mode 100644
index 0000000000..1b7c97f40e
--- /dev/null
+++ b/apps/desktop/electron/opencode-config-json.mjs
@@ -0,0 +1,10 @@
+import { parse } from "jsonc-parser";
+
+export function parseOpencodeConfig(raw) {
+  const errors = [];
+  const config = parse(raw, errors, { allowTrailingComma: true });
+  if (errors.length || !config || typeof config !== "object" || Array.isArray(config)) {
+    throw new Error("Invalid OpenCode config JSON/JSONC.");
+  }
+  return config;
+}
diff --git a/apps/desktop/electron/opencode-config-json.test.mjs b/apps/desktop/electron/opencode-config-json.test.mjs
new file mode 100644
index 0000000000..3df6bc71de
--- /dev/null
+++ b/apps/desktop/electron/opencode-config-json.test.mjs
@@ -0,0 +1,24 @@
+import assert from "node:assert/strict";
+import test from "node:test";
+
+import { parseOpencodeConfig } from "./opencode-config-json.mjs";
+
+test("parseOpencodeConfig accepts commented opencode.jsonc", () => {
+  assert.deepEqual(
+    parseOpencodeConfig(`{
+      // Browser MCP entries are seeded into commented configs.
+      "mcp": {
+        "existing": { "type": "remote", "url": "http://127.0.0.1:1/mcp" },
+      },
+    }`),
+    {
+      mcp: {
+        existing: { type: "remote", url: "http://127.0.0.1:1/mcp" },
+      },
+    },
+  );
+});
+
+test("parseOpencodeConfig rejects invalid config text", () => {
+  assert.throws(() => parseOpencodeConfig("// only a comment"), /Invalid OpenCode config JSON\/JSONC/);
+});
diff --git a/apps/desktop/electron/preload.mjs b/apps/desktop/electron/preload.mjs
index 3633eba4e0..a480c07c23 100644
--- a/apps/desktop/electron/preload.mjs
+++ b/apps/desktop/electron/preload.mjs
@@ -1,4 +1,8 @@
-import { contextBridge, ipcRenderer } from "electron";
+import { createRequire } from "node:module";
+
+const require = createRequire(import.meta.url);
+const electron = require("electron");
+const { contextBridge, ipcRenderer } = electron;
 
 const NATIVE_DEEP_LINK_EVENT = "openwork:deep-link-native";
 const NATIVE_MENU_OPEN_SETTINGS_EVENT = "openwork:native-menu:open-settings";
diff --git a/apps/desktop/electron/remote-workspace.mjs b/apps/desktop/electron/remote-workspace.mjs
index bd2e873878..6a60199a1a 100644
--- a/apps/desktop/electron/remote-workspace.mjs
+++ b/apps/desktop/electron/remote-workspace.mjs
@@ -44,3 +44,96 @@ export function openworkWorkspaceDisplayName(workspace) {
     null
   );
 }
+
+/**
+ * Build headers for the normal `/workspaces` client-discovery path.
+ * Host tokens are intentionally excluded; they are valid only for explicit
+ * host-only routes such as `/env/*`.
+ *
+ * @param {unknown} token
+ */
+export function openworkWorkspaceDiscoveryHeaders(token) {
+  const headers = new Headers();
+  const bearerToken = trim(token);
+  if (bearerToken) headers.set("Authorization", `Bearer ${bearerToken}`);
+  return headers;
+}
+
+/**
+ * @param {unknown} hostUrl
+ * @param {unknown} token
+ * @param {{ fetchImpl?: typeof fetch; timeoutMs?: number }} [options]
+ */
+export async function fetchOpenworkWorkspaceList(hostUrl, token, options = {}) {
+  const url = `${String(hostUrl ?? "").replace(/\/+$/, "")}/workspaces`;
+  const timeoutMs = Number.isFinite(Number(options.timeoutMs)) && Number(options.timeoutMs) > 0
+    ? Math.max(1, Math.floor(Number(options.timeoutMs)))
+    : 8_000;
+  const controller = new AbortController();
+  const timeout = setTimeout(() => controller.abort(), timeoutMs);
+  const fetchImpl = typeof options.fetchImpl === "function" ? options.fetchImpl : fetch;
+
+  try {
+    const response = await fetchImpl(url, {
+      headers: openworkWorkspaceDiscoveryHeaders(token),
+      signal: controller.signal,
+    });
+    if (!response.ok) {
+      throw new Error(`OpenWork workspace discovery failed (${response.status} ${response.statusText || "HTTP error"})`);
+    }
+    return await response.json();
+  } finally {
+    clearTimeout(timeout);
+  }
+}
+
+/**
+ * @param {{ hostUrl: unknown; token?: unknown; directory?: unknown; fetchImpl?: typeof fetch; timeoutMs?: number }} input
+ */
+export async function discoverOpenworkWorkspace({ hostUrl, token, directory, fetchImpl, timeoutMs }) {
+  const list = await fetchOpenworkWorkspaceList(hostUrl, token, { fetchImpl, timeoutMs });
+  return selectOpenworkWorkspaceForConnection(list, directory);
+}
+
+function stripOpenworkWorkspaceMount(input) {
+  const raw = trim(input);
+  if (!raw) return null;
+  try {
+    const url = new URL(raw);
+    const segments = url.pathname.split("/").filter(Boolean);
+    const workspaceIndex = segments.indexOf("workspace");
+    const legacyIndex = segments.indexOf("w");
+    const mountIndex = workspaceIndex >= 0 ? workspaceIndex : legacyIndex;
+    if (mountIndex >= 0 && segments[mountIndex + 1]) {
+      const prefix = segments.slice(0, mountIndex).join("/");
+      url.pathname = prefix ? `/${prefix}` : "/";
+    }
+    return url.toString().replace(/\/+$/, "");
+  } catch {
+    return raw.replace(/\/(?:workspace|w)\/[^/?#]+.*$/, "").replace(/\/+$/, "") || raw;
+  }
+}
+
+export function isDesktopFetchAllowedForWorkspaces(url, workspaces) {
+  let parsed;
+  try {
+    parsed = new URL(trim(url));
+  } catch {
+    return false;
+  }
+  if (!["http:", "https:"].includes(parsed.protocol)) return false;
+
+  for (const workspace of Array.isArray(workspaces) ? workspaces : []) {
+    if (workspace?.workspaceType !== "remote") continue;
+    for (const candidate of [workspace.baseUrl, workspace.openworkHostUrl]) {
+      const stripped = stripOpenworkWorkspaceMount(candidate);
+      if (!stripped) continue;
+      try {
+        if (new URL(stripped).origin === parsed.origin) return true;
+      } catch {
+        // Ignore malformed persisted values; they are not valid fetch targets.
+      }
+    }
+  }
+  return false;
+}
diff --git a/apps/desktop/electron/remote-workspace.test.mjs b/apps/desktop/electron/remote-workspace.test.mjs
index c7ba555332..4d6626f397 100644
--- a/apps/desktop/electron/remote-workspace.test.mjs
+++ b/apps/desktop/electron/remote-workspace.test.mjs
@@ -2,6 +2,10 @@ import { describe, it } from "node:test";
 import assert from "node:assert/strict";
 
 import {
+  discoverOpenworkWorkspace,
+  fetchOpenworkWorkspaceList,
+  isDesktopFetchAllowedForWorkspaces,
+  openworkWorkspaceDiscoveryHeaders,
   openworkWorkspaceDisplayName,
   selectOpenworkWorkspaceForConnection,
 } from "./remote-workspace.mjs";
@@ -87,6 +91,26 @@ describe("selectOpenworkWorkspaceForConnection", () => {
   });
 });
 
+describe("isDesktopFetchAllowedForWorkspaces", () => {
+  const workspaces = [
+    {
+      workspaceType: "remote",
+      baseUrl: "https://worker.example.com/w/rem_ws_123",
+      openworkHostUrl: "https://worker.example.com",
+    },
+    { workspaceType: "local", baseUrl: "https://ignored.example.com" },
+  ];
+
+  it("allows configured remote workspace origins", () => {
+    assert.equal(isDesktopFetchAllowedForWorkspaces("https://worker.example.com/workspaces", workspaces), true);
+  });
+
+  it("rejects unconfigured origins and non-HTTP protocols", () => {
+    assert.equal(isDesktopFetchAllowedForWorkspaces("https://attacker.example.com/workspaces", workspaces), false);
+    assert.equal(isDesktopFetchAllowedForWorkspaces("file:///etc/passwd", workspaces), false);
+  });
+});
+
 describe("openworkWorkspaceDisplayName", () => {
   it("prefers display fields before id", () => {
     assert.equal(
@@ -99,3 +123,44 @@ describe("openworkWorkspaceDisplayName", () => {
     );
   });
 });
+
+describe("OpenWork workspace discovery client", () => {
+  it("builds normal discovery headers with bearer auth only", () => {
+    const headers = openworkWorkspaceDiscoveryHeaders("remote-client-token");
+
+    assert.equal(headers.get("Authorization"), "Bearer remote-client-token");
+    assert.equal(headers.has("X-OpenWork-Host-Token"), false);
+  });
+
+  it("does not expose host token input on discovery API surface", async () => {
+    const requests = [];
+    const discovered = await discoverOpenworkWorkspace({
+      hostUrl: "https://worker.example.test",
+      token: "remote-client-token",
+      directory: "/workspace/project",
+      fetchImpl: async (url, init) => {
+        requests.push({ url, headers: init.headers });
+        return Response.json({
+          items: [{ id: "ws_project", name: "Project", path: "/workspace/project" }],
+        });
+      },
+    });
+
+    assert.equal(discovered?.id, "ws_project");
+    assert.equal(requests[0].url, "https://worker.example.test/workspaces");
+    assert.equal(requests[0].headers.get("Authorization"), "Bearer remote-client-token");
+    assert.equal(requests[0].headers.has("X-OpenWork-Host-Token"), false);
+  });
+
+  it("uses the normal client path for workspace list fetches", async () => {
+    const list = await fetchOpenworkWorkspaceList("https://worker.example.test/", "remote-client-token", {
+      fetchImpl: async (_url, init) => {
+        assert.equal(init.headers.get("Authorization"), "Bearer remote-client-token");
+        assert.equal(init.headers.get("X-OpenWork-Host-Token"), null);
+        return Response.json({ items: [] });
+      },
+    });
+
+    assert.deepEqual(list, { items: [] });
+  });
+});
diff --git a/apps/desktop/electron/runtime.test.mjs b/apps/desktop/electron/runtime.test.mjs
index 96f87ee847..638270b04b 100644
--- a/apps/desktop/electron/runtime.test.mjs
+++ b/apps/desktop/electron/runtime.test.mjs
@@ -1,5 +1,6 @@
 import { describe, it } from "node:test";
 import assert from "node:assert/strict";
+import path from "node:path";
 
 import {
   commandMatchesPackagedSidecar,
@@ -83,7 +84,7 @@ describe("resolveOpenworkServerConfigPath", () => {
   it("respects explicit server config path", () => {
     assert.equal(
       resolveOpenworkServerConfigPath({ OPENWORK_SERVER_CONFIG: "/tmp/openwork/server.json" }),
-      "/tmp/openwork/server.json",
+      path.resolve("/tmp/openwork/server.json"),
     );
   });
 
diff --git a/apps/desktop/package.json b/apps/desktop/package.json
index f7b2467c30..d2de806336 100644
--- a/apps/desktop/package.json
+++ b/apps/desktop/package.json
@@ -7,7 +7,7 @@
     "name": "OpenWork",
     "email": "support@openworklabs.com"
   },
-  "main": "electron/main.mjs",
+  "main": "electron/main.cjs",
   "type": "module",
   "scripts": {
     "dev": "node ./scripts/electron-dev.mjs",
@@ -18,14 +18,17 @@
     "build:electron": "node ./scripts/electron-build.mjs",
     "package:electron": "pnpm run build:electron && pnpm exec electron-builder --config electron-builder.yml",
     "package:electron:dir": "pnpm run build:electron && pnpm exec electron-builder --config electron-builder.yml --dir",
-    "electron": "pnpm exec electron ./electron/main.mjs",
+    "electron": "pnpm exec electron ./electron/main.cjs",
     "check:electron": "node ./scripts/check-electron-bridge.mjs",
+    "check:packaged-startup": "node ./scripts/check-packaged-startup.mjs",
     "typecheck:electron": "pnpm --dir ../server exec tsc -p ../desktop/tsconfig.electron.json --noEmit",
     "prepare:sidecar": "node ./scripts/prepare-sidecar.mjs"
   },
   "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.29.0",
     "@opencode-ai/sdk": "^1.16.2",
     "better-sqlite3": "^11.10.0",
+    "chrome-devtools-mcp": "0.17.0",
     "drizzle-orm": "^0.45.1",
     "electron-updater": "^6.3.9",
     "jsonc-parser": "^3.2.1",
diff --git a/apps/desktop/scripts/check-packaged-startup.mjs b/apps/desktop/scripts/check-packaged-startup.mjs
new file mode 100644
index 0000000000..8a6b09462d
--- /dev/null
+++ b/apps/desktop/scripts/check-packaged-startup.mjs
@@ -0,0 +1,53 @@
+import { spawn } from "node:child_process";
+import { existsSync } from "node:fs";
+import path from "node:path";
+import { fileURLToPath } from "node:url";
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const desktopRoot = path.resolve(__dirname, "..");
+
+const executable = process.platform === "win32"
+  ? path.join(desktopRoot, "dist-electron", "win-unpacked", "OpenWork.exe")
+  : process.platform === "darwin"
+    ? path.join(desktopRoot, "dist-electron", "mac", "OpenWork.app", "Contents", "MacOS", "OpenWork")
+    : path.join(desktopRoot, "dist-electron", "linux-unpacked", "openwork");
+
+if (!existsSync(executable)) {
+  console.error(`[packaged-startup] missing packaged executable: ${executable}`);
+  process.exit(1);
+}
+
+const env = { ...process.env };
+// Many agent/test shells set this to use Electron as a Node runtime. A packaged
+// desktop startup check must remove it; otherwise Electron exits before loading
+// the app's main entrypoint, which is not representative of end-user launches.
+delete env.ELECTRON_RUN_AS_NODE;
+
+const child = spawn(executable, [], {
+  cwd: desktopRoot,
+  env,
+  stdio: ["ignore", "pipe", "pipe"],
+  windowsHide: true,
+});
+
+let stdout = "";
+let stderr = "";
+child.stdout?.on("data", (chunk) => { stdout += chunk.toString(); });
+child.stderr?.on("data", (chunk) => { stderr += chunk.toString(); });
+
+const timeout = Number.parseInt(process.env.OPENWORK_PACKAGED_STARTUP_MS ?? "10000", 10);
+const startupMs = Number.isFinite(timeout) && timeout > 0 ? timeout : 10_000;
+
+const timer = setTimeout(() => {
+  child.kill("SIGTERM");
+  console.log(`[packaged-startup] ok: process stayed alive for ${startupMs}ms`);
+}, startupMs);
+
+child.on("exit", (code, signal) => {
+  clearTimeout(timer);
+  if (signal === "SIGTERM") return;
+  console.error(`[packaged-startup] failed: process exited early with code=${code} signal=${signal ?? ""}`);
+  if (stdout.trim()) console.error(`[packaged-startup] stdout:\n${stdout}`);
+  if (stderr.trim()) console.error(`[packaged-startup] stderr:\n${stderr}`);
+  process.exit(code ?? 1);
+});
diff --git a/apps/server/src/env-routes.e2e.test.ts b/apps/server/src/env-routes.e2e.test.ts
index 86b838b628..78c5856aee 100644
--- a/apps/server/src/env-routes.e2e.test.ts
+++ b/apps/server/src/env-routes.e2e.test.ts
@@ -38,6 +38,30 @@ function baseConfig(): ServerConfig {
   } as ServerConfig;
 }
 
+function remoteWorkspaceConfig(): ServerConfig {
+  const config = baseConfig();
+  config.workspaces = [{
+    id: "rem_ws_remote",
+    name: "Remote",
+    path: "",
+    preset: "remote",
+    workspaceType: "remote",
+    remoteType: "openwork",
+    baseUrl: "https://worker.example.com/w/rem_ws_remote",
+    openworkHostUrl: "https://worker.example.com",
+    openworkToken: "legacy-client-token",
+    openworkClientToken: "client-token",
+    openworkHostToken: "host-token-secret",
+    openworkDenBaseUrl: "https://den.example.com",
+    openworkDenApiBaseUrl: "https://api.den.example.com",
+    openworkDenOrgId: "org_123",
+    openworkDenWorkerId: "worker_123",
+    openworkWorkspaceId: "ws_remote",
+    openworkWorkspaceName: "Remote Workspace",
+  }];
+  return config;
+}
+
 async function boot() {
   const server = await startServer(baseConfig()) as Served;
   stops.push(() => server.stop(true));
@@ -47,6 +71,15 @@ async function boot() {
   };
 }
 
+async function bootWithConfig(config: ServerConfig) {
+  const server = await startServer(config) as Served;
+  stops.push(() => server.stop(true));
+  return {
+    server,
+    base: `http://127.0.0.1:${server.port}`,
+  };
+}
+
 function hostAuth() {
   return { "x-openwork-host-token": HOST_TOKEN, "content-type": "application/json" };
 }
@@ -108,6 +141,49 @@ describe("env routes", () => {
     expect(response.status).toBe(401);
   });
 
+  test("normal client routes do not accept host token as a bearer substitute", async () => {
+    const { base } = await boot();
+    const clientRoute = await fetch(`${base}/workspaces`, { headers: hostAuth() });
+    expect(clientRoute.status).toBe(401);
+
+    const issued = await fetch(`${base}/tokens`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify({ scope: "viewer", label: "workspace discovery viewer" }),
+    });
+    expect(issued.status).toBe(201);
+    const body = (await issued.json()) as { token: string };
+    const bearerRoute = await fetch(`${base}/workspaces`, { headers: { authorization: `Bearer ${body.token}` } });
+    expect(bearerRoute.status).toBe(200);
+
+    const hostOnlyRoute = await fetch(`${base}/env/keys`, { headers: hostAuth() });
+    expect(hostOnlyRoute.status).toBe(200);
+    expect(await hostOnlyRoute.json()).toEqual({ keys: [] });
+  });
+
+  test("workspace discovery preserves remote metadata but redacts host token from client responses", async () => {
+    const { base } = await bootWithConfig(remoteWorkspaceConfig());
+    const issued = await fetch(`${base}/tokens`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify({ scope: "viewer", label: "workspace discovery viewer" }),
+    });
+    expect(issued.status).toBe(201);
+    const body = await issued.json() as { token: string };
+
+    const response = await fetch(`${base}/workspaces`, { headers: { authorization: `Bearer ${body.token}` } });
+    expect(response.status).toBe(200);
+    const payload = await response.json() as { items: Array<Record<string, unknown>> };
+    expect(payload.items[0]).toMatchObject({
+      openworkClientToken: "client-token",
+      openworkDenBaseUrl: "https://den.example.com",
+      openworkDenApiBaseUrl: "https://api.den.example.com",
+      openworkDenOrgId: "org_123",
+      openworkDenWorkerId: "worker_123",
+    });
+    expect(payload.items[0].openworkHostToken).toBeUndefined();
+  });
+
   test("CORS preflight allows PUT", async () => {
     const { base } = await boot();
     const response = await fetch(`${base}/env`, {
diff --git a/apps/server/src/managed-provider-sync.e2e.test.ts b/apps/server/src/managed-provider-sync.e2e.test.ts
new file mode 100644
index 0000000000..293dbcd427
--- /dev/null
+++ b/apps/server/src/managed-provider-sync.e2e.test.ts
@@ -0,0 +1,567 @@
+import { afterEach, beforeEach, describe, expect, test } from "bun:test";
+import { existsSync, mkdtempSync, readFileSync, rmSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+
+import { startServer } from "./server.js";
+import type { ServerConfig } from "./types.js";
+
+type Served = {
+  port: number;
+  stop: (closeActiveConnections?: boolean) => void | Promise<void>;
+};
+
+type ProviderListTestItem = {
+  id: string;
+  models?: unknown;
+};
+
+type ProviderListTestBody = {
+  all?: ProviderListTestItem[];
+  providers?: ProviderListTestItem[] | Record<string, ProviderListTestItem>;
+};
+
+const HOST_TOKEN = "owt_provider_sync_host_token";
+const CLIENT_TOKEN = "owt_provider_sync_client_token";
+const stops: Array<() => void | Promise<void>> = [];
+const dirs: string[] = [];
+
+function hostAuth() {
+  return { "x-openwork-host-token": HOST_TOKEN, "content-type": "application/json" };
+}
+
+function clientAuth() {
+  return { authorization: `Bearer ${CLIENT_TOKEN}` };
+}
+
+function providerPayload() {
+  return {
+    revision: "sync-rev-1",
+    providers: [
+      {
+        id: "lpr_den_nvidia",
+        providerId: "nvidia",
+        name: "NVIDIA",
+        source: "models_dev",
+        credentialKind: "api_key",
+        providerConfig: { id: "nvidia", name: "NVIDIA", env: ["NVIDIA_API_KEY"], npm: "@ai-sdk/openai-compatible" },
+        models: [
+          { id: "deepseek-ai/deepseek-v4-flash", name: "DeepSeek V4 Flash", config: { id: "deepseek-ai/deepseek-v4-flash", limit: { context: 128000 }, experimental: true } },
+          { id: "google/gemma-4-31b-it", name: "Gemma-4-31B-IT", config: { id: "google/gemma-4-31b-it" } },
+        ],
+        apiKey: "plain-server-secret",
+        revision: "provider-rev-1",
+      },
+      {
+        id: "llmProvider_den_openai",
+        providerId: "openai",
+        name: "OpenAI",
+        source: "models_dev",
+        credentialKind: "opencode_oauth",
+        providerConfig: { id: "openai", name: "OpenAI", env: ["OPENAI_API_KEY"], npm: "@ai-sdk/openai" },
+        models: [
+          { id: "gpt-5.4", name: "GPT-5.4", config: { id: "gpt-5.4", experimental: { modes: { chat: true } }, knowledge: "2026-01" } },
+          { id: "gpt-5.5", name: "GPT-5.5", config: { id: "gpt-5.5" } },
+        ],
+        opencodeAuth: JSON.stringify({ type: "oauth", access: "access-secret", refresh: "refresh-secret", expires: 9 }),
+        revision: "provider-rev-2",
+      },
+    ],
+  };
+}
+
+async function boot(options: { failAuth?: boolean; failAuthPath?: string; failAuthDeletePath?: string; failAuthDeletePathOnce?: string; providerListShape?: "all" | "providers-array" | "providers-object"; providerModelsShape?: "record" | "array"; connected?: string[]; initialAuth?: Record<string, unknown> } = {}) {
+  const workspace = mkdtempSync(join(tmpdir(), "openwork-managed-provider-workspace-"));
+  const stores = mkdtempSync(join(tmpdir(), "openwork-managed-provider-stores-"));
+  dirs.push(workspace, stores);
+  process.env.OPENWORK_TOKEN_STORE = join(stores, "tokens.json");
+
+  const authCalls: Array<{ method: string; path: string; body: unknown }> = [];
+  const failedDeletePaths = new Set<string>();
+  const authStore = new Map(Object.entries(options.initialAuth ?? {}));
+  const opencode = Bun.serve({
+    port: 0,
+    async fetch(request) {
+      const url = new URL(request.url);
+      if (url.pathname.startsWith("/auth/")) {
+        const body = request.method === "DELETE" || request.method === "GET" ? null : await request.json();
+        authCalls.push({ method: request.method, path: url.pathname, body });
+        if (request.method === "GET") {
+          if (!authStore.has(url.pathname)) return Response.json({ error: "not_found" }, { status: 404 });
+          return Response.json(authStore.get(url.pathname));
+        }
+        const shouldFailDeleteOnce = request.method === "DELETE" && url.pathname === options.failAuthDeletePathOnce && !failedDeletePaths.has(url.pathname);
+        if (shouldFailDeleteOnce) failedDeletePaths.add(url.pathname);
+        if (options.failAuth || url.pathname === options.failAuthPath || (request.method === "DELETE" && url.pathname === options.failAuthDeletePath) || shouldFailDeleteOnce) {
+          return Response.json({ error: "bad plain-server-secret access-secret refresh-secret" }, { status: 500 });
+        }
+        if (request.method === "DELETE") authStore.delete(url.pathname);
+        if (request.method === "PUT") authStore.set(url.pathname, body);
+        return Response.json({ ok: true });
+      }
+      if (url.pathname === "/config/providers") {
+        const nvidiaModels = options.providerModelsShape === "array"
+          ? [
+            { id: "deepseek-ai/deepseek-v4-flash", name: "DeepSeek V4 Flash" },
+            { id: "google/gemma-4-31b-it", name: "Gemma-4-31B-IT" },
+          ]
+          : {
+            "deepseek-ai/deepseek-v4-flash": { id: "deepseek-ai/deepseek-v4-flash", name: "DeepSeek V4 Flash" },
+            "google/gemma-4-31b-it": { id: "google/gemma-4-31b-it", name: "Gemma-4-31B-IT" },
+          };
+        const openaiModels = options.providerModelsShape === "array"
+          ? [
+            { id: "gpt-5.4", name: "GPT-5.4" },
+            { id: "gpt-5.5", name: "GPT-5.5" },
+            { id: "gpt-4o", name: "GPT-4o" },
+            { id: "gpt-5.4-fast", name: "GPT-5.4 Fast" },
+            { id: "o4-mini", name: "o4-mini" },
+          ]
+          : {
+            "gpt-5.4": { id: "gpt-5.4", name: "GPT-5.4" },
+            "gpt-5.5": { id: "gpt-5.5", name: "GPT-5.5" },
+            "gpt-4o": { id: "gpt-4o", name: "GPT-4o" },
+            "gpt-5.4-fast": { id: "gpt-5.4-fast", name: "GPT-5.4 Fast" },
+            "o4-mini": { id: "o4-mini", name: "o4-mini" },
+          };
+        const providers = [
+          {
+            id: "lpr_den_nvidia",
+            name: "NVIDIA",
+            source: "custom",
+            models: nvidiaModels,
+          },
+          {
+            id: "openai",
+            name: "OpenAI",
+            source: "config",
+            models: openaiModels,
+          },
+        ];
+        if (options.providerListShape === "providers-array") {
+          return Response.json({
+            default: "openai",
+            providers,
+          });
+        }
+        if (options.providerListShape === "providers-object") {
+          return Response.json({
+            default: "openai",
+            providers: Object.fromEntries(providers.map((provider) => [provider.id, provider])),
+          });
+        }
+        return Response.json({
+          all: providers,
+          connected: options.connected ?? ["lpr_den_nvidia", "openai"],
+          default: { "lpr_den_nvidia": "deepseek-ai/deepseek-v4-flash", openai: "gpt-5.4" },
+        });
+      }
+      return Response.json({ ok: true });
+    },
+  });
+  stops.push(() => opencode.stop(true));
+
+  const config: ServerConfig = {
+    host: "127.0.0.1",
+    port: 0,
+    token: CLIENT_TOKEN,
+    hostToken: HOST_TOKEN,
+    approval: { mode: "auto", timeoutMs: 1000 },
+    corsOrigins: ["*"],
+    workspaces: [{ id: "ws_1", name: "Workspace", path: workspace, workspaceType: "local", preset: "starter", baseUrl: `http://127.0.0.1:${opencode.port}` }],
+    authorizedRoots: [workspace],
+    readOnly: false,
+    startedAt: Date.now(),
+    tokenSource: "cli",
+    hostTokenSource: "cli",
+    logFormat: "pretty",
+    logRequests: false,
+  };
+  const server = await startServer(config) as Served;
+  stops.push(() => server.stop(true));
+  return { base: `http://127.0.0.1:${server.port}`, workspace, authCalls, authStore };
+}
+
+function readManagedProviderMetadata(workspace: string) {
+  const openworkConfig = JSON.parse(readFileSync(join(workspace, ".opencode", "openwork.json"), "utf8")) as {
+    managedProviders?: { applied?: string[]; revoked?: string[]; revision?: string };
+  };
+  return openworkConfig.managedProviders ?? {};
+}
+
+beforeEach(() => {
+  delete process.env.OPENWORK_TOKEN_STORE;
+});
+
+afterEach(async () => {
+  while (stops.length) await stops.pop()?.();
+  while (dirs.length) rmSync(dirs.pop()!, { recursive: true, force: true });
+  delete process.env.OPENWORK_TOKEN_STORE;
+});
+
+describe("managed provider sync runtime route", () => {
+  test("requires host token and rejects client bearer tokens", async () => {
+    const { base } = await boot();
+    const unauthenticated = await fetch(`${base}/managed-providers/sync`, { method: "POST", body: JSON.stringify(providerPayload()) });
+    expect(unauthenticated.status).toBe(401);
+
+    const issued = await fetch(`${base}/tokens`, { method: "POST", headers: hostAuth(), body: JSON.stringify({ scope: "owner" }) });
+    const body = (await issued.json()) as { token: string };
+    const ownerBearer = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: { authorization: `Bearer ${body.token}`, "content-type": "application/json" },
+      body: JSON.stringify(providerPayload()),
+    });
+    expect(ownerBearer.status).toBe(401);
+  });
+
+  test("applies API key and OAuth providers idempotently without response leakage", async () => {
+    const { base, workspace, authCalls } = await boot();
+    for (let index = 0; index < 2; index += 1) {
+      const response = await fetch(`${base}/managed-providers/sync`, {
+        method: "POST",
+        headers: hostAuth(),
+        body: JSON.stringify(providerPayload()),
+      });
+      expect(response.status).toBe(200);
+      const body = await response.json();
+      expect(body).toEqual({ status: "applied", providerCount: 2, revision: "sync-rev-1" });
+      expect(JSON.stringify(body)).not.toContain("plain-server-secret");
+      expect(JSON.stringify(body)).not.toContain("refresh-secret");
+    }
+
+    const config = readFileSync(join(workspace, "opencode.jsonc"), "utf8");
+    expect(config.match(/lpr_den_nvidia/g)?.length).toBe(1);
+    expect(config.match(/"openai"/g)?.length).toBeGreaterThanOrEqual(1);
+    expect(config).toContain("gpt-5.4");
+    expect(config).toContain("gpt-5.5");
+    expect(config).toContain("deepseek-ai/deepseek-v4-flash");
+    expect(config).toContain("google/gemma-4-31b-it");
+    expect(config).not.toContain("gpt-4o");
+    expect(config).not.toContain("gpt-5.4-fast");
+    expect(config).not.toContain("o4-mini");
+    expect(config).toContain('"experimental": true');
+    expect(config).not.toContain('"modes"');
+    expect(config).not.toContain('"knowledge"');
+    expect(config).not.toContain("plain-server-secret");
+    const putCalls = authCalls.filter((call) => call.method === "PUT");
+    expect(authCalls.filter((call) => call.method === "GET")).toHaveLength(4);
+    expect(putCalls).toHaveLength(4);
+    expect(putCalls[0]?.path).toBe("/auth/lpr_den_nvidia");
+    expect(putCalls[0]?.body).toEqual({ type: "api", key: "plain-server-secret" });
+    expect(putCalls[1]?.path).toBe("/auth/openai");
+    expect(putCalls[1]?.body).toEqual({ type: "oauth", access: "access-secret", refresh: "refresh-secret", expires: 9 });
+  });
+
+  test("filters managed OAuth provider-list models to Den-selected config models", async () => {
+    const { base } = await boot();
+    const sync = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(providerPayload()),
+    });
+    expect(sync.status).toBe(200);
+
+    const response = await fetch(`${base}/workspace/ws_1/opencode/config/providers`, { headers: clientAuth() });
+    expect(response.status).toBe(200);
+    const body = await response.json() as ProviderListTestBody;
+    const providers = Array.isArray(body.all) ? body.all : [];
+    const openai = providers.find((provider) => provider?.id === "openai");
+    const nvidia = providers.find((provider) => provider?.id === "lpr_den_nvidia");
+
+    expect(Object.keys(openai?.models ?? {}).sort()).toEqual(["gpt-5.4", "gpt-5.5"]);
+    expect(Object.keys(openai?.models ?? {})).not.toContain("gpt-4o");
+    expect(Object.keys(openai?.models ?? {})).not.toContain("gpt-5.4-fast");
+    expect(Object.keys(openai?.models ?? {})).not.toContain("o4-mini");
+    expect(Object.keys(nvidia?.models ?? {}).sort()).toEqual(["deepseek-ai/deepseek-v4-flash", "google/gemma-4-31b-it"]);
+    expect(JSON.stringify(body)).not.toContain("plain-server-secret");
+    expect(JSON.stringify(body)).not.toContain("refresh-secret");
+  });
+
+  test("keeps Den-managed config providers visible when OpenCode connected list is empty", async () => {
+    const { base } = await boot({ connected: [] });
+    const sync = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(providerPayload()),
+    });
+    expect(sync.status).toBe(200);
+
+    const response = await fetch(`${base}/workspace/ws_1/opencode/config/providers`, { headers: clientAuth() });
+    expect(response.status).toBe(200);
+    const body = await response.json() as ProviderListTestBody & { connected?: string[] };
+
+    expect(body.connected?.sort()).toEqual(["lpr_den_nvidia", "openai"]);
+  });
+
+  test("filters managed OAuth provider-list models for live providers-array responses", async () => {
+    const { base } = await boot({ providerListShape: "providers-array" });
+    const sync = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(providerPayload()),
+    });
+    expect(sync.status).toBe(200);
+
+    const response = await fetch(`${base}/workspace/ws_1/opencode/config/providers`, { headers: clientAuth() });
+    expect(response.status).toBe(200);
+    const body = await response.json() as ProviderListTestBody;
+    const providers = Array.isArray(body.providers) ? body.providers : [];
+    const openai = providers.find((provider) => provider?.id === "openai");
+    const nvidia = providers.find((provider) => provider?.id === "lpr_den_nvidia");
+
+    expect(Object.keys(openai?.models ?? {}).sort()).toEqual(["gpt-5.4", "gpt-5.5"]);
+    expect(Object.keys(openai?.models ?? {})).not.toContain("gpt-4o");
+    expect(Object.keys(openai?.models ?? {})).not.toContain("gpt-5.4-fast");
+    expect(Object.keys(openai?.models ?? {})).not.toContain("o4-mini");
+    expect(Object.keys(nvidia?.models ?? {}).sort()).toEqual(["deepseek-ai/deepseek-v4-flash", "google/gemma-4-31b-it"]);
+    expect(JSON.stringify(body)).not.toContain("plain-server-secret");
+    expect(JSON.stringify(body)).not.toContain("refresh-secret");
+  });
+
+  test("filters managed OAuth provider-list models for providers-object responses", async () => {
+    const { base } = await boot({ providerListShape: "providers-object" });
+    const sync = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(providerPayload()),
+    });
+    expect(sync.status).toBe(200);
+
+    const response = await fetch(`${base}/workspace/ws_1/opencode/config/providers`, { headers: clientAuth() });
+    expect(response.status).toBe(200);
+    const body = await response.json() as ProviderListTestBody;
+    const providers = !Array.isArray(body.providers) && body.providers ? body.providers : {};
+    const openai = providers.openai;
+    const nvidia = providers.lpr_den_nvidia;
+
+    expect(Object.keys(openai?.models ?? {}).sort()).toEqual(["gpt-5.4", "gpt-5.5"]);
+    expect(Object.keys(openai?.models ?? {})).not.toContain("gpt-4o");
+    expect(Object.keys(openai?.models ?? {})).not.toContain("gpt-5.4-fast");
+    expect(Object.keys(openai?.models ?? {})).not.toContain("o4-mini");
+    expect(Object.keys(nvidia?.models ?? {}).sort()).toEqual(["deepseek-ai/deepseek-v4-flash", "google/gemma-4-31b-it"]);
+    expect(JSON.stringify(body)).not.toContain("plain-server-secret");
+    expect(JSON.stringify(body)).not.toContain("refresh-secret");
+  });
+
+  test("sanitizes OpenCode auth apply failures", async () => {
+    const { base, workspace } = await boot({ failAuth: true });
+    const response = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(providerPayload()),
+    });
+    expect(response.status).toBe(502);
+    const body = await response.json();
+    expect(body.status).toBe("failed");
+    expect(JSON.stringify(body)).not.toContain("plain-server-secret");
+    expect(JSON.stringify(body)).not.toContain("access-secret");
+    expect(JSON.stringify(body)).not.toContain("refresh-secret");
+    expect(body.reason).toBe("Managed provider sync failed");
+    const configPath = join(workspace, "opencode.jsonc");
+    expect(existsSync(configPath) ? readFileSync(configPath, "utf8") : "").not.toContain("lpr_den_nvidia");
+  });
+
+  test("authoritatively removes revoked managed providers from config, auth, and provider lists", async () => {
+    const { base, workspace, authCalls } = await boot();
+    const fullPayload = providerPayload();
+    const initial = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(fullPayload),
+    });
+    expect(initial.status).toBe(200);
+
+    const nvidiaOnlyPayload = { revision: "sync-rev-2", providers: [fullPayload.providers[0]] };
+    const update = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(nvidiaOnlyPayload),
+    });
+    expect(update.status).toBe(200);
+    expect(await update.json()).toEqual({ status: "applied", providerCount: 1, revision: "sync-rev-2" });
+
+    const config = readFileSync(join(workspace, "opencode.jsonc"), "utf8");
+    expect(config).toContain("lpr_den_nvidia");
+    expect(config).not.toContain('"openai"');
+    expect(config).not.toContain("gpt-5.4");
+
+    const response = await fetch(`${base}/workspace/ws_1/opencode/config/providers`, { headers: clientAuth() });
+    expect(response.status).toBe(200);
+    const body = await response.json() as ProviderListTestBody & { connected?: string[] };
+    const providers = Array.isArray(body.all) ? body.all : [];
+    expect(providers.some((provider) => provider.id === "openai")).toBe(false);
+    expect(body.connected ?? []).not.toContain("openai");
+
+    expect(authCalls.some((call) => call.method === "DELETE" && call.path === "/auth/openai")).toBe(true);
+  });
+
+  test("empty sync removes all managed providers", async () => {
+    const { base, workspace } = await boot();
+    const initial = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(providerPayload()),
+    });
+    expect(initial.status).toBe(200);
+
+    const empty = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify({ revision: "sync-empty", providers: [] }),
+    });
+    expect(empty.status).toBe(200);
+    expect(await empty.json()).toEqual({ status: "applied", providerCount: 0, revision: "sync-empty" });
+
+    const config = readFileSync(join(workspace, "opencode.jsonc"), "utf8");
+    expect(config).not.toContain("lpr_den_nvidia");
+    expect(config).not.toContain('"openai"');
+  });
+
+  test("failure on a later provider removes auth written earlier in the same attempt", async () => {
+    const { base, workspace, authCalls } = await boot({ failAuthPath: "/auth/openai" });
+    const response = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(providerPayload()),
+    });
+    expect(response.status).toBe(502);
+    const configPath = join(workspace, "opencode.jsonc");
+    expect(existsSync(configPath) ? readFileSync(configPath, "utf8") : "").not.toContain("lpr_den_nvidia");
+    expect(authCalls.some((call) => call.method === "PUT" && call.path === "/auth/lpr_den_nvidia")).toBe(true);
+    expect(authCalls.some((call) => call.method === "DELETE" && call.path === "/auth/lpr_den_nvidia")).toBe(true);
+  });
+
+  test("filters array-shaped provider-list models by Den-managed allowlist", async () => {
+    const { base } = await boot({ providerListShape: "providers-array", providerModelsShape: "array" });
+    const sync = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(providerPayload()),
+    });
+    expect(sync.status).toBe(200);
+
+    const response = await fetch(`${base}/workspace/ws_1/opencode/config/providers`, { headers: clientAuth() });
+    expect(response.status).toBe(200);
+    const body = await response.json() as ProviderListTestBody;
+    const providers = Array.isArray(body.providers) ? body.providers : [];
+    const openai = providers.find((provider) => provider?.id === "openai");
+    const nvidia = providers.find((provider) => provider?.id === "lpr_den_nvidia");
+
+    expect(Array.isArray(openai?.models)).toBe(true);
+    expect(Array.isArray(nvidia?.models)).toBe(true);
+    expect((openai?.models as Array<{ id: string }>).map((model) => model.id)).toEqual(["gpt-5.4", "gpt-5.5"]);
+    expect((openai?.models as Array<{ id: string }>).map((model) => model.id)).not.toContain("gpt-4o");
+    expect((openai?.models as Array<{ id: string }>).map((model) => model.id)).not.toContain("gpt-5.4-fast");
+    expect((openai?.models as Array<{ id: string }>).map((model) => model.id)).not.toContain("o4-mini");
+    expect((nvidia?.models as Array<{ id: string }>).map((model) => model.id)).toEqual(["deepseek-ai/deepseek-v4-flash", "google/gemma-4-31b-it"]);
+  });
+
+  test("failure on a later provider restores previous working auth written earlier in the same attempt", async () => {
+    const previousAuth = { type: "api", key: "previous-working-key" };
+    const { base, authCalls, authStore } = await boot({
+      failAuthPath: "/auth/openai",
+      initialAuth: { "/auth/lpr_den_nvidia": previousAuth },
+    });
+    const response = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(providerPayload()),
+    });
+    expect(response.status).toBe(502);
+    expect(authStore.get("/auth/lpr_den_nvidia")).toEqual(previousAuth);
+    expect(authCalls.some((call) => call.method === "GET" && call.path === "/auth/lpr_den_nvidia")).toBe(true);
+    expect(authCalls.filter((call) => call.method === "PUT" && call.path === "/auth/lpr_den_nvidia")).toHaveLength(2);
+    expect(authCalls.some((call) => call.method === "DELETE" && call.path === "/auth/lpr_den_nvidia")).toBe(false);
+  });
+
+  test("rejects duplicate runtime provider ids before config or auth mutation", async () => {
+    const previousAuth = { type: "api", key: "previous-working-key" };
+    const { base, workspace, authCalls, authStore } = await boot({
+      initialAuth: { "/auth/lpr_den_nvidia": previousAuth },
+    });
+    const payload = providerPayload();
+    const duplicateProvider = { ...payload.providers[0] };
+    duplicateProvider.name = "Duplicate NVIDIA";
+    duplicateProvider.revision = "provider-rev-duplicate";
+    duplicateProvider.apiKey = "new-secret-that-must-not-be-written";
+    payload.providers = [payload.providers[0], duplicateProvider];
+
+    const response = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(payload),
+    });
+
+    expect(response.status).toBe(400);
+    expect(await response.json()).toMatchObject({ code: "duplicate_provider_runtime_id" });
+    expect(authCalls).toHaveLength(0);
+    expect(authStore.get("/auth/lpr_den_nvidia")).toEqual(previousAuth);
+    const configPath = join(workspace, "opencode.jsonc");
+    expect(existsSync(configPath) ? readFileSync(configPath, "utf8") : "").not.toContain("new-secret-that-must-not-be-written");
+  });
+
+  test("stale auth deletion failure does not restore config that references stale providers", async () => {
+    const { base, workspace, authCalls } = await boot({ failAuthDeletePath: "/auth/openai" });
+    const fullPayload = providerPayload();
+    const initial = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(fullPayload),
+    });
+    expect(initial.status).toBe(200);
+
+    const nvidiaOnlyPayload = { revision: "sync-rev-2", providers: [fullPayload.providers[0]] };
+    const update = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(nvidiaOnlyPayload),
+    });
+
+    expect(update.status).toBe(502);
+    const body = await update.json();
+    expect(body).toMatchObject({ status: "failed", providerCount: 1, revision: "sync-rev-2" });
+    const config = readFileSync(join(workspace, "opencode.jsonc"), "utf8");
+    expect(config).toContain("lpr_den_nvidia");
+    expect(config).not.toContain('"openai"');
+    expect(config).not.toContain("gpt-5.4");
+    const metadata = readManagedProviderMetadata(workspace);
+    expect(metadata.applied?.sort()).toEqual(["lpr_den_nvidia", "openai"]);
+    expect(metadata.revoked).toContain("openai");
+    expect(authCalls.some((call) => call.method === "DELETE" && call.path === "/auth/openai")).toBe(true);
+  });
+
+  test("retries stale auth deletion after a previous deletion failure", async () => {
+    const { base, workspace, authCalls } = await boot({ failAuthDeletePathOnce: "/auth/openai" });
+    const fullPayload = providerPayload();
+    const initial = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(fullPayload),
+    });
+    expect(initial.status).toBe(200);
+
+    const nvidiaOnlyPayload = { revision: "sync-rev-2", providers: [fullPayload.providers[0]] };
+    const firstUpdate = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(nvidiaOnlyPayload),
+    });
+    expect(firstUpdate.status).toBe(502);
+    expect(readManagedProviderMetadata(workspace).applied?.sort()).toEqual(["lpr_den_nvidia", "openai"]);
+
+    const retry = await fetch(`${base}/managed-providers/sync`, {
+      method: "POST",
+      headers: hostAuth(),
+      body: JSON.stringify(nvidiaOnlyPayload),
+    });
+    expect(retry.status).toBe(200);
+    expect(await retry.json()).toEqual({ status: "applied", providerCount: 1, revision: "sync-rev-2" });
+
+    const deleteAttempts = authCalls.filter((call) => call.method === "DELETE" && call.path === "/auth/openai");
+    expect(deleteAttempts).toHaveLength(2);
+    const metadata = readManagedProviderMetadata(workspace);
+    expect(metadata.applied).toEqual(["lpr_den_nvidia"]);
+    expect(metadata.revoked).toContain("openai");
+  });
+});
diff --git a/apps/server/src/server.ts b/apps/server/src/server.ts
index a2a6c6e329..69fd2764fd 100644
--- a/apps/server/src/server.ts
+++ b/apps/server/src/server.ts
@@ -12,7 +12,7 @@ import { deleteSkill, listSkills, upsertSkill } from "./skills.js";
 import { installHubSkill, listHubSkills } from "./skill-hub.js";
 import { deleteCommand, listCommands, repairCommands, upsertCommand } from "./commands.js";
 import { ApiError, formatError } from "./errors.js";
-import { readJsoncFile, updateJsoncTopLevel, writeJsoncFile } from "./jsonc.js";
+import { readJsoncFile, updateJsoncPath, updateJsoncTopLevel, writeJsoncFile } from "./jsonc.js";
 import { recordAudit, readAuditEntries, readLastAudit } from "./audit.js";
 import { ReloadEventStore } from "./events.js";
 import { computeReloadFingerprint } from "./reload-fingerprint.js";
@@ -363,7 +363,6 @@ async function fetchOpenworkWorkspaceList(hostUrl: string, token: string, hostTo
   const timeout = setTimeout(() => controller.abort(), 8_000);
   const headers = new Headers();
   if (token) headers.set("Authorization", `Bearer ${token}`);
-  if (hostToken) headers.set("X-OpenWork-Host-Token", hostToken);
 
   try {
     const response = await fetch(url, { headers, signal: controller.signal });
@@ -1004,9 +1003,172 @@ async function proxyOpencodeRequest(input: {
     body,
   });
 
+  if (workspace && isProviderListProxyRequest(method, proxyPath)) {
+    return filterManagedProviderListResponse(workspace.path, response);
+  }
+
   return sanitizeProxyResponse(response);
 }
 
+function isProviderListProxyRequest(method: string, proxyPath: string) {
+  return method === "GET" && normalizeOpencodeProxyPath(proxyPath) === "/config/providers";
+}
+
+type ManagedProviderAccessPolicy = {
+  allowedModelsByProvider: Map<string, Set<string>>;
+  revokedProviderIds: Set<string>;
+};
+
+async function filterManagedProviderListResponse(workspaceRoot: string, response: Response): Promise<Response> {
+  if (!response.ok) return sanitizeProxyResponse(response);
+
+  const text = await response.text();
+  let data: unknown;
+  try {
+    data = JSON.parse(text) as unknown;
+  } catch {
+    return proxyTextResponse(response, text);
+  }
+
+  let policy: ManagedProviderAccessPolicy;
+  try {
+    policy = await readManagedProviderAccessPolicy(workspaceRoot);
+  } catch {
+    return proxyJsonResponse(response, data);
+  }
+  if (policy.allowedModelsByProvider.size === 0 && policy.revokedProviderIds.size === 0) return proxyJsonResponse(response, data);
+
+  return proxyJsonResponse(response, filterProviderListModels(data, policy));
+}
+
+function readStringArray(value: unknown): string[] {
+  return Array.isArray(value) ? value.filter((entry): entry is string => typeof entry === "string" && entry.trim().length > 0) : [];
+}
+
+async function readManagedProviderAccessPolicy(workspaceRoot: string): Promise<ManagedProviderAccessPolicy> {
+  const openwork = await readOpenworkConfig(workspaceRoot);
+  const managedProviders = openwork.managedProviders;
+  if (!isRecordValue(managedProviders) || managedProviders.source !== "den") {
+    return { allowedModelsByProvider: new Map(), revokedProviderIds: new Set() };
+  }
+
+  const opencode = await readOpencodeConfig(workspaceRoot);
+  const providers = opencode.provider;
+  const revokedProviderIds = new Set(readStringArray(managedProviders.revoked));
+  if (!isRecordValue(providers)) return { allowedModelsByProvider: new Map(), revokedProviderIds };
+
+  const allowlist = new Map<string, Set<string>>();
+  for (const [providerId, providerConfig] of Object.entries(providers)) {
+    if (!isRecordValue(providerConfig) || !isRecordValue(providerConfig.models)) continue;
+    const modelIds = Object.keys(providerConfig.models);
+    if (modelIds.length > 0) allowlist.set(providerId, new Set(modelIds));
+  }
+  return { allowedModelsByProvider: allowlist, revokedProviderIds };
+}
+
+function filterProviderListModels(data: unknown, policy: ManagedProviderAccessPolicy): unknown {
+  if (!isRecordValue(data)) return data;
+  const managedProviderIds = new Set(policy.allowedModelsByProvider.keys());
+  if (Array.isArray(data.all)) {
+    const all = data.all
+      .filter((provider) => !isRevokedProviderListItem(provider, policy.revokedProviderIds))
+      .map((provider) => filterProviderListItem(provider, policy.allowedModelsByProvider));
+    return {
+      ...data,
+      all,
+      connected: mergeManagedConnectedProviderIds(data.connected, all, managedProviderIds, policy.revokedProviderIds),
+    };
+  }
+  if (Array.isArray(data.providers)) {
+    const providers = data.providers
+      .filter((provider) => !isRevokedProviderListItem(provider, policy.revokedProviderIds))
+      .map((provider) => filterProviderListItem(provider, policy.allowedModelsByProvider));
+    return {
+      ...data,
+      providers,
+      connected: mergeManagedConnectedProviderIds(data.connected, providers, managedProviderIds, policy.revokedProviderIds),
+    };
+  }
+  if (isRecordValue(data.providers)) {
+    const providers = Object.fromEntries(
+      Object.entries(data.providers)
+        .filter(([providerId, provider]) => !policy.revokedProviderIds.has(providerId) && !isRevokedProviderListItem(provider, policy.revokedProviderIds))
+        .map(([providerId, provider]) => [providerId, filterProviderListItem(provider, policy.allowedModelsByProvider, providerId)]),
+    );
+    return {
+      ...data,
+      providers,
+      connected: mergeManagedConnectedProviderIds(data.connected, Object.keys(providers), managedProviderIds, policy.revokedProviderIds),
+    };
+  }
+  return data;
+}
+
+function isRevokedProviderListItem(provider: unknown, revokedProviderIds: Set<string>) {
+  return isRecordValue(provider) && typeof provider.id === "string" && revokedProviderIds.has(provider.id);
+}
+
+function mergeManagedConnectedProviderIds(connected: unknown, providers: unknown[], managedProviderIds: Set<string>, revokedProviderIds: Set<string>): string[] | undefined {
+  if (!Array.isArray(connected)) return undefined;
+  const providerIds = new Set(
+    providers.map((provider) => {
+      if (typeof provider === "string") return provider;
+      if (isRecordValue(provider) && typeof provider.id === "string") return provider.id;
+      return "";
+    }).filter(Boolean),
+  );
+  const next = new Set(connected.filter((id): id is string => typeof id === "string" && !revokedProviderIds.has(id)));
+  for (const providerId of managedProviderIds) {
+    if (providerIds.has(providerId)) next.add(providerId);
+  }
+  return [...next];
+}
+
+function filterProviderListItem(provider: unknown, allowedModelsByProvider: Map<string, Set<string>>, fallbackProviderId?: string): unknown {
+  if (!isRecordValue(provider)) return provider;
+  const providerId = typeof provider.id === "string" ? provider.id : fallbackProviderId;
+  if (!providerId) return provider;
+  const allowed = allowedModelsByProvider.get(providerId);
+  if (!allowed) return provider;
+  if (Array.isArray(provider.models)) {
+    return {
+      ...provider,
+      models: provider.models.filter((model) => isRecordValue(model) && typeof model.id === "string" && allowed.has(model.id)),
+    };
+  }
+  if (!isRecordValue(provider.models)) return provider;
+  return {
+    ...provider,
+    models: Object.fromEntries(Object.entries(provider.models).filter(([modelId]) => allowed.has(modelId))),
+  };
+}
+
+function proxyJsonResponse(upstream: Response, data: unknown): Response {
+  const headers = sanitizedProxyHeaders(upstream.headers);
+  headers.set("Content-Type", "application/json");
+  return new Response(JSON.stringify(data), {
+    status: upstream.status,
+    statusText: upstream.statusText,
+    headers,
+  });
+}
+
+function proxyTextResponse(upstream: Response, text: string): Response {
+  return new Response(text, {
+    status: upstream.status,
+    statusText: upstream.statusText,
+    headers: sanitizedProxyHeaders(upstream.headers),
+  });
+}
+
+function sanitizedProxyHeaders(input: Headers): Headers {
+  const headers = new Headers(input);
+  headers.delete("content-encoding");
+  headers.delete("transfer-encoding");
+  headers.delete("content-length");
+  return headers;
+}
+
 /**
  * Strip hop-by-hop and transport-level headers that Bun's native fetch keeps
  * in the upstream response even after it has already decoded the body for us.
@@ -1015,14 +1177,10 @@ async function proxyOpencodeRequest(input: {
  * code that reaches through /opencode/* (including session.create).
  */
 function sanitizeProxyResponse(response: Response): Response {
-  const headers = new Headers(response.headers);
-  headers.delete("content-encoding");
-  headers.delete("transfer-encoding");
-  headers.delete("content-length");
   return new Response(response.body, {
     status: response.status,
     statusText: response.statusText,
-    headers,
+    headers: sanitizedProxyHeaders(response.headers),
   });
 }
 
@@ -1055,6 +1213,46 @@ function withCors(response: Response, request: Request, config: ServerConfig) {
   return new Response(response.body, { status: response.status, headers });
 }
 
+async function fetchOpencodeJson(
+  config: ServerConfig,
+  workspace: WorkspaceInfo,
+  path: string,
+  init: { method?: string; body?: unknown } = {},
+): Promise<unknown> {
+  const connection = resolveWorkspaceOpencodeConnection(config, workspace);
+  const baseUrl = connection.baseUrl?.trim();
+  if (!baseUrl) {
+    throw new ApiError(502, "opencode_unavailable", "OpenCode base URL is not configured");
+  }
+
+  const target = new URL(path, baseUrl.endsWith("/") ? baseUrl : `${baseUrl}/`);
+  const headers = new Headers({ "Content-Type": "application/json" });
+  const directory = resolveOpencodeDirectory(workspace);
+  if (directory) {
+    headers.set("X-OpenCode-Directory", directory);
+    headers.set("X-Opencode-Directory", directory);
+  }
+  if (connection.authHeader) {
+    headers.set("Authorization", connection.authHeader);
+  }
+
+  const response = await fetch(target, {
+    method: init.method ?? "GET",
+    headers,
+    body: init.body === undefined ? undefined : JSON.stringify(init.body),
+  });
+  const text = await response.text();
+  const json = text ? parseOpencodeErrorBody(text) : null;
+  if (!response.ok) {
+    throw new ApiError(502, "opencode_request_failed", "OpenCode request failed", {
+      status: response.status,
+      body: json,
+      path,
+    });
+  }
+  return json;
+}
+
 async function requireClient(request: Request, config: ServerConfig, tokens: TokenService): Promise<Actor> {
   const header = request.headers.get("authorization") ?? "";
   const match = header.match(/^Bearer\s+(.+)$/i);
@@ -1811,6 +2009,11 @@ function serializeWorkspace(workspace: ServerConfig["workspaces"][number]) {
   };
 }
 
+function serializeClientWorkspace(workspace: ServerConfig["workspaces"][number]) {
+  const { openworkHostToken, ...rest } = serializeWorkspace(workspace);
+  return rest;
+}
+
 function createRoutes(
   config: ServerConfig,
   approvals: ApprovalService,
@@ -1982,7 +2185,7 @@ function createRoutes(
 
   addRoute(routes, "GET", "/w/:id/workspaces", "client", async (ctx) => {
     const workspace = await resolveWorkspace(config, ctx.params.id);
-    return jsonResponse({ items: [serializeWorkspace(workspace)], activeId: workspace.id });
+    return jsonResponse({ items: [serializeClientWorkspace(workspace)], activeId: workspace.id });
   });
 
   addRoute(routes, "GET", "/status", "client", async () => {
@@ -1997,7 +2200,7 @@ function createRoutes(
       corsOrigins: config.corsOrigins,
       workspaceCount: config.workspaces.length,
       activeWorkspaceId: active?.id ?? null,
-      workspace: active ? serializeWorkspace(active) : null,
+      workspace: active ? serializeClientWorkspace(active) : null,
       authorizedRoots: config.authorizedRoots,
       server: {
         host: config.host,
@@ -2097,7 +2300,7 @@ function createRoutes(
 
   addRoute(routes, "GET", "/workspaces", "client", async () => {
     const active = config.workspaces[0] ?? null;
-    const items = config.workspaces.map(serializeWorkspace);
+    const items = config.workspaces.map(serializeClientWorkspace);
     return jsonResponse({ items, workspaces: items, activeId: active?.id ?? null });
   });
 
@@ -2259,6 +2462,102 @@ function createRoutes(
     return jsonResponse({ ok: true });
   });
 
+  addRoute(routes, "POST", "/managed-providers/sync", "host-token", async (ctx) => {
+    ensureWritable(config);
+    const body = await readJsonBody(ctx.request);
+    const payload = parseManagedProviderSyncPayload(body);
+    const workspace = config.workspaces[0];
+    if (!workspace) {
+      throw new ApiError(409, "workspace_unavailable", "No worker workspace is available for managed provider sync");
+    }
+
+    const configFingerprintBefore = await computeReloadFingerprint(workspace.path, "config");
+    const opencodeConfigFile = opencodeConfigPath(workspace.path);
+    const opencodeConfigBefore = existsSync(opencodeConfigFile)
+      ? await readFile(opencodeConfigFile, "utf8")
+      : null;
+    const previousManagedProviderIds = await readAppliedManagedProviderRuntimeIds(workspace.path);
+    const previousRevokedProviderIds = await readRevokedManagedProviderRuntimeIds(workspace.path);
+    const currentManagedProviderIds = new Set(payload.providers.map((provider) => getManagedProviderRuntimeId(provider)));
+    const staleManagedProviderIds = [...previousManagedProviderIds].filter((providerId) => !currentManagedProviderIds.has(providerId));
+    const revokedManagedProviderIds = new Set([...previousRevokedProviderIds, ...staleManagedProviderIds]);
+    for (const providerId of currentManagedProviderIds) revokedManagedProviderIds.delete(providerId);
+
+    const applied: string[] = [];
+    const previousAuthByProviderId = new Map<string, unknown | null>();
+    try {
+      await applyManagedProviderConfigSet(workspace.path, payload.providers, previousManagedProviderIds);
+      for (const provider of payload.providers) {
+        const providerId = getManagedProviderRuntimeId(provider);
+        previousAuthByProviderId.set(providerId, await readManagedProviderAuth(config, workspace, providerId));
+        await applyManagedProviderAuth(config, workspace, provider);
+        applied.push(providerId);
+      }
+    } catch (error) {
+      if (opencodeConfigBefore === null) {
+        await rm(opencodeConfigFile, { force: true });
+      } else {
+        await writeFile(opencodeConfigFile, opencodeConfigBefore, "utf8");
+      }
+      await rollbackAppliedManagedProviderAuth(config, workspace, previousAuthByProviderId);
+      return jsonResponse({
+        status: "failed",
+        providerCount: applied.length,
+        revision: payload.revision,
+        reason: sanitizeManagedProviderApplyError(error),
+      }, 502);
+    }
+
+    const writeManagedProviderSyncMetadata = async (nextApplied: string[]) => writeOpenworkConfig(workspace.path, {
+        managedProviders: {
+          source: "den",
+          revision: payload.revision,
+          applied: nextApplied,
+          revoked: [...revokedManagedProviderIds],
+          appliedAt: new Date().toISOString(),
+        },
+    }, true);
+
+    const pendingCleanupApplied = [...new Set([...applied, ...staleManagedProviderIds])];
+    await writeManagedProviderSyncMetadata(pendingCleanupApplied);
+
+    try {
+      for (const providerId of staleManagedProviderIds) {
+        await deleteManagedProviderAuth(config, workspace, providerId);
+      }
+    } catch (error) {
+      if (configFingerprintBefore !== await computeReloadFingerprint(workspace.path, "config")) {
+        emitReloadEvent(ctx.reloadEvents, workspace, "config", buildConfigTrigger(opencodeConfigPath(workspace.path)));
+      }
+      return jsonResponse({
+        status: "failed",
+        providerCount: applied.length,
+        revision: payload.revision,
+        reason: sanitizeManagedProviderApplyError(error),
+      }, 502);
+    }
+
+    if (staleManagedProviderIds.length > 0) {
+      await writeManagedProviderSyncMetadata(applied);
+    }
+
+    await recordAudit(workspace.path, {
+      id: shortId(),
+      workspaceId: workspace.id,
+      actor: ctx.actor ?? { type: "host" },
+      action: "managedProviders.sync",
+      target: "opencode.json",
+      summary: `Synced ${applied.length} managed provider${applied.length === 1 ? "" : "s"}`,
+      timestamp: Date.now(),
+    });
+
+    if (configFingerprintBefore !== await computeReloadFingerprint(workspace.path, "config")) {
+      emitReloadEvent(ctx.reloadEvents, workspace, "config", buildConfigTrigger(opencodeConfigPath(workspace.path)));
+    }
+
+    return jsonResponse({ status: "applied", providerCount: applied.length, revision: payload.revision });
+  });
+
   addRoute(routes, "POST", "/voice/realtime/session", "host", async (ctx) => {
     const body = await readJsonBody(ctx.request);
     return jsonResponse(await createOpenAiRealtimeVoiceSession(env, body));
@@ -2331,7 +2630,12 @@ function createRoutes(
       ? stripOpenworkWorkspaceMount(rawOpenworkHostUrl ?? baseUrl)
       : rawOpenworkHostUrl;
     const openworkToken = readStringField(body, "openworkToken");
+    const openworkClientToken = readStringField(body, "openworkClientToken");
     const openworkHostToken = readStringField(body, "openworkHostToken");
+    const openworkDenBaseUrl = readStringField(body, "openworkDenBaseUrl");
+    const openworkDenApiBaseUrl = readStringField(body, "openworkDenApiBaseUrl");
+    const openworkDenOrgId = readStringField(body, "openworkDenOrgId");
+    const openworkDenWorkerId = readStringField(body, "openworkDenWorkerId");
     const sandboxBackend = readStringField(body, "sandboxBackend");
     const sandboxRunId = readStringField(body, "sandboxRunId");
     const sandboxContainerName = readStringField(body, "sandboxContainerName");
@@ -2376,6 +2680,12 @@ function createRoutes(
       ...(displayName ? { displayName } : {}),
       ...(remoteType === "openwork" && openworkHostUrl ? { openworkHostUrl } : {}),
       ...(openworkToken ? { openworkToken } : {}),
+      ...(remoteType === "openwork" && openworkClientToken ? { openworkClientToken } : {}),
+      ...(remoteType === "openwork" && openworkHostToken ? { openworkHostToken } : {}),
+      ...(remoteType === "openwork" && openworkDenBaseUrl ? { openworkDenBaseUrl } : {}),
+      ...(remoteType === "openwork" && openworkDenApiBaseUrl ? { openworkDenApiBaseUrl } : {}),
+      ...(remoteType === "openwork" && openworkDenOrgId ? { openworkDenOrgId } : {}),
+      ...(remoteType === "openwork" && openworkDenWorkerId ? { openworkDenWorkerId } : {}),
       ...(remoteType === "openwork" && openworkWorkspaceId ? { openworkWorkspaceId } : {}),
       ...(remoteType === "openwork" && openworkWorkspaceName ? { openworkWorkspaceName } : {}),
       ...(sandboxBackend ? { sandboxBackend } : {}),
@@ -4637,6 +4947,12 @@ function serializeWorkspaceConfigEntry(workspace: WorkspaceInfo): Record<string,
     ...(workspace.displayName ? { displayName: workspace.displayName } : {}),
     ...(workspace.openworkHostUrl ? { openworkHostUrl: workspace.openworkHostUrl } : {}),
     ...(workspace.openworkToken ? { openworkToken: workspace.openworkToken } : {}),
+    ...(workspace.openworkClientToken ? { openworkClientToken: workspace.openworkClientToken } : {}),
+    ...(workspace.openworkHostToken ? { openworkHostToken: workspace.openworkHostToken } : {}),
+    ...(workspace.openworkDenBaseUrl ? { openworkDenBaseUrl: workspace.openworkDenBaseUrl } : {}),
+    ...(workspace.openworkDenApiBaseUrl ? { openworkDenApiBaseUrl: workspace.openworkDenApiBaseUrl } : {}),
+    ...(workspace.openworkDenOrgId ? { openworkDenOrgId: workspace.openworkDenOrgId } : {}),
+    ...(workspace.openworkDenWorkerId ? { openworkDenWorkerId: workspace.openworkDenWorkerId } : {}),
     ...(workspace.openworkWorkspaceId ? { openworkWorkspaceId: workspace.openworkWorkspaceId } : {}),
     ...(workspace.openworkWorkspaceName ? { openworkWorkspaceName: workspace.openworkWorkspaceName } : {}),
     ...(workspace.sandboxBackend ? { sandboxBackend: workspace.sandboxBackend } : {}),
@@ -4677,6 +4993,268 @@ function normalizeOpencodeScope(value: string | null | undefined): "project" | "
   return value?.trim().toLowerCase() === "global" ? "global" : "project";
 }
 
+type ManagedProviderSyncProvider = {
+  id: string;
+  providerId: string;
+  name: string;
+  source: string;
+  credentialKind: "api_key" | "opencode_oauth";
+  providerConfig: Record<string, unknown>;
+  models: Array<{ id: string; name: string; config: Record<string, unknown> }>;
+  apiKey?: string;
+  opencodeAuth?: string;
+  revision: string;
+};
+
+type ManagedProviderSyncPayload = {
+  providers: ManagedProviderSyncProvider[];
+  revision: string;
+};
+
+function isRecordValue(value: unknown): value is Record<string, unknown> {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+
+function readRequiredString(record: Record<string, unknown>, key: string): string {
+  const value = record[key];
+  if (typeof value !== "string" || !value.trim()) {
+    throw new ApiError(400, "invalid_payload", `${key} must be a non-empty string`);
+  }
+  return value.trim();
+}
+
+function readOptionalString(record: Record<string, unknown>, key: string): string | undefined {
+  const value = record[key];
+  if (value === undefined || value === null) return undefined;
+  if (typeof value !== "string") {
+    throw new ApiError(400, "invalid_payload", `${key} must be a string`);
+  }
+  const trimmed = value.trim();
+  return trimmed || undefined;
+}
+
+function parseManagedProviderSyncPayload(input: unknown): ManagedProviderSyncPayload {
+  if (!isRecordValue(input) || !Array.isArray(input.providers)) {
+    throw new ApiError(400, "invalid_payload", "providers must be an array");
+  }
+  const revision = readRequiredString(input, "revision");
+  const providers = input.providers.map((entry) => {
+    if (!isRecordValue(entry)) {
+      throw new ApiError(400, "invalid_payload", "Each provider must be an object");
+    }
+    const rawCredentialKind = entry.credentialKind;
+    if (rawCredentialKind !== "api_key" && rawCredentialKind !== "opencode_oauth") {
+      throw new ApiError(400, "invalid_payload", "credentialKind must be api_key or opencode_oauth");
+    }
+    const credentialKind: ManagedProviderSyncProvider["credentialKind"] = rawCredentialKind;
+    const providerConfig = entry.providerConfig;
+    if (!isRecordValue(providerConfig)) {
+      throw new ApiError(400, "invalid_payload", "providerConfig must be an object");
+    }
+    const modelsInput = entry.models;
+    if (!Array.isArray(modelsInput)) {
+      throw new ApiError(400, "invalid_payload", "models must be an array");
+    }
+    const models = modelsInput.map((model) => {
+      if (!isRecordValue(model) || !isRecordValue(model.config)) {
+        throw new ApiError(400, "invalid_payload", "Each model must include config");
+      }
+      return {
+        id: readRequiredString(model, "id"),
+        name: readRequiredString(model, "name"),
+        config: model.config,
+      };
+    });
+    return {
+      id: readRequiredString(entry, "id"),
+      providerId: readRequiredString(entry, "providerId"),
+      name: readRequiredString(entry, "name"),
+      source: readRequiredString(entry, "source"),
+      credentialKind,
+      providerConfig,
+      models,
+      apiKey: readOptionalString(entry, "apiKey"),
+      opencodeAuth: readOptionalString(entry, "opencodeAuth"),
+      revision: readRequiredString(entry, "revision"),
+    };
+  });
+  const runtimeProviderIds = new Set<string>();
+  for (const provider of providers) {
+    const runtimeProviderId = getManagedProviderRuntimeId(provider);
+    if (runtimeProviderIds.has(runtimeProviderId)) {
+      throw new ApiError(400, "duplicate_provider_runtime_id", "Managed provider runtime ids must be unique");
+    }
+    runtimeProviderIds.add(runtimeProviderId);
+  }
+  return { providers, revision };
+}
+
+function getManagedProviderEnv(config: Record<string, unknown>) {
+  return Array.isArray(config.env) ? config.env.filter((entry): entry is string => typeof entry === "string" && entry.trim().length > 0) : [];
+}
+
+export function getManagedProviderRuntimeId(provider: Pick<ManagedProviderSyncProvider, "id" | "providerId" | "source" | "credentialKind">) {
+  if (provider.source === "openwork") return "openwork";
+  if (provider.credentialKind === "opencode_oauth") return provider.providerId.trim();
+  return provider.id.trim();
+}
+
+export function buildManagedProviderRuntimeConfig(provider: ManagedProviderSyncProvider) {
+  const models = Object.fromEntries(provider.models.map((model) => [model.id, buildManagedProviderModelRuntimeConfig(model)]));
+  const next: Record<string, unknown> = {
+    id: provider.providerId,
+    name: provider.name,
+    env: getManagedProviderEnv(provider.providerConfig),
+    models,
+  };
+  for (const key of ["npm", "api", "options", "whitelist", "blacklist"] as const) {
+    const value = provider.providerConfig[key];
+    if (value !== undefined) next[key] = value;
+  }
+  return next;
+}
+
+async function readManagedProviderRuntimeIds(workspaceRoot: string, key: "applied" | "revoked"): Promise<Set<string>> {
+  const openwork = await readOpenworkConfig(workspaceRoot);
+  const managedProviders = openwork.managedProviders;
+  if (!isRecordValue(managedProviders) || managedProviders.source !== "den") return new Set();
+  return new Set(readStringArray(managedProviders[key]));
+}
+
+async function readAppliedManagedProviderRuntimeIds(workspaceRoot: string): Promise<Set<string>> {
+  return readManagedProviderRuntimeIds(workspaceRoot, "applied");
+}
+
+async function readRevokedManagedProviderRuntimeIds(workspaceRoot: string): Promise<Set<string>> {
+  return readManagedProviderRuntimeIds(workspaceRoot, "revoked");
+}
+
+async function applyManagedProviderConfigSet(workspaceRoot: string, providers: ManagedProviderSyncProvider[], previousManagedProviderIds: Set<string>) {
+  const config = await readOpencodeConfig(workspaceRoot);
+  const providerConfig = isRecordValue(config.provider) ? { ...config.provider } : {};
+  const currentProviderIds = new Set(providers.map((provider) => getManagedProviderRuntimeId(provider)));
+
+  for (const providerId of previousManagedProviderIds) {
+    if (!currentProviderIds.has(providerId)) {
+      delete providerConfig[providerId];
+    }
+  }
+
+  for (const provider of providers) {
+    providerConfig[getManagedProviderRuntimeId(provider)] = buildManagedProviderRuntimeConfig(provider);
+  }
+
+  const nextConfig = { ...config };
+  if (Object.keys(providerConfig).length > 0) {
+    nextConfig.provider = providerConfig;
+  } else {
+    delete nextConfig.provider;
+  }
+
+  await writeJsoncFile(opencodeConfigPath(workspaceRoot), nextConfig);
+}
+
+function buildManagedProviderModelRuntimeConfig(model: ManagedProviderSyncProvider["models"][number]) {
+  const raw = model.config;
+  const next: Record<string, unknown> = { id: model.id, name: model.name };
+
+  for (const key of ["family", "release_date", "status"] as const) {
+    const value = raw[key];
+    if (typeof value === "string") next[key] = value;
+  }
+
+  for (const key of ["attachment", "reasoning", "temperature", "tool_call", "interleaved", "experimental"] as const) {
+    const value = raw[key];
+    if (typeof value === "boolean") next[key] = value;
+  }
+
+  for (const key of ["cost", "limit", "modalities", "options", "headers", "provider", "variants"] as const) {
+    const value = raw[key];
+    if (isRecordValue(value)) next[key] = value;
+  }
+
+  return next;
+}
+
+async function applyManagedProviderConfig(workspaceRoot: string, provider: ManagedProviderSyncProvider) {
+  const providerId = getManagedProviderRuntimeId(provider);
+  await updateJsoncPath(opencodeConfigPath(workspaceRoot), ["provider", providerId], buildManagedProviderRuntimeConfig(provider));
+}
+
+function parseManagedOpencodeAuth(provider: ManagedProviderSyncProvider): unknown {
+  if (provider.credentialKind === "api_key") {
+    if (!provider.apiKey) throw new ApiError(400, "missing_provider_credential", "Managed provider is missing an API credential");
+    return { type: "api", key: provider.apiKey };
+  }
+  if (!provider.opencodeAuth) throw new ApiError(400, "missing_provider_credential", "Managed provider is missing an OAuth credential");
+  try {
+    const auth = JSON.parse(provider.opencodeAuth) as unknown;
+    if (!isRecordValue(auth) || auth.type !== "oauth") throw new Error("invalid auth");
+    return auth;
+  } catch {
+    throw new ApiError(400, "invalid_provider_credential", "Managed provider OAuth credential is invalid");
+  }
+}
+
+async function applyManagedProviderAuth(config: ServerConfig, workspace: WorkspaceInfo, provider: ManagedProviderSyncProvider) {
+  const providerId = getManagedProviderRuntimeId(provider);
+  await fetchOpencodeJson(config, workspace, `/auth/${encodeURIComponent(providerId)}`, {
+    method: "PUT",
+    body: parseManagedOpencodeAuth(provider),
+  });
+}
+
+async function readManagedProviderAuth(config: ServerConfig, workspace: WorkspaceInfo, providerId: string) {
+  try {
+    return await fetchOpencodeJson(config, workspace, `/auth/${encodeURIComponent(providerId)}`, {
+      method: "GET",
+    });
+  } catch (error) {
+    if (error instanceof ApiError && error.code === "opencode_request_failed" && isRecordValue(error.details) && error.details.status === 404) {
+      return null;
+    }
+    throw error;
+  }
+}
+
+async function deleteManagedProviderAuth(config: ServerConfig, workspace: WorkspaceInfo, providerId: string) {
+  try {
+    await fetchOpencodeJson(config, workspace, `/auth/${encodeURIComponent(providerId)}`, {
+      method: "DELETE",
+    });
+  } catch (error) {
+    if (error instanceof ApiError && error.code === "opencode_request_failed" && isRecordValue(error.details) && error.details.status === 404) {
+      return;
+    }
+    throw error;
+  }
+}
+
+async function restoreManagedProviderAuth(config: ServerConfig, workspace: WorkspaceInfo, providerId: string, previousAuth: unknown | null) {
+  if (previousAuth === null) {
+    await deleteManagedProviderAuth(config, workspace, providerId);
+    return;
+  }
+  await fetchOpencodeJson(config, workspace, `/auth/${encodeURIComponent(providerId)}`, {
+    method: "PUT",
+    body: previousAuth,
+  });
+}
+
+async function rollbackAppliedManagedProviderAuth(config: ServerConfig, workspace: WorkspaceInfo, previousAuthByProviderId: Map<string, unknown | null>) {
+  await Promise.all([...previousAuthByProviderId.entries()].map(async ([providerId, previousAuth]) => {
+    try {
+      await restoreManagedProviderAuth(config, workspace, providerId, previousAuth);
+    } catch {
+      // Best-effort restoration. The sync response remains failed and sanitized.
+    }
+  }));
+}
+
+function sanitizeManagedProviderApplyError(error: unknown) {
+  return "Managed provider sync failed";
+}
+
 function resolveOpencodeConfigFilePath(scope: "project" | "global", workspaceRoot: string): string {
   if (scope === "global") {
     const base = join(homedir(), ".config", "opencode");
@@ -4749,11 +5327,19 @@ async function readOpenworkConfigForStatus(workspaceRoot: string): Promise<{
 
 function resolveOpencodeDirectory(workspace: WorkspaceInfo): string | null {
   const explicit = workspace.directory?.trim() ?? "";
+  if (workspace.remoteType === "openwork" && (isWindowsDirectory(explicit) || isWindowsDirectory(workspace.path))) {
+    return null;
+  }
   if (explicit) return normalizeOpencodeDirectory(explicit);
   if (workspace.workspaceType === "local") return normalizeOpencodeDirectory(workspace.path);
   return null;
 }
 
+function isWindowsDirectory(directory: string | undefined): boolean {
+  const value = directory?.trim() ?? "";
+  return /^[a-z]:[\\/]/i.test(value) || value.startsWith("\\\\") || value.startsWith("//");
+}
+
 function normalizeOpencodeDirectory(directory: string): string {
   // OpenCode stores/list-filters Windows sessions by regular drive paths
   // (`C:\Users\...`). Electron can persist local workspaces as extended-length
diff --git a/apps/server/src/types.ts b/apps/server/src/types.ts
index 00503ada1d..f2ac98806a 100644
--- a/apps/server/src/types.ts
+++ b/apps/server/src/types.ts
@@ -24,6 +24,12 @@ export interface WorkspaceConfig {
   displayName?: string;
   openworkHostUrl?: string;
   openworkToken?: string;
+  openworkClientToken?: string;
+  openworkHostToken?: string;
+  openworkDenBaseUrl?: string;
+  openworkDenApiBaseUrl?: string;
+  openworkDenOrgId?: string;
+  openworkDenWorkerId?: string;
   openworkWorkspaceId?: string;
   openworkWorkspaceName?: string;
   sandboxBackend?: string;
@@ -45,6 +51,12 @@ export interface WorkspaceInfo {
   displayName?: string;
   openworkHostUrl?: string;
   openworkToken?: string;
+  openworkClientToken?: string;
+  openworkHostToken?: string;
+  openworkDenBaseUrl?: string;
+  openworkDenApiBaseUrl?: string;
+  openworkDenOrgId?: string;
+  openworkDenWorkerId?: string;
   openworkWorkspaceId?: string;
   openworkWorkspaceName?: string;
   sandboxBackend?: string;
diff --git a/apps/server/src/workspace-activate.e2e.test.ts b/apps/server/src/workspace-activate.e2e.test.ts
index f944e7164e..170ee0a028 100644
--- a/apps/server/src/workspace-activate.e2e.test.ts
+++ b/apps/server/src/workspace-activate.e2e.test.ts
@@ -348,6 +348,12 @@ describe("workspace lifecycle registry", () => {
         baseUrl: `http://127.0.0.1:${remote.server.port}`,
         openworkHostUrl: `http://127.0.0.1:${remote.server.port}`,
         openworkToken: "remote_token",
+        openworkClientToken: "remote_client_token",
+        openworkHostToken: "remote_host_token",
+        openworkDenBaseUrl: "http://den.example.test",
+        openworkDenApiBaseUrl: "http://den-api.example.test",
+        openworkDenOrgId: "org_test",
+        openworkDenWorkerId: "wrk_test",
         directory: "/remote/project",
         remoteType: "openwork",
         sandboxRunId: "run_1",
@@ -357,6 +363,12 @@ describe("workspace lifecycle registry", () => {
     expect(response.status).toBe(201);
     const body = await response.json();
     expect(body.activeId).toBe("rem_ws_remote");
+    expect(body.workspaces[0].openworkClientToken).toBe("remote_client_token");
+    expect(body.workspaces[0].openworkHostToken).toBe("remote_host_token");
+    expect(body.workspaces[0].openworkDenBaseUrl).toBe("http://den.example.test");
+    expect(body.workspaces[0].openworkDenApiBaseUrl).toBe("http://den-api.example.test");
+    expect(body.workspaces[0].openworkDenOrgId).toBe("org_test");
+    expect(body.workspaces[0].openworkDenWorkerId).toBe("wrk_test");
     expect(body.workspaces[0].openworkWorkspaceId).toBe("ws_remote");
     expect(body.workspaces[0].openworkWorkspaceName).toBe("Remote Project");
     expect(remote.requests[0]).toEqual({ pathname: "/workspaces", authorization: "Bearer remote_token" });
@@ -366,6 +378,12 @@ describe("workspace lifecycle registry", () => {
     expect(workspaces[0]?.id).toBe("rem_ws_remote");
     expect(workspaces[0]?.workspaceType).toBe("remote");
     expect(workspaces[0]?.remoteType).toBe("openwork");
+    expect(workspaces[0]?.openworkClientToken).toBe("remote_client_token");
+    expect(workspaces[0]?.openworkHostToken).toBe("remote_host_token");
+    expect(workspaces[0]?.openworkDenBaseUrl).toBe("http://den.example.test");
+    expect(workspaces[0]?.openworkDenApiBaseUrl).toBe("http://den-api.example.test");
+    expect(workspaces[0]?.openworkDenOrgId).toBe("org_test");
+    expect(workspaces[0]?.openworkDenWorkerId).toBe("wrk_test");
     expect(workspaces[0]?.sandboxRunId).toBe("run_1");
     expect(authorizedRootsFromConfig(persisted)).toEqual([]);
   });
diff --git a/apps/server/src/workspaces.ts b/apps/server/src/workspaces.ts
index c65a8ed81c..f11e293a16 100644
--- a/apps/server/src/workspaces.ts
+++ b/apps/server/src/workspaces.ts
@@ -60,6 +60,12 @@ export function buildWorkspaceInfos(
       displayName: workspace.displayName,
       openworkHostUrl: workspace.openworkHostUrl,
       openworkToken: workspace.openworkToken,
+      openworkClientToken: workspace.openworkClientToken,
+      openworkHostToken: workspace.openworkHostToken,
+      openworkDenBaseUrl: workspace.openworkDenBaseUrl,
+      openworkDenApiBaseUrl: workspace.openworkDenApiBaseUrl,
+      openworkDenOrgId: workspace.openworkDenOrgId,
+      openworkDenWorkerId: workspace.openworkDenWorkerId,
       openworkWorkspaceId: workspace.openworkWorkspaceId,
       openworkWorkspaceName: workspace.openworkWorkspaceName,
       sandboxBackend: workspace.sandboxBackend,
diff --git a/ee/apps/den-api/package.json b/ee/apps/den-api/package.json
index 830ec53628..23d53a5b7e 100644
--- a/ee/apps/den-api/package.json
+++ b/ee/apps/den-api/package.json
@@ -9,7 +9,7 @@
     "build:email": "pnpm --filter @openwork/email build",
     "build:den-db": "pnpm --filter @openwork-ee/den-db build",
     "backfill:desktop-policies": "pnpm run build:den-db && tsx scripts/backfill-desktop-policies.ts",
-    "seed:demo-org": "pnpm run build:den-db && sh -lc 'DEN_WEB_PORT=${DEN_WEB_PORT:-3005}; OPENWORK_DEV_MODE=${OPENWORK_DEV_MODE:-1} DATABASE_URL=${DATABASE_URL:-mysql://root:password@127.0.0.1:3306/openwork_den} DEN_DB_ENCRYPTION_KEY=${DEN_DB_ENCRYPTION_KEY:-local-dev-db-encryption-key-please-change-1234567890} BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET:-local-dev-secret-not-for-production-use!!} BETTER_AUTH_URL=${BETTER_AUTH_URL:-http://localhost:$DEN_WEB_PORT} tsx scripts/seed-demo-org.ts'",
+    "seed:demo-org": "pnpm run build:den-db && node --import tsx scripts/seed-demo-org-runner.mjs",
     "start": "node dist/server.js"
   },
   "dependencies": {
@@ -38,12 +38,12 @@
     "nanoid": "^5.1.11",
     "openapi-types": "^12.1.3",
     "stripe": "^22.1.1",
+    "tsx": "^4.15.7",
     "zod": "^4.3.6"
   },
   "devDependencies": {
     "@types/json-schema": "^7.0.15",
     "@types/node": "^20.11.30",
-    "tsx": "^4.15.7",
     "typescript": "^5.5.4"
   }
 }
diff --git a/ee/apps/den-api/scripts/build.mjs b/ee/apps/den-api/scripts/build.mjs
index 5fe9bab9b9..4cd48ac232 100644
--- a/ee/apps/den-api/scripts/build.mjs
+++ b/ee/apps/den-api/scripts/build.mjs
@@ -8,7 +8,8 @@ const serviceDir = path.resolve(scriptDir, "..")
 const repoRoot = path.resolve(serviceDir, "..", "..", "..")
 const desktopPackagePath = path.join(repoRoot, "apps", "desktop", "package.json")
 const generatedVersionPath = path.join(serviceDir, "src", "generated", "app-version.ts")
-const pnpmCommand = process.platform === "win32" ? "pnpm.cmd" : "pnpm"
+const pnpmCommand = "pnpm"
+const useShellForPnpm = process.platform === "win32"
 const fallbackAppVersion = "0.0.0"
 
 function readDesktopVersion() {
@@ -40,13 +41,24 @@ function writeGeneratedVersionFile(latestAppVersion) {
   )
 }
 
+function quoteShellArg(value) {
+  return `"${String(value).replace(/"/g, '\\"')}"`
+}
+
 function run(command, args) {
-  const result = spawnSync(command, args, {
+  const shellCommand = [command, ...args.map(quoteShellArg)].join(" ")
+  const result = spawnSync(useShellForPnpm ? shellCommand : command, useShellForPnpm ? [] : args, {
     cwd: serviceDir,
     env: process.env,
     stdio: "inherit",
+    shell: useShellForPnpm,
   })
 
+  if (result.error) {
+    console.error(result.error)
+    process.exit(1)
+  }
+
   if (result.status !== 0) {
     process.exit(result.status ?? 1)
   }
diff --git a/ee/apps/den-api/scripts/seed-demo-org-runner.mjs b/ee/apps/den-api/scripts/seed-demo-org-runner.mjs
new file mode 100644
index 0000000000..96037bc953
--- /dev/null
+++ b/ee/apps/den-api/scripts/seed-demo-org-runner.mjs
@@ -0,0 +1,9 @@
+const denWebPort = process.env.DEN_WEB_PORT?.trim() || "3005"
+
+process.env.OPENWORK_DEV_MODE ??= "1"
+process.env.DATABASE_URL ??= "mysql://root:password@127.0.0.1:3306/openwork_den"
+process.env.DEN_DB_ENCRYPTION_KEY ??= "local-dev-db-encryption-key-please-change-1234567890"
+process.env.BETTER_AUTH_SECRET ??= "local-dev-secret-not-for-production-use!!"
+process.env.BETTER_AUTH_URL ??= `http://localhost:${denWebPort}`
+
+await import("./seed-demo-org.ts")
diff --git a/ee/apps/den-api/scripts/seed-demo-org.ts b/ee/apps/den-api/scripts/seed-demo-org.ts
index e611cad669..47d2c0249b 100644
--- a/ee/apps/den-api/scripts/seed-demo-org.ts
+++ b/ee/apps/den-api/scripts/seed-demo-org.ts
@@ -1085,7 +1085,8 @@ async function main() {
   log("✓", `done in ${elapsedSeconds}s`)
   log(" ", `${memberIdsByEmail.size} members · ${teamIdsByName.size} teams · ${seededPlugins} plugins · ${seededObjects} config objects`)
   console.log()
-  log("→", `login: ${DEMO_OWNER_EMAIL} / ${DEMO_OWNER_PASSWORD}`)
+  log("→", `login email: ${DEMO_OWNER_EMAIL}`)
+  log("→", "login password: use the DEN_DEMO_OWNER_PASSWORD value supplied to this seed run")
   log("→", "open: /organization or /dashboard")
   console.log()
 }
diff --git a/ee/apps/den-api/src/auth.ts b/ee/apps/den-api/src/auth.ts
index cff8b6279d..b8f8556571 100644
--- a/ee/apps/den-api/src/auth.ts
+++ b/ee/apps/den-api/src/auth.ts
@@ -1,5 +1,6 @@
 import { getInitialActiveOrganizationIdForUser } from "./active-organization.js";
 import { db } from "./db.js";
+import { isEntraSsoEnabled, mapEntraProfileToUser, normalizeEntraTenantId } from "./entra-sso.js";
 import { env } from "./env.js";
 import { syncDenSignupContact } from "./loops.js";
 import { sendEmail } from "./utils/email/send-email.js";
@@ -12,7 +13,7 @@ import {
   denOrganizationAccess,
   denOrganizationStaticRoles,
 } from "./organization-access.js";
-import { seedDefaultOrganizationRoles } from "./orgs.js";
+import { ensureEntraSsoMembershipForAccount, seedDefaultOrganizationRoles } from "./orgs.js";
 import { createDenTypeId, normalizeDenTypeId } from "@openwork-ee/utils/typeid";
 import * as schema from "@openwork-ee/den-db/schema";
 import { apiKey } from "@better-auth/api-key";
@@ -73,6 +74,18 @@ const socialProviders = {
         },
       }
     : {}),
+  ...(isEntraSsoEnabled(env.entra)
+    ? {
+        microsoft: {
+          clientId: env.entra.clientId!,
+          clientSecret: env.entra.clientSecret!,
+          tenantId: normalizeEntraTenantId(env.entra.tenantId),
+          authority: "https://login.microsoftonline.com",
+          scope: ["openid", "profile", "email"],
+          mapProfileToUser: mapEntraProfileToUser,
+        },
+      }
+    : {}),
 };
 
 function hasRole(roleValue: string, roleName: string) {
@@ -111,6 +124,10 @@ function buildInvitationLink(invitationId: string) {
   ).toString();
 }
 
+export function getSignUpEmailRateLimitMax(devMode = env.devMode) {
+  return devMode ? 100 : 3;
+}
+
 function hasMcpScope(scopes: readonly string[]) {
   return scopes.some((scope) => scope.startsWith("mcp:"));
 }
@@ -129,6 +146,30 @@ export const auth = betterAuth({
     schema,
   }),
   databaseHooks: {
+    account: {
+      create: {
+        after: async (account) => {
+          if (account.providerId === "microsoft") {
+            await ensureEntraSsoMembershipForAccount({
+              idToken: account.idToken,
+              providerId: account.providerId,
+              userId: normalizeDenTypeId("user", account.userId),
+            });
+          }
+        },
+      },
+      update: {
+        after: async (account) => {
+          if (account.providerId === "microsoft") {
+            await ensureEntraSsoMembershipForAccount({
+              idToken: account.idToken,
+              providerId: account.providerId,
+              userId: normalizeDenTypeId("user", account.userId),
+            });
+          }
+        },
+      },
+    },
     session: {
       create: {
         before: async (session) => {
@@ -211,7 +252,7 @@ export const auth = betterAuth({
       },
       "/sign-up/email": {
         window: 3600,
-        max: env.devMode ? 100 : 5,
+        max: getSignUpEmailRateLimitMax(),
       },
       "/email-otp/send-verification-otp": {
         window: 3600,
diff --git a/ee/apps/den-api/src/db.ts b/ee/apps/den-api/src/db.ts
index bf48dfb132..a8fa313c07 100644
--- a/ee/apps/den-api/src/db.ts
+++ b/ee/apps/den-api/src/db.ts
@@ -1,8 +1,9 @@
 import { createDenDb } from "@openwork-ee/den-db"
 import { env } from "./env.js"
 
-export const { db } = createDenDb({
+export const denDb = createDenDb({
   databaseUrl: env.databaseUrl,
   mode: env.dbMode,
   planetscale: env.planetscale,
 })
+export const { client: dbClient, db } = denDb
diff --git a/ee/apps/den-api/src/entra-sso.ts b/ee/apps/den-api/src/entra-sso.ts
new file mode 100644
index 0000000000..9d0921ed03
--- /dev/null
+++ b/ee/apps/den-api/src/entra-sso.ts
@@ -0,0 +1,340 @@
+export type DenSsoOrganizationRole = "admin" | "member"
+
+export type EntraSsoConfig = {
+  clientId?: string
+  clientSecret?: string
+  tenantId?: string
+  autoJoinEnabled: boolean
+  autoJoinOrganizationId?: string
+  autoJoinOrganizationSlug?: string
+  adminGroupIds: string[]
+  memberGroupIds: string[]
+}
+
+export type EntraSsoEnvIssue = {
+  path: string
+  message: string
+}
+
+const ENTRA_TENANT_ID_PATTERN = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i
+const MULTI_TENANT_ENTRA_ALIASES = new Set(["common", "organizations", "consumers"])
+
+export type EntraProfile = {
+  email?: string | null
+  name?: string | null
+  oid?: string | null
+  preferred_username?: string | null
+  sub?: string | null
+  tid?: string | null
+  upn?: string | null
+}
+
+export type EntraTokenClaims = {
+  groups?: unknown
+}
+
+export type EntraSsoMembershipRecord = {
+  id: string
+  role: string
+}
+
+export type EnsureEntraSsoMembershipDeps<TMember extends EntraSsoMembershipRecord> = {
+  resolveOrganizationId: (input: { organizationId?: string; organizationSlug?: string }) => Promise<string | null>
+  getExistingMember: (input: { organizationId: string; userId: string }) => Promise<TMember | null>
+  createMember: (input: { organizationId: string; userId: string; role: DenSsoOrganizationRole }) => Promise<TMember>
+  updateMemberRole: (input: { memberId: string; role: DenSsoOrganizationRole }) => Promise<TMember>
+  ensureDefaultRoles: (organizationId: string) => Promise<void>
+  isOwnerRole: (role: string) => boolean
+}
+
+function optionalString(value: string | undefined) {
+  const trimmed = value?.trim()
+  return trimmed ? trimmed : undefined
+}
+
+function splitCsv(value: string | undefined) {
+  return (value ?? "")
+    .split(",")
+    .map((entry) => entry.trim())
+    .filter(Boolean)
+}
+
+export function parseEntraSsoEnv(input: {
+  DEN_ENTRA_TENANT_ID?: string
+  DEN_ENTRA_CLIENT_ID?: string
+  DEN_ENTRA_CLIENT_SECRET?: string
+  DEN_ENTRA_AUTO_JOIN_ENABLED?: string
+  DEN_ENTRA_AUTO_JOIN_ORG_ID?: string
+  DEN_ENTRA_AUTO_JOIN_ORG_SLUG?: string
+  DEN_ENTRA_ADMIN_GROUP_IDS?: string
+  DEN_ENTRA_MEMBER_GROUP_IDS?: string
+}): EntraSsoConfig {
+  return {
+    tenantId: normalizeEntraTenantId(input.DEN_ENTRA_TENANT_ID),
+    clientId: optionalString(input.DEN_ENTRA_CLIENT_ID),
+    clientSecret: optionalString(input.DEN_ENTRA_CLIENT_SECRET),
+    autoJoinEnabled: (input.DEN_ENTRA_AUTO_JOIN_ENABLED ?? "false").toLowerCase() === "true",
+    autoJoinOrganizationId: optionalString(input.DEN_ENTRA_AUTO_JOIN_ORG_ID),
+    autoJoinOrganizationSlug: optionalString(input.DEN_ENTRA_AUTO_JOIN_ORG_SLUG),
+    adminGroupIds: splitCsv(input.DEN_ENTRA_ADMIN_GROUP_IDS),
+    memberGroupIds: splitCsv(input.DEN_ENTRA_MEMBER_GROUP_IDS),
+  }
+}
+
+export function validateEntraSsoEnv(input: {
+  DEN_ENTRA_TENANT_ID?: string
+  DEN_ENTRA_CLIENT_ID?: string
+  DEN_ENTRA_CLIENT_SECRET?: string
+  DEN_ENTRA_AUTO_JOIN_ENABLED?: string
+  DEN_ENTRA_AUTO_JOIN_ORG_ID?: string
+  DEN_ENTRA_AUTO_JOIN_ORG_SLUG?: string
+  BETTER_AUTH_URL?: string
+  DEN_BETTER_AUTH_TRUSTED_ORIGINS?: string
+  CORS_ORIGINS?: string
+}) {
+  const issues: EntraSsoEnvIssue[] = []
+  const hasAnyProviderValue = Boolean(input.DEN_ENTRA_TENANT_ID || input.DEN_ENTRA_CLIENT_ID || input.DEN_ENTRA_CLIENT_SECRET)
+
+  if (hasAnyProviderValue) {
+    for (const key of ["DEN_ENTRA_TENANT_ID", "DEN_ENTRA_CLIENT_ID", "DEN_ENTRA_CLIENT_SECRET"] as const) {
+      if (!input[key]?.trim()) {
+        issues.push({
+          path: key,
+          message: `${key} is required when configuring Microsoft Entra SSO`,
+        })
+      }
+    }
+
+    const tenantId = input.DEN_ENTRA_TENANT_ID?.trim()
+    if (tenantId && !normalizeEntraTenantId(tenantId)) {
+      issues.push({
+        path: "DEN_ENTRA_TENANT_ID",
+        message: "DEN_ENTRA_TENANT_ID must be a fixed Entra tenant GUID; common, organizations, and consumers are not allowed",
+      })
+    }
+
+    const trustedOrigins = splitCsv(input.DEN_BETTER_AUTH_TRUSTED_ORIGINS)
+    const effectiveTrustedOrigins = trustedOrigins.length > 0 ? trustedOrigins : splitCsv(input.CORS_ORIGINS)
+    const trustedOriginsPath = trustedOrigins.length > 0 ? "DEN_BETTER_AUTH_TRUSTED_ORIGINS" : "CORS_ORIGINS"
+    for (const origin of effectiveTrustedOrigins) {
+      if (origin.trim() === "*") {
+        issues.push({
+          path: trustedOriginsPath,
+          message: "Wildcard trusted origins are not allowed when Microsoft Entra SSO is configured",
+        })
+        continue
+      }
+
+      if (!isSafeEntraAuthOrigin(origin)) {
+        issues.push({
+          path: trustedOriginsPath,
+          message: "Microsoft Entra SSO trusted origins must use https, except http is allowed for localhost, loopback, private LAN IPs, or .local hostnames",
+        })
+      }
+    }
+
+    if (input.BETTER_AUTH_URL && !isSafeEntraAuthOrigin(input.BETTER_AUTH_URL)) {
+      issues.push({
+        path: "BETTER_AUTH_URL",
+        message: "BETTER_AUTH_URL must use https, except http is allowed for localhost, loopback, private LAN IPs, or .local hostnames",
+      })
+    }
+  }
+
+  if ((input.DEN_ENTRA_AUTO_JOIN_ENABLED ?? "false").trim().toLowerCase() === "true") {
+    const hasOrgId = Boolean(input.DEN_ENTRA_AUTO_JOIN_ORG_ID?.trim())
+    const hasOrgSlug = Boolean(input.DEN_ENTRA_AUTO_JOIN_ORG_SLUG?.trim())
+    if (hasOrgId === hasOrgSlug) {
+      issues.push({
+        path: "DEN_ENTRA_AUTO_JOIN_ORG_ID",
+        message: "Exactly one of DEN_ENTRA_AUTO_JOIN_ORG_ID or DEN_ENTRA_AUTO_JOIN_ORG_SLUG is required when DEN_ENTRA_AUTO_JOIN_ENABLED=true",
+      })
+    }
+  }
+
+  return issues
+}
+
+export function isEntraSsoEnabled(config: Pick<EntraSsoConfig, "clientId" | "clientSecret" | "tenantId">) {
+  return Boolean(config.clientId && config.clientSecret && config.tenantId)
+}
+
+export function normalizeEntraTenantId(value: string | undefined) {
+  const tenantId = value?.trim()
+  if (!tenantId || MULTI_TENANT_ENTRA_ALIASES.has(tenantId.toLowerCase()) || !ENTRA_TENANT_ID_PATTERN.test(tenantId)) {
+    return undefined
+  }
+  return tenantId.toLowerCase()
+}
+
+function isPrivateLanIpv4(hostname: string) {
+  const parts = hostname.split(".").map((part) => Number(part))
+  if (parts.length !== 4 || parts.some((part) => !Number.isInteger(part) || part < 0 || part > 255)) {
+    return false
+  }
+
+  const [first, second] = parts
+  return first === 10
+    || (first === 172 && second >= 16 && second <= 31)
+    || (first === 192 && second === 168)
+}
+
+export function isSafeEntraAuthOrigin(origin: string) {
+  try {
+    const parsed = new URL(origin)
+    if (parsed.protocol === "https:") {
+      return true
+    }
+    if (parsed.protocol !== "http:") {
+      return false
+    }
+
+    const hostname = parsed.hostname.toLowerCase()
+    return hostname === "localhost"
+      || hostname === "127.0.0.1"
+      || hostname === "::1"
+      || hostname.endsWith(".local")
+      || isPrivateLanIpv4(hostname)
+  } catch {
+    return false
+  }
+}
+
+export function mapEntraProfileToUser(profile: EntraProfile) {
+  const email = profile.email?.trim()
+    || profile.preferred_username?.trim()
+    || profile.upn?.trim()
+    || (profile.oid?.trim() ? `${profile.oid.trim()}@entra.local` : undefined)
+    || (profile.sub?.trim() ? `${profile.sub.trim()}@entra.local` : undefined)
+
+  return {
+    email,
+    emailVerified: Boolean(email),
+    name: profile.name?.trim() || email || "Microsoft Entra user",
+  }
+}
+
+function decodeJwtPayload(token: string) {
+  const payload = token.split(".")[1]
+  if (!payload) {
+    return null
+  }
+
+  try {
+    const normalized = payload.replace(/-/g, "+").replace(/_/g, "/")
+    const padded = normalized.padEnd(Math.ceil(normalized.length / 4) * 4, "=")
+    return JSON.parse(Buffer.from(padded, "base64").toString("utf8")) as Record<string, unknown>
+  } catch {
+    return null
+  }
+}
+
+export function extractEntraGroupsFromClaims(claims: EntraTokenClaims | null | undefined) {
+  if (!Array.isArray(claims?.groups)) {
+    return []
+  }
+
+  return claims.groups
+    .filter((group): group is string => typeof group === "string")
+    .map((group) => group.trim())
+    .filter(Boolean)
+}
+
+export function extractEntraGroupsFromIdToken(idToken: string | null | undefined) {
+  if (!idToken) {
+    return []
+  }
+
+  return extractEntraGroupsFromClaims(decodeJwtPayload(idToken))
+}
+
+export function resolveEntraSsoRole(input: {
+  groups: readonly string[]
+  adminGroupIds: readonly string[]
+  memberGroupIds: readonly string[]
+}): DenSsoOrganizationRole {
+  const groups = new Set(input.groups.map((group) => group.trim()).filter(Boolean))
+
+  if (input.adminGroupIds.some((groupId) => groups.has(groupId))) {
+    return "admin"
+  }
+
+  if (input.memberGroupIds.some((groupId) => groups.has(groupId))) {
+    return "member"
+  }
+
+  return "member"
+}
+
+export function normalizeSsoAssignableRole(role: string): DenSsoOrganizationRole {
+  return role === "admin" ? "admin" : "member"
+}
+
+export async function ensureEntraSsoMembership<TMember extends EntraSsoMembershipRecord>(input: {
+  userId: string
+  providerId?: string | null
+  idToken?: string | null
+  config: Pick<EntraSsoConfig, "autoJoinEnabled" | "autoJoinOrganizationId" | "autoJoinOrganizationSlug" | "adminGroupIds" | "memberGroupIds">
+  deps: EnsureEntraSsoMembershipDeps<TMember>
+}) {
+  if (input.providerId !== "microsoft") {
+    return { status: "provider_not_microsoft" as const }
+  }
+
+  if (!input.config.autoJoinEnabled) {
+    return { status: "disabled" as const }
+  }
+
+  const hasOrgId = Boolean(input.config.autoJoinOrganizationId?.trim())
+  const hasOrgSlug = Boolean(input.config.autoJoinOrganizationSlug?.trim())
+  if (hasOrgId === hasOrgSlug) {
+    return { status: "invalid_organization_selector" as const }
+  }
+
+  const organizationId = await input.deps.resolveOrganizationId({
+    organizationId: input.config.autoJoinOrganizationId,
+    organizationSlug: input.config.autoJoinOrganizationSlug,
+  })
+  if (!organizationId) {
+    return { status: "organization_not_found" as const }
+  }
+
+  const groups = extractEntraGroupsFromIdToken(input.idToken)
+  const role = normalizeSsoAssignableRole(resolveEntraSsoRole({
+    groups,
+    adminGroupIds: input.config.adminGroupIds,
+    memberGroupIds: input.config.memberGroupIds,
+  }))
+
+  const existingMember = await input.deps.getExistingMember({
+    organizationId,
+    userId: input.userId,
+  })
+
+  if (!existingMember) {
+    const member = await input.deps.createMember({
+      organizationId,
+      userId: input.userId,
+      role,
+    })
+    await input.deps.ensureDefaultRoles(organizationId)
+    return { status: "created" as const, member, role }
+  }
+
+  if (input.deps.isOwnerRole(existingMember.role)) {
+    await input.deps.ensureDefaultRoles(organizationId)
+    return { status: "owner_preserved" as const, member: existingMember, role: existingMember.role }
+  }
+
+  if (existingMember.role !== role) {
+    const member = await input.deps.updateMemberRole({
+      memberId: existingMember.id,
+      role,
+    })
+    await input.deps.ensureDefaultRoles(organizationId)
+    return { status: "updated" as const, member, role }
+  }
+
+  await input.deps.ensureDefaultRoles(organizationId)
+  return { status: "unchanged" as const, member: existingMember, role }
+}
diff --git a/ee/apps/den-api/src/env.ts b/ee/apps/den-api/src/env.ts
index 61cbd19614..5df669d899 100644
--- a/ee/apps/den-api/src/env.ts
+++ b/ee/apps/den-api/src/env.ts
@@ -1,4 +1,5 @@
 import { DEN_WORKER_POLL_INTERVAL_MS } from "./CONSTS.js"
+import { parseEntraSsoEnv, validateEntraSsoEnv } from "./entra-sso.js"
 import { z } from "zod"
 
 const EnvSchema = z.object({
@@ -21,6 +22,14 @@ const EnvSchema = z.object({
   GITHUB_CONNECTOR_APP_WEBHOOK_SECRET: z.string().optional(),
   GOOGLE_CLIENT_ID: z.string().optional(),
   GOOGLE_CLIENT_SECRET: z.string().optional(),
+  DEN_ENTRA_TENANT_ID: z.string().optional(),
+  DEN_ENTRA_CLIENT_ID: z.string().optional(),
+  DEN_ENTRA_CLIENT_SECRET: z.string().optional(),
+  DEN_ENTRA_AUTO_JOIN_ENABLED: z.string().optional(),
+  DEN_ENTRA_AUTO_JOIN_ORG_ID: z.string().optional(),
+  DEN_ENTRA_AUTO_JOIN_ORG_SLUG: z.string().optional(),
+  DEN_ENTRA_ADMIN_GROUP_IDS: z.string().optional(),
+  DEN_ENTRA_MEMBER_GROUP_IDS: z.string().optional(),
   EMAIL_FROM: z.string().optional(),
   DEN_REQUIRE_EMAIL_VERIFICATION: z.string().optional(),
   RESEND_API_KEY: z.string().optional(),
@@ -34,8 +43,17 @@ const EnvSchema = z.object({
   PORT: z.string().optional(),
   CORS_ORIGINS: z.string().optional(),
   WORKER_PROXY_PORT: z.string().optional(),
-  PROVISIONER_MODE: z.enum(["stub", "render", "daytona"]).optional(),
+  PROVISIONER_MODE: z.enum(["stub", "render", "daytona", "static"]).optional(),
   WORKER_URL_TEMPLATE: z.string().optional(),
+  STATIC_WORKER_URLS: z.string().optional(),
+  STATIC_WORKER_HEALTH_PATH: z.string().optional(),
+  STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS: z.string().optional(),
+  STATIC_WORKER_HEALTHCHECK_INTERVAL_MS: z.string().optional(),
+  STATIC_WORKER_RESERVATION_TTL_MS: z.string().optional(),
+  STATIC_WORKER_TOKEN_MAP_JSON: z.string().optional(),
+  STATIC_WORKER_ATTACH_ALLOW_PRIVATE: z.string().optional(),
+  STATIC_WORKER_ATTACH_ALLOWED_HOSTS: z.string().optional(),
+  STATIC_WORKER_ATTACH_ALLOWED_CIDRS: z.string().optional(),
   WORKER_ACTIVITY_BASE_URL: z.string().optional(),
   OPENWORK_DAYTONA_ENV_PATH: z.string().optional(),
   RENDER_API_BASE: z.string().optional(),
@@ -123,6 +141,25 @@ const EnvSchema = z.object({
       }
     }
   }
+
+  if (value.PROVISIONER_MODE === "static") {
+    const staticConfig = parseStaticWorkersEnv(value)
+    for (const issue of staticConfig.issues) {
+      ctx.addIssue({
+        code: z.ZodIssueCode.custom,
+        message: issue.message,
+        path: [issue.path],
+      })
+    }
+  }
+
+  for (const issue of validateEntraSsoEnv(value)) {
+    ctx.addIssue({
+      code: z.ZodIssueCode.custom,
+      message: issue.message,
+      path: [issue.path],
+    })
+  }
 })
 
 const parsed = EnvSchema.parse(process.env)
@@ -147,6 +184,226 @@ function normalizeOrigin(origin: string) {
   return value.replace(/\/+$/, "")
 }
 
+type StaticWorkersEnvInput = {
+  STATIC_WORKER_URLS?: string
+  STATIC_WORKER_HEALTH_PATH?: string
+  STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS?: string
+  STATIC_WORKER_HEALTHCHECK_INTERVAL_MS?: string
+  STATIC_WORKER_RESERVATION_TTL_MS?: string
+  STATIC_WORKER_TOKEN_MAP_JSON?: string
+  STATIC_WORKER_ATTACH_ALLOW_PRIVATE?: string
+  STATIC_WORKER_ATTACH_ALLOWED_HOSTS?: string
+  STATIC_WORKER_ATTACH_ALLOWED_CIDRS?: string
+}
+
+type StaticWorkersEnvIssue = {
+  path: keyof StaticWorkersEnvInput
+  message: string
+}
+
+type StaticWorkerTokenPair = {
+  clientToken: string
+  hostToken: string
+}
+
+function parsePositiveInteger(value: string | undefined, fallback: number) {
+  const raw = value?.trim()
+  if (!raw) {
+    return fallback
+  }
+  const parsedValue = Number(raw)
+  return Number.isInteger(parsedValue) && parsedValue > 0 ? parsedValue : null
+}
+
+function normalizeStaticWorkerUrl(value: string) {
+  const parsedUrl = new URL(value.trim())
+  parsedUrl.hash = ""
+  parsedUrl.search = ""
+  parsedUrl.pathname = parsedUrl.pathname.replace(/\/+$/, "")
+  const serialized = parsedUrl.toString().replace(/\/+$/, "")
+  return serialized
+}
+
+function isRecord(value: unknown): value is Record<string, unknown> {
+  return typeof value === "object" && value !== null && !Array.isArray(value)
+}
+
+function parseStaticWorkerTokenPair(value: unknown) {
+  if (!isRecord(value)) {
+    return null
+  }
+  const clientToken = typeof value.clientToken === "string" ? value.clientToken.trim() : ""
+  const hostToken = typeof value.hostToken === "string" ? value.hostToken.trim() : ""
+  return clientToken && hostToken ? { clientToken, hostToken } : null
+}
+
+export function parseStaticWorkersEnv(input: StaticWorkersEnvInput) {
+  const issues: StaticWorkersEnvIssue[] = []
+  const urls: string[] = []
+  const seenUrls = new Set<string>()
+  const tokenMap: Record<string, StaticWorkerTokenPair> = {}
+
+  for (const rawUrl of splitCsv(input.STATIC_WORKER_URLS)) {
+    let normalizedUrl: string
+    try {
+      const parsedUrl = new URL(rawUrl)
+      if (parsedUrl.protocol !== "http:" && parsedUrl.protocol !== "https:") {
+        issues.push({
+          path: "STATIC_WORKER_URLS",
+          message: "STATIC_WORKER_URLS entries must use http or https URLs",
+        })
+        continue
+      }
+      normalizedUrl = normalizeStaticWorkerUrl(rawUrl)
+    } catch {
+      issues.push({
+        path: "STATIC_WORKER_URLS",
+        message: "STATIC_WORKER_URLS entries must be valid URLs",
+      })
+      continue
+    }
+
+    if (seenUrls.has(normalizedUrl)) {
+      issues.push({
+        path: "STATIC_WORKER_URLS",
+        message: `STATIC_WORKER_URLS contains duplicate URL ${normalizedUrl}`,
+      })
+      continue
+    }
+
+    seenUrls.add(normalizedUrl)
+    urls.push(normalizedUrl)
+  }
+
+  if (urls.length === 0) {
+    issues.push({
+      path: "STATIC_WORKER_URLS",
+      message: "STATIC_WORKER_URLS is required when PROVISIONER_MODE=static",
+    })
+  }
+
+  const rawTokenMap = optionalString(input.STATIC_WORKER_TOKEN_MAP_JSON)
+  if (!rawTokenMap) {
+    issues.push({
+      path: "STATIC_WORKER_TOKEN_MAP_JSON",
+      message: "STATIC_WORKER_TOKEN_MAP_JSON is required when PROVISIONER_MODE=static",
+    })
+  } else {
+    try {
+      const parsedTokenMap: unknown = JSON.parse(rawTokenMap)
+      if (!isRecord(parsedTokenMap)) {
+        issues.push({
+          path: "STATIC_WORKER_TOKEN_MAP_JSON",
+          message: "STATIC_WORKER_TOKEN_MAP_JSON must be a JSON object keyed by worker URL",
+        })
+      } else {
+        for (const [rawUrl, rawPair] of Object.entries(parsedTokenMap)) {
+          let normalizedUrl: string
+          try {
+            normalizedUrl = normalizeStaticWorkerUrl(rawUrl)
+          } catch {
+            issues.push({
+              path: "STATIC_WORKER_TOKEN_MAP_JSON",
+              message: "STATIC_WORKER_TOKEN_MAP_JSON keys must be valid worker URLs",
+            })
+            continue
+          }
+
+          const pair = parseStaticWorkerTokenPair(rawPair)
+          if (!pair) {
+            issues.push({
+              path: "STATIC_WORKER_TOKEN_MAP_JSON",
+              message: `STATIC_WORKER_TOKEN_MAP_JSON entry for ${normalizedUrl} must include non-empty clientToken and hostToken`,
+            })
+            continue
+          }
+          if (Object.prototype.hasOwnProperty.call(tokenMap, normalizedUrl)) {
+            issues.push({
+              path: "STATIC_WORKER_TOKEN_MAP_JSON",
+              message: `STATIC_WORKER_TOKEN_MAP_JSON contains duplicate key for ${normalizedUrl}`,
+            })
+            continue
+          }
+          tokenMap[normalizedUrl] = pair
+        }
+
+        for (const url of urls) {
+          if (!tokenMap[url]) {
+            issues.push({
+              path: "STATIC_WORKER_TOKEN_MAP_JSON",
+              message: `STATIC_WORKER_TOKEN_MAP_JSON is missing token pair for ${url}`,
+            })
+          }
+        }
+
+        const configuredUrls = new Set(urls)
+        for (const url of Object.keys(tokenMap)) {
+          if (!configuredUrls.has(url)) {
+            issues.push({
+              path: "STATIC_WORKER_TOKEN_MAP_JSON",
+              message: `STATIC_WORKER_TOKEN_MAP_JSON contains token pair for unconfigured URL ${url}`,
+            })
+          }
+        }
+      }
+    } catch {
+      issues.push({
+        path: "STATIC_WORKER_TOKEN_MAP_JSON",
+        message: "STATIC_WORKER_TOKEN_MAP_JSON must be valid JSON",
+      })
+    }
+  }
+
+  const healthPath = optionalString(input.STATIC_WORKER_HEALTH_PATH) ?? "/health"
+  if (!healthPath.startsWith("/") || healthPath.startsWith("//") || healthPath.includes("?")) {
+    issues.push({
+      path: "STATIC_WORKER_HEALTH_PATH",
+      message: "STATIC_WORKER_HEALTH_PATH must be an absolute path such as /health",
+    })
+  }
+
+  const healthcheckTimeoutMs = parsePositiveInteger(input.STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS, 10000)
+  if (healthcheckTimeoutMs === null) {
+    issues.push({
+      path: "STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS",
+      message: "STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS must be a positive integer",
+    })
+  }
+
+  const healthcheckIntervalMs = parsePositiveInteger(input.STATIC_WORKER_HEALTHCHECK_INTERVAL_MS, 1000)
+  if (healthcheckIntervalMs === null) {
+    issues.push({
+      path: "STATIC_WORKER_HEALTHCHECK_INTERVAL_MS",
+      message: "STATIC_WORKER_HEALTHCHECK_INTERVAL_MS must be a positive integer",
+    })
+  }
+
+  const reservationTtlMs = parsePositiveInteger(input.STATIC_WORKER_RESERVATION_TTL_MS, 300000)
+  if (reservationTtlMs === null) {
+    issues.push({
+      path: "STATIC_WORKER_RESERVATION_TTL_MS",
+      message: "STATIC_WORKER_RESERVATION_TTL_MS must be a positive integer",
+    })
+  }
+
+  const allowPrivateAttach = (input.STATIC_WORKER_ATTACH_ALLOW_PRIVATE ?? "false").trim().toLowerCase() === "true"
+  const attachAllowedHosts = splitCsv(input.STATIC_WORKER_ATTACH_ALLOWED_HOSTS).map((host) => host.toLowerCase())
+  const attachAllowedCidrs = splitCsv(input.STATIC_WORKER_ATTACH_ALLOWED_CIDRS)
+
+  return {
+    urls,
+    healthPath,
+    healthcheckTimeoutMs: healthcheckTimeoutMs ?? 10000,
+    healthcheckIntervalMs: healthcheckIntervalMs ?? 1000,
+    reservationTtlMs: reservationTtlMs ?? 300000,
+    tokenMap,
+    allowPrivateAttach,
+    attachAllowedHosts,
+    attachAllowedCidrs,
+    issues,
+  }
+}
+
 const corsOrigins = splitCsv(parsed.CORS_ORIGINS).map((origin) => normalizeOrigin(origin))
 const betterAuthTrustedOrigins = splitCsv(parsed.DEN_BETTER_AUTH_TRUSTED_ORIGINS)
   .map((origin) => normalizeOrigin(origin))
@@ -159,6 +416,7 @@ const requireEmailVerification = parsed.DEN_REQUIRE_EMAIL_VERIFICATION === undef
   ? !devMode
   : parsed.DEN_REQUIRE_EMAIL_VERIFICATION.trim().toLowerCase() !== "false"
 const port = Number(parsed.PORT ?? "8790")
+const staticWorkers = parseStaticWorkersEnv(parsed)
 
 const daytonaSandboxPublic =
   (parsed.DAYTONA_SANDBOX_PUBLIC ?? "false").toLowerCase() === "true"
@@ -202,6 +460,7 @@ export const env = {
     clientId: optionalString(parsed.GOOGLE_CLIENT_ID),
     clientSecret: optionalString(parsed.GOOGLE_CLIENT_SECRET),
   },
+  entra: parseEntraSsoEnv(parsed),
   email: {
     from: optionalString(parsed.EMAIL_FROM),
   },
@@ -223,6 +482,17 @@ export const env = {
   corsOrigins,
   provisionerMode: parsed.PROVISIONER_MODE ?? "daytona",
   workerUrlTemplate: parsed.WORKER_URL_TEMPLATE,
+  staticWorkers: {
+    urls: staticWorkers.urls,
+    healthPath: staticWorkers.healthPath,
+    healthcheckTimeoutMs: staticWorkers.healthcheckTimeoutMs,
+    healthcheckIntervalMs: staticWorkers.healthcheckIntervalMs,
+    reservationTtlMs: staticWorkers.reservationTtlMs,
+    tokenMap: staticWorkers.tokenMap,
+    allowPrivateAttach: staticWorkers.allowPrivateAttach,
+    attachAllowedHosts: staticWorkers.attachAllowedHosts,
+    attachAllowedCidrs: staticWorkers.attachAllowedCidrs,
+  },
   workerActivityBaseUrl:
     optionalString(parsed.WORKER_ACTIVITY_BASE_URL) ??
     parsed.BETTER_AUTH_URL.trim().replace(/\/+$/, ""),
diff --git a/ee/apps/den-api/src/generated/app-version.ts b/ee/apps/den-api/src/generated/app-version.ts
index 9a4e741eab..97880ec70e 100644
--- a/ee/apps/den-api/src/generated/app-version.ts
+++ b/ee/apps/den-api/src/generated/app-version.ts
@@ -1 +1 @@
-export const BUILD_LATEST_APP_VERSION = "0.13.8" as const
+export const BUILD_LATEST_APP_VERSION = "0.15.3" as const
diff --git a/ee/apps/den-api/src/orgs.ts b/ee/apps/den-api/src/orgs.ts
index 1100d31b64..440a40c10c 100644
--- a/ee/apps/den-api/src/orgs.ts
+++ b/ee/apps/den-api/src/orgs.ts
@@ -1,6 +1,7 @@
-import { and, asc, count, eq, inArray, isNull } from "@openwork-ee/den-db/drizzle"
+import { and, asc, count, desc, eq, inArray, isNull, or } from "@openwork-ee/den-db/drizzle"
 import {
   AuthSessionTable,
+  AuthAccountTable,
   AuthUserTable,
   InvitationTable,
   MemberTable,
@@ -11,6 +12,8 @@ import {
 } from "@openwork-ee/den-db/schema"
 import { createDenTypeId, normalizeDenTypeId } from "@openwork-ee/utils/typeid"
 import { db } from "./db.js"
+import { env } from "./env.js"
+import { ensureEntraSsoMembership } from "./entra-sso.js"
 import { runPostOrganizationMemberChangeHooks } from "./organization-member-hooks.js"
 import { DEFAULT_ORGANIZATION_LIMITS, normalizeOrganizationMetadata, serializeOrganizationMetadata } from "./organization-limits.js"
 import { denDefaultDynamicOrganizationRoles, denOrganizationStaticRoles } from "./organization-access.js"
@@ -73,19 +76,16 @@ export type OrganizationContext = {
     userId: UserId
     role: string
     createdAt: Date
-    joinedAt: Date | null
     isOwner: boolean
   }
   members: Array<{
     id: MemberId
-    userId: UserId | null
-    inviteId: InvitationRow["id"] | null
+    userId: UserId
     role: string
     createdAt: Date
-    joinedAt: Date | null
     isOwner: boolean
     user: {
-      id: UserId | MemberId
+      id: UserId
       email: string
       name: string
       image: string | null
@@ -98,7 +98,6 @@ export type OrganizationContext = {
     status: string
     expiresAt: Date
     createdAt: Date
-    inviteToken: string | null
   }>
   roles: Array<{
     id: string
@@ -215,20 +214,6 @@ function getEmailDomain(email: string) {
   return normalized.slice(atIndex + 1)
 }
 
-function getEmailLocalPart(email: string) {
-  const atIndex = email.indexOf("@")
-  return atIndex > 0 ? email.slice(0, atIndex) : email
-}
-
-function getEmailDomainName(email: string) {
-  const domain = getEmailDomain(email)
-  return domain?.split(".")[0] ?? "invited"
-}
-
-function getInvitedMemberName(email: string) {
-  return `${getEmailLocalPart(email)} ${getEmailDomainName(email)}`.trim()
-}
-
 export function isEmailAllowedForOrganization(allowedEmailDomains: readonly string[] | null | undefined, email: string) {
   if (!allowedEmailDomains || allowedEmailDomains.length === 0) {
     return true
@@ -298,7 +283,7 @@ async function listMembershipRows(userId: UserId) {
   return db
     .select()
     .from(MemberTable)
-    .where(and(eq(MemberTable.userId, userId), isNull(MemberTable.removedAt)))
+    .where(eq(MemberTable.userId, userId))
     .orderBy(asc(MemberTable.createdAt))
 }
 
@@ -310,31 +295,115 @@ function getInvitationStatus(invitation: Pick<InvitationRow, "status" | "expires
   return invitation.expiresAt > new Date() ? "pending" : "expired"
 }
 
+export function parseInvitationLookupIdentifier(invitationIdOrTokenRaw: string) {
+  const invitationIdOrToken = invitationIdOrTokenRaw.trim()
+  let invitationId: InvitationRow["id"] | null = null
+  try {
+    invitationId = normalizeDenTypeId("invitation", invitationIdOrToken)
+  } catch {}
+
+  return { invitationId, inviteToken: invitationIdOrToken }
+}
+
+function getInvitationLookupWhere(invitationIdOrTokenRaw: string) {
+  const { invitationId, inviteToken } = parseInvitationLookupIdentifier(invitationIdOrTokenRaw)
+
+  return invitationId
+    ? or(eq(InvitationTable.id, invitationId), eq(InvitationTable.inviteToken, inviteToken))
+    : eq(InvitationTable.inviteToken, inviteToken)
+}
+
 async function getInvitationById(invitationIdRaw: string) {
-  const tokenRows = await db
+  const rows = await db
     .select()
     .from(InvitationTable)
-    .where(eq(InvitationTable.inviteToken, invitationIdRaw))
+    .where(getInvitationLookupWhere(invitationIdRaw))
     .limit(1)
 
-  if (tokenRows[0]) {
-    return tokenRows[0]
-  }
+  return rows[0] ?? null
+}
 
-  let invitationId
-  try {
-    invitationId = normalizeDenTypeId("invitation", invitationIdRaw)
-  } catch {
+async function findActiveMemberForUser(input: {
+  organizationId: OrgId
+  userId: UserId
+}): Promise<MemberRow | null> {
+  const rows = await db
+    .select()
+    .from(MemberTable)
+    .where(and(eq(MemberTable.organizationId, input.organizationId), eq(MemberTable.userId, input.userId), isNull(MemberTable.removedAt)))
+    .limit(1)
+
+  return rows[0] ?? null
+}
+
+async function claimInvitationPlaceholderMember(input: {
+  invitation: InvitationRow
+  userId: UserId
+  role: string
+}): Promise<MemberRow | null> {
+  const placeholderRows = await db
+    .select({ id: MemberTable.id })
+    .from(MemberTable)
+    .where(and(
+      eq(MemberTable.organizationId, input.invitation.organizationId),
+      eq(MemberTable.inviteId, input.invitation.id),
+      isNull(MemberTable.userId),
+      isNull(MemberTable.removedAt),
+    ))
+    .limit(1)
+
+  const placeholder = placeholderRows[0]
+  if (!placeholder) {
     return null
   }
 
-  const rows = await db
+  await db
+    .update(MemberTable)
+    .set({ userId: input.userId, role: input.role, joinedAt: new Date() })
+    .where(eq(MemberTable.id, placeholder.id))
+
+  const claimedRows = await db
     .select()
-    .from(InvitationTable)
-    .where(eq(InvitationTable.id, invitationId))
+    .from(MemberTable)
+    .where(eq(MemberTable.id, placeholder.id))
     .limit(1)
 
-  return rows[0] ?? null
+  return claimedRows[0] ?? null
+}
+
+async function ensureInvitationTeamMembership(input: {
+  invitation: InvitationRow
+  memberId: MemberId
+}) {
+  if (!input.invitation.teamId) {
+    return
+  }
+
+  const teams = await db
+    .select({ id: TeamTable.id })
+    .from(TeamTable)
+    .where(eq(TeamTable.id, input.invitation.teamId))
+    .limit(1)
+
+  if (!teams[0]) {
+    return
+  }
+
+  const existingTeamMember = await db
+    .select({ id: TeamMemberTable.id })
+    .from(TeamMemberTable)
+    .where(and(eq(TeamMemberTable.teamId, input.invitation.teamId), eq(TeamMemberTable.orgMembershipId, input.memberId)))
+    .limit(1)
+
+  if (existingTeamMember[0]) {
+    return
+  }
+
+  await db.insert(TeamMemberTable).values({
+    id: createDenTypeId("teamMember"),
+    teamId: input.invitation.teamId,
+    orgMembershipId: input.memberId,
+  })
 }
 
 async function ensureDefaultDynamicRoles(orgId: OrgId) {
@@ -395,7 +464,6 @@ async function insertMemberIfMissing(input: {
     organizationId: input.organizationId,
     userId: input.userId,
     role: input.role,
-    joinedAt: new Date(),
   })
 
   const created = await db
@@ -411,33 +479,119 @@ async function insertMemberIfMissing(input: {
   return created[0]
 }
 
-async function acceptInvitation(invitation: InvitationRow, userId: UserId) {
-  const availableRoles = await listAssignableRoles(invitation.organizationId)
-  const role = normalizeAssignableRole(invitation.role, availableRoles)
-  const joinedAt = new Date()
+async function resolveEntraAutoJoinOrganizationId(input: {
+  organizationId?: string
+  organizationSlug?: string
+}): Promise<OrgId | null> {
+  if (input.organizationId) {
+    try {
+      const organizationId = normalizeDenTypeId("organization", input.organizationId)
+      const rows = await db
+        .select({ id: OrganizationTable.id })
+        .from(OrganizationTable)
+        .where(eq(OrganizationTable.id, organizationId))
+        .limit(1)
 
-  const existingMemberRows = await db
-    .select()
-    .from(MemberTable)
-    .where(and(eq(MemberTable.organizationId, invitation.organizationId), eq(MemberTable.userId, userId), isNull(MemberTable.removedAt)))
-    .limit(1)
+      return rows[0]?.id ?? null
+    } catch {
+      return null
+    }
+  }
 
-  const invitedMemberRows = await db
-    .select()
-    .from(MemberTable)
-    .where(and(eq(MemberTable.inviteId, invitation.id), eq(MemberTable.organizationId, invitation.organizationId), isNull(MemberTable.removedAt)))
+  const slug = input.organizationSlug?.trim()
+  if (!slug) {
+    return null
+  }
+
+  const rows = await db
+    .select({ id: OrganizationTable.id })
+    .from(OrganizationTable)
+    .where(eq(OrganizationTable.slug, slug))
+    .limit(2)
+
+  return rows.length === 1 ? rows[0].id : null
+}
+
+async function latestMicrosoftIdTokenForUser(userId: UserId) {
+  const rows = await db
+    .select({ idToken: AuthAccountTable.idToken })
+    .from(AuthAccountTable)
+    .where(and(eq(AuthAccountTable.userId, userId), eq(AuthAccountTable.providerId, "microsoft")))
+    .orderBy(desc(AuthAccountTable.updatedAt))
     .limit(1)
 
-  const invitedMember = invitedMemberRows[0] ?? null
-  const existingMember = existingMemberRows[0] ?? null
-  let member = existingMember
+  return rows[0]?.idToken ?? null
+}
 
-  if (!member && invitedMember) {
-    await db
-      .update(MemberTable)
-      .set({ userId, role, joinedAt })
-      .where(eq(MemberTable.id, invitedMember.id))
-    member = { ...invitedMember, userId, role, joinedAt }
+export async function ensureEntraSsoMembershipForAccount(input: {
+  userId: UserId
+  providerId?: string | null
+  idToken?: string | null
+}) {
+  const idToken = input.idToken ?? await latestMicrosoftIdTokenForUser(input.userId)
+  const result = await ensureEntraSsoMembership({
+    userId: input.userId,
+    providerId: input.providerId,
+    idToken,
+    config: env.entra,
+    deps: {
+      resolveOrganizationId: async (selector) => resolveEntraAutoJoinOrganizationId(selector) as Promise<string | null>,
+      getExistingMember: async ({ organizationId, userId }) => {
+        const existing = await db
+          .select()
+          .from(MemberTable)
+          .where(and(eq(MemberTable.organizationId, organizationId as OrgId), eq(MemberTable.userId, userId as UserId), isNull(MemberTable.removedAt)))
+          .limit(1)
+
+        return existing[0] ?? null
+      },
+      createMember: async ({ organizationId, userId, role }) => insertMemberIfMissing({
+        organizationId: organizationId as OrgId,
+        userId: userId as UserId,
+        role,
+      }),
+      updateMemberRole: async ({ memberId, role }) => {
+        await db
+          .update(MemberTable)
+          .set({ role })
+          .where(eq(MemberTable.id, memberId as MemberId))
+
+        const updatedRows = await db
+          .select()
+          .from(MemberTable)
+          .where(eq(MemberTable.id, memberId as MemberId))
+          .limit(1)
+        if (!updatedRows[0]) {
+          throw new Error("failed_to_update_member")
+        }
+        return updatedRows[0]
+      },
+      ensureDefaultRoles: async (organizationId) => ensureDefaultDynamicRoles(organizationId as OrgId),
+      isOwnerRole: roleIncludesOwner,
+    },
+  })
+
+  if (result.status === "created") {
+    await runPostOrganizationMemberChangeHooks({
+      organizationId: result.member.organizationId,
+      memberId: result.member.id,
+      change: "added",
+    })
+  }
+
+  return result
+}
+
+async function acceptInvitation(invitation: InvitationRow, userId: UserId) {
+  const availableRoles = await listAssignableRoles(invitation.organizationId)
+  const role = normalizeAssignableRole(invitation.role, availableRoles)
+
+  let createdMember = false
+  let member = await findActiveMemberForUser({ organizationId: invitation.organizationId, userId })
+
+  if (!member) {
+    member = await claimInvitationPlaceholderMember({ invitation, userId, role })
+    createdMember = Boolean(member)
   }
 
   if (!member) {
@@ -446,38 +600,17 @@ async function acceptInvitation(invitation: InvitationRow, userId: UserId) {
       userId,
       role,
     })
+    createdMember = true
   }
 
-  if (invitation.teamId) {
-    const teams = await db
-      .select({ id: TeamTable.id })
-      .from(TeamTable)
-      .where(eq(TeamTable.id, invitation.teamId))
-      .limit(1)
-
-    if (teams[0]) {
-      const existingTeamMember = await db
-        .select({ id: TeamMemberTable.id })
-        .from(TeamMemberTable)
-        .where(and(eq(TeamMemberTable.teamId, invitation.teamId), eq(TeamMemberTable.orgMembershipId, member.id)))
-        .limit(1)
-
-      if (!existingTeamMember[0]) {
-        await db.insert(TeamMemberTable).values({
-          id: createDenTypeId("teamMember"),
-          teamId: invitation.teamId,
-          orgMembershipId: member.id,
-        })
-      }
-    }
-  }
+  await ensureInvitationTeamMembership({ invitation, memberId: member.id })
 
   await db
     .update(InvitationTable)
     .set({ status: "accepted" })
     .where(eq(InvitationTable.id, invitation.id))
 
-  return member
+  return { member, createdMember }
 }
 
 export async function acceptInvitationForUser(input: {
@@ -514,20 +647,17 @@ export async function acceptInvitationForUser(input: {
     throw new OrganizationEmailDomainRestrictionError(input.email, allowedEmailDomains ?? [])
   }
 
-  const member = await acceptInvitation(invitation, input.userId)
-  await runPostOrganizationMemberChangeHooks({ organizationId: invitation.organizationId, memberId: member.id, change: "added" })
+  const accepted = await acceptInvitation(invitation, input.userId)
+  if (accepted.createdMember) {
+    await runPostOrganizationMemberChangeHooks({ organizationId: invitation.organizationId, memberId: accepted.member.id, change: "added" })
+  }
   return {
     invitation,
-    member,
+    member: accepted.member,
   }
 }
 
 export async function getInvitationPreview(invitationIdRaw: string): Promise<InvitationPreview | null> {
-  const invitation = await getInvitationById(invitationIdRaw)
-  if (!invitation) {
-    return null
-  }
-
   const rows = await db
     .select({
       invitation: {
@@ -547,7 +677,7 @@ export async function getInvitationPreview(invitationIdRaw: string): Promise<Inv
     })
     .from(InvitationTable)
     .innerJoin(OrganizationTable, eq(InvitationTable.organizationId, OrganizationTable.id))
-    .where(eq(InvitationTable.id, invitation.id))
+    .where(getInvitationLookupWhere(invitationIdRaw))
     .limit(1)
 
   const row = rows[0]
@@ -765,7 +895,7 @@ export async function listUserOrgs(userId: UserId) {
     })
     .from(MemberTable)
     .innerJoin(OrganizationTable, eq(MemberTable.organizationId, OrganizationTable.id))
-    .where(and(eq(MemberTable.userId, userId), isNull(MemberTable.removedAt)))
+    .where(eq(MemberTable.userId, userId))
     .orderBy(asc(MemberTable.createdAt))
 
   const organizationIds = memberships.map((row) => row.organization.id)
@@ -859,34 +989,24 @@ export async function getOrganizationContextForUser(input: {
     return null
   }
 
-  if (!currentMember.userId) {
-    return null
-  }
-
   await ensureDefaultDynamicRoles(organization.id)
 
   const members = await db
     .select({
       id: MemberTable.id,
       userId: MemberTable.userId,
-      inviteId: MemberTable.inviteId,
       role: MemberTable.role,
       createdAt: MemberTable.createdAt,
-      joinedAt: MemberTable.joinedAt,
       user: {
         id: AuthUserTable.id,
         email: AuthUserTable.email,
         name: AuthUserTable.name,
         image: AuthUserTable.image,
       },
-      invitation: {
-        email: InvitationTable.email,
-      },
     })
     .from(MemberTable)
-    .leftJoin(AuthUserTable, eq(MemberTable.userId, AuthUserTable.id))
-    .leftJoin(InvitationTable, eq(MemberTable.inviteId, InvitationTable.id))
-    .where(and(eq(MemberTable.organizationId, organization.id), isNull(MemberTable.removedAt)))
+    .innerJoin(AuthUserTable, eq(MemberTable.userId, AuthUserTable.id))
+    .where(eq(MemberTable.organizationId, organization.id))
     .orderBy(asc(MemberTable.createdAt))
 
   const invitations = await db
@@ -897,7 +1017,6 @@ export async function getOrganizationContextForUser(input: {
       status: InvitationTable.status,
       expiresAt: InvitationTable.expiresAt,
       createdAt: InvitationTable.createdAt,
-      inviteToken: InvitationTable.inviteToken,
     })
     .from(InvitationTable)
     .where(eq(InvitationTable.organizationId, organization.id))
@@ -926,31 +1045,19 @@ export async function getOrganizationContextForUser(input: {
     },
     currentMember: {
       id: currentMember.id,
-      userId: currentMember.userId,
+      userId: input.userId,
       role: currentMember.role,
       createdAt: currentMember.createdAt,
-      joinedAt: currentMember.joinedAt,
       isOwner: roleIncludesOwner(currentMember.role),
     },
-    members: members.map((member) => {
-      const email = member.user?.email ?? member.invitation?.email ?? "invited@example.com"
-      const name = member.user?.name ?? getInvitedMemberName(email)
-      return {
-        id: member.id,
-        userId: member.userId,
-        inviteId: member.inviteId,
-        role: member.role,
-        createdAt: member.createdAt,
-        joinedAt: member.joinedAt,
-        isOwner: roleIncludesOwner(member.role),
-        user: {
-          id: member.user?.id ?? member.id,
-          email,
-          name,
-          image: member.user?.image ?? null,
-        },
-      }
-    }),
+    members: members.map((member) => ({
+      id: member.id,
+      userId: member.user.id,
+      role: member.role,
+      createdAt: member.createdAt,
+      user: member.user,
+      isOwner: roleIncludesOwner(member.role),
+    })),
     invitations,
     roles: [
       {
@@ -1055,7 +1162,7 @@ export async function removeOrganizationMember(input: {
     await tx
       .update(MemberTable)
       .set({ removedAt: new Date(), removedByOrgMember: input.removedByOrgMemberId ?? null, userId: null })
-      .where(eq(MemberTable.id, member.id))
+      .where(and(eq(MemberTable.id, member.id), isNull(MemberTable.removedAt)))
   })
 
   await runPostOrganizationMemberChangeHooks({ organizationId: input.organizationId, memberId: member.id, change: "removed" })
diff --git a/ee/apps/den-api/src/routes/auth/desktop-handoff.ts b/ee/apps/den-api/src/routes/auth/desktop-handoff.ts
index a2c6347a74..79247ecbb7 100644
--- a/ee/apps/den-api/src/routes/auth/desktop-handoff.ts
+++ b/ee/apps/den-api/src/routes/auth/desktop-handoff.ts
@@ -7,6 +7,7 @@ import { describeRoute } from "hono-openapi"
 import { z } from "zod"
 import { jsonValidator, requireUserMiddleware } from "../../middleware/index.js"
 import { db } from "../../db.js"
+import { env } from "../../env.js"
 import { denTypeIdSchema, invalidRequestSchema, jsonResponse, notFoundSchema, unauthorizedSchema } from "../../openapi.js"
 import type { AuthContextVariables } from "../../session.js"
 
@@ -39,6 +40,13 @@ const grantNotFoundSchema = z.object({
   message: z.string(),
 }).meta({ ref: "DesktopHandoffGrantNotFoundError" })
 
+class DesktopHandoffBaseUrlError extends Error {
+  constructor(message: string) {
+    super(message)
+    this.name = "DesktopHandoffBaseUrlError"
+  }
+}
+
 function readSingleHeader(value: string | null) {
   const first = value?.split(",")[0]?.trim() ?? ""
   return first || null
@@ -80,6 +88,29 @@ function isWebAppHost(hostname: string) {
     || normalized.startsWith("app.")
 }
 
+function configuredBrowserOrigins() {
+  const values = [env.betterAuthUrl, ...env.betterAuthTrustedOrigins]
+  return Array.from(new Set(values
+    .filter((value) => value && value !== "*")
+    .map((value) => {
+      try {
+        return new URL(value).origin.replace(/\/+$/, "")
+      } catch {
+        return null
+      }
+    })
+    .filter((value): value is string => Boolean(value))))
+}
+
+function isConfiguredBrowserOrigin(origin: string) {
+  try {
+    const normalized = new URL(origin).origin.replace(/\/+$/, "")
+    return configuredBrowserOrigins().includes(normalized)
+  } catch {
+    return false
+  }
+}
+
 function withDenProxyPath(origin: string) {
   const url = new URL(origin)
   const pathname = url.pathname.replace(/\/+$/, "")
@@ -90,12 +121,15 @@ function withDenProxyPath(origin: string) {
   return url.toString().replace(/\/+$/, "")
 }
 
-function resolveDesktopDenBaseUrl(request: Request) {
+export function resolveDesktopDenBaseUrl(request: Request) {
   const originHeader = readSingleHeader(request.headers.get("origin"))
   if (originHeader) {
     try {
       const originUrl = new URL(originHeader)
-      if ((originUrl.protocol === "https:" || originUrl.protocol === "http:") && isWebAppHost(originUrl.hostname)) {
+      if (
+        (originUrl.protocol === "https:" || originUrl.protocol === "http:")
+        && (isWebAppHost(originUrl.hostname) || isConfiguredBrowserOrigin(originUrl.origin))
+      ) {
         return withDenProxyPath(originUrl.origin)
       }
     } catch {
@@ -109,20 +143,19 @@ function resolveDesktopDenBaseUrl(request: Request) {
   const protocol = forwardedProto ?? new URL(request.url).protocol.replace(/:$/, "")
   const targetHost = forwardedHost ?? host
   if (!targetHost) {
-    return "https://app.openworklabs.com/api/den"
+    throw new DesktopHandoffBaseUrlError("Desktop handoff requires a valid request host or forwarded host.")
   }
 
   const origin = `${protocol}://${targetHost}`
   try {
     const url = new URL(origin)
-    if (isWebAppHost(url.hostname)) {
+    if (isWebAppHost(url.hostname) || isConfiguredBrowserOrigin(url.origin)) {
       return withDenProxyPath(url.origin)
     }
+    return origin
   } catch {
-    // Ignore invalid forwarded origins.
+    throw new DesktopHandoffBaseUrlError("Desktop handoff could not resolve a trusted Den base URL from request configuration.")
   }
-
-  return origin
 }
 
 function buildOpenworkDeepLink(input: {
@@ -175,7 +208,15 @@ export function registerDesktopAuthRoutes<T extends { Variables: AuthContextVari
       consumed_at: null,
     })
 
-    const denBaseUrl = resolveDesktopDenBaseUrl(c.req.raw)
+    let denBaseUrl: string
+    try {
+      denBaseUrl = resolveDesktopDenBaseUrl(c.req.raw)
+    } catch (error) {
+      if (error instanceof DesktopHandoffBaseUrlError) {
+        return c.json({ error: "desktop_handoff_base_url_invalid", message: error.message }, 400)
+      }
+      throw error
+    }
 
     return c.json({
       grant,
diff --git a/ee/apps/den-api/src/routes/org/invitations.ts b/ee/apps/den-api/src/routes/org/invitations.ts
index 2c2e139fd3..cd96a3bac5 100644
--- a/ee/apps/den-api/src/routes/org/invitations.ts
+++ b/ee/apps/den-api/src/routes/org/invitations.ts
@@ -7,7 +7,6 @@ import { z } from "zod"
 import { db } from "../../db.js"
 import { jsonValidator, paramValidator, requireUserMiddleware, resolveOrganizationContextMiddleware } from "../../middleware/index.js"
 import { denTypeIdSchema, forbiddenSchema, invalidRequestSchema, jsonResponse, notFoundSchema, successSchema, unauthorizedSchema } from "../../openapi.js"
-import { runPostOrganizationMemberChangeHooks } from "../../organization-member-hooks.js"
 import { isEmailAllowedForOrganization, listAssignableRoles, removeOrganizationMember } from "../../orgs.js"
 import { getOrganizationSeatAddEligibility } from "../../stripe-billing.js"
 import { DenEmailSendError, sendEmail } from "../../utils/email/send-email.js"
@@ -150,8 +149,6 @@ export function registerOrgInvitationRoutes<T extends { Variables: OrgRouteVaria
     const expiresAt = new Date(Date.now() + 1000 * 60 * 60 * 24 * 7)
     const invitationId = existingInvitation[0]?.id ?? createInvitationId()
     const inviteToken = createInvitationToken()
-    let createdOrgMemberId: typeof MemberTable.$inferSelect.id | null = null
-
     if (existingInvitation[0]) {
       await db
         .update(InvitationTable)
@@ -180,7 +177,6 @@ export function registerOrgInvitationRoutes<T extends { Variables: OrgRouteVaria
           role,
           joinedAt: null,
         })
-        createdOrgMemberId = memberId
       }
     } else {
       await db.insert(InvitationTable).values({
@@ -205,11 +201,6 @@ export function registerOrgInvitationRoutes<T extends { Variables: OrgRouteVaria
         role,
         joinedAt: null,
       })
-      createdOrgMemberId = memberId
-    }
-
-    if (createdOrgMemberId) {
-      await runPostOrganizationMemberChangeHooks({ organizationId: payload.organization.id, memberId: createdOrgMemberId, change: "added" })
     }
 
     try {
diff --git a/ee/apps/den-api/src/routes/org/llm-providers.ts b/ee/apps/den-api/src/routes/org/llm-providers.ts
index 5cc66da166..6e3d0e2197 100644
--- a/ee/apps/den-api/src/routes/org/llm-providers.ts
+++ b/ee/apps/den-api/src/routes/org/llm-providers.ts
@@ -33,6 +33,10 @@ type LlmProviderAccessId = typeof LlmProviderAccessTable.$inferSelect.id
 type MemberId = typeof MemberTable.$inferSelect.id
 type TeamId = typeof TeamTable.$inferSelect.id
 type LlmProviderRow = typeof LlmProviderTable.$inferSelect
+const OPENAI_AUTH_ISSUER = "https://auth.openai.com"
+const OPENAI_CODEX_CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann"
+const OPENAI_DEVICE_REDIRECT_URI = `${OPENAI_AUTH_ISSUER}/deviceauth/callback`
+const OPENAI_DEVICE_POLLING_SAFETY_MARGIN_MS = 3000
 
 type RouteFailure = {
   status: number
@@ -40,11 +44,6 @@ type RouteFailure = {
   message?: string
 }
 
-function getInvitedMemberName(email: string) {
-  const [localPart, domain = "invited"] = email.split("@")
-  return `${localPart} ${domain.split(".")[0] ?? "invited"}`.trim()
-}
-
 const providerCatalogParamsSchema = z.object({
   providerId: z.string().trim().min(1).max(255),
 })
@@ -73,10 +72,12 @@ const customProviderSchema = z.object({
 const llmProviderWriteSchema = z.object({
   name: z.string().trim().min(1).max(255),
   source: z.enum(["models_dev", "custom"]),
+  credentialKind: z.enum(["api_key", "opencode_oauth"]).optional().default("api_key"),
   providerId: z.string().trim().min(1).max(255).optional(),
   modelIds: z.array(z.string().trim().min(1).max(255)).min(1).optional(),
   customConfigText: z.string().trim().min(1).optional(),
   apiKey: z.string().trim().max(65535).optional(),
+  opencodeAuth: z.string().trim().max(65535).optional(),
   memberIds: z.array(denTypeIdSchema("member")).max(500).optional().default([]),
   teamIds: z.array(denTypeIdSchema("team")).max(500).optional().default([]),
 }).superRefine((value, ctx) => {
@@ -105,6 +106,16 @@ const llmProviderWriteSchema = z.object({
       message: "Paste a custom provider config.",
     })
   }
+
+  if (value.credentialKind === "opencode_oauth") {
+    if (value.source === "models_dev" && !isOpencodeOauthProviderAllowed(value.providerId)) {
+      ctx.addIssue({
+        code: z.ZodIssueCode.custom,
+        path: ["credentialKind"],
+        message: "OpenCode OAuth credentials can only be used with the OpenAI catalog provider.",
+      })
+    }
+  }
 })
 
 const providerCatalogListResponseSchema = z.object({
@@ -133,6 +144,24 @@ const conflictSchema = z.object({
   message: z.string().optional(),
 }).meta({ ref: "ConflictError" })
 
+const openAiOauthStartResponseSchema = z.object({
+  verificationUrl: z.string(),
+  userCode: z.string(),
+  deviceAuthId: z.string(),
+  intervalMs: z.number(),
+}).meta({ ref: "OpenAiOauthStartResponse" })
+
+const openAiOauthCompleteSchema = z.object({
+  deviceAuthId: z.string().trim().min(1),
+  userCode: z.string().trim().min(1),
+})
+
+const openAiOauthCompleteResponseSchema = z.object({
+  opencodeAuth: z.string(),
+  accountId: z.string().nullable(),
+  expires: z.number(),
+}).meta({ ref: "OpenAiOauthCompleteResponse" })
+
 function createFailure(status: number, error: string, message?: string): RouteFailure {
   return { status, error, message }
 }
@@ -141,10 +170,133 @@ function isRouteFailure(value: unknown): value is RouteFailure {
   return typeof value === "object" && value !== null && "status" in value && "error" in value
 }
 
+function parseJwtClaims(token: string): Record<string, unknown> | null {
+  const parts = token.split(".")
+  if (parts.length !== 3 || !parts[1]) return null
+  try {
+    return JSON.parse(Buffer.from(parts[1], "base64url").toString()) as Record<string, unknown>
+  } catch {
+    return null
+  }
+}
+
+function extractOpenAiAccountId(tokens: { id_token?: string; access_token?: string }) {
+  const claims = tokens.id_token ? parseJwtClaims(tokens.id_token) : tokens.access_token ? parseJwtClaims(tokens.access_token) : null
+  if (!claims) return null
+  const apiAuth = claims["https://api.openai.com/auth"]
+  if (typeof claims.chatgpt_account_id === "string") return claims.chatgpt_account_id
+  if (apiAuth && typeof apiAuth === "object" && !Array.isArray(apiAuth) && typeof (apiAuth as Record<string, unknown>).chatgpt_account_id === "string") {
+    return (apiAuth as Record<string, string>).chatgpt_account_id
+  }
+  const organizations = claims.organizations
+  if (Array.isArray(organizations)) {
+    const first = organizations.find((entry): entry is Record<string, unknown> => typeof entry === "object" && entry !== null && !Array.isArray(entry))
+    if (typeof first?.id === "string") return first.id
+  }
+  return null
+}
+
+export async function startOpenAiDeviceAuth() {
+  const response = await fetch(`${OPENAI_AUTH_ISSUER}/api/accounts/deviceauth/usercode`, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      "User-Agent": "opencode/den",
+    },
+    body: JSON.stringify({ client_id: OPENAI_CODEX_CLIENT_ID }),
+  })
+  if (!response.ok) {
+    throw createFailure(502, "openai_oauth_start_failed", `OpenAI device authorization failed with ${response.status}.`)
+  }
+  const data = await response.json() as { device_auth_id?: unknown; user_code?: unknown; interval?: unknown }
+  if (typeof data.device_auth_id !== "string" || typeof data.user_code !== "string") {
+    throw createFailure(502, "openai_oauth_start_failed", "OpenAI device authorization response was incomplete.")
+  }
+  const interval = Math.max(Number.parseInt(String(data.interval ?? "5"), 10) || 5, 1) * 1000
+  return {
+    verificationUrl: `${OPENAI_AUTH_ISSUER}/codex/device`,
+    userCode: data.user_code,
+    deviceAuthId: data.device_auth_id,
+    intervalMs: interval + OPENAI_DEVICE_POLLING_SAFETY_MARGIN_MS,
+  }
+}
+
+export async function completeOpenAiDeviceAuth(input: { deviceAuthId: string; userCode: string }) {
+  const deviceResponse = await fetch(`${OPENAI_AUTH_ISSUER}/api/accounts/deviceauth/token`, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      "User-Agent": "opencode/den",
+    },
+    body: JSON.stringify({
+      device_auth_id: input.deviceAuthId,
+      user_code: input.userCode,
+    }),
+  })
+
+  if (deviceResponse.status === 403) {
+    throw createFailure(409, "openai_oauth_pending", "OpenAI authorization is not complete yet.")
+  }
+  if (deviceResponse.status === 404) {
+    throw createFailure(410, "openai_oauth_expired", "OpenAI authorization expired. Restart the device authorization flow.")
+  }
+  if (!deviceResponse.ok) {
+    throw createFailure(502, "openai_oauth_complete_failed", `OpenAI device authorization failed with ${deviceResponse.status}.`)
+  }
+  const deviceData = await deviceResponse.json() as { authorization_code?: unknown; code_verifier?: unknown }
+  if (typeof deviceData.authorization_code !== "string" || typeof deviceData.code_verifier !== "string") {
+    throw createFailure(502, "openai_oauth_complete_failed", "OpenAI device token response was incomplete.")
+  }
+
+  const tokenResponse = await fetch(`${OPENAI_AUTH_ISSUER}/oauth/token`, {
+    method: "POST",
+    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+    body: new URLSearchParams({
+      grant_type: "authorization_code",
+      code: deviceData.authorization_code,
+      redirect_uri: OPENAI_DEVICE_REDIRECT_URI,
+      client_id: OPENAI_CODEX_CLIENT_ID,
+      code_verifier: deviceData.code_verifier,
+    }).toString(),
+  })
+  if (!tokenResponse.ok) {
+    throw createFailure(502, "openai_oauth_complete_failed", `OpenAI token exchange failed with ${tokenResponse.status}.`)
+  }
+  const tokens = await tokenResponse.json() as { id_token?: string; access_token?: string; refresh_token?: string; expires_in?: number }
+  if (!tokens.access_token || !tokens.refresh_token) {
+    throw createFailure(502, "openai_oauth_complete_failed", "OpenAI token response did not include OAuth tokens.")
+  }
+  const expires = Date.now() + (tokens.expires_in ?? 3600) * 1000
+  const accountId = extractOpenAiAccountId(tokens)
+  return {
+    opencodeAuth: JSON.stringify({
+      type: "oauth",
+      refresh: tokens.refresh_token,
+      access: tokens.access_token,
+      expires,
+      ...(accountId ? { accountId } : {}),
+    }),
+    accountId,
+    expires,
+  }
+}
+
 function isOrganizationAdmin(payload: { currentMember: { isOwner: boolean; role: string } }) {
   return payload.currentMember.isOwner || memberHasRole(payload.currentMember.role, "admin")
 }
 
+export function isOpencodeOauthProviderAllowed(providerId: string | undefined | null) {
+  return providerId?.trim().toLowerCase() === "openai"
+}
+
+export function canUseOpenAiOAuthCredentialFlow(payload: { currentMember: { isOwner: boolean; role: string } }) {
+  return isOrganizationAdmin(payload)
+}
+
+export function canImportLlmProviderCredential(payload: { currentMember: { isOwner: boolean; role: string } }) {
+  return isOrganizationAdmin(payload)
+}
+
 function canManageLlmProvider(
   payload: { currentMember: { id: MemberId; isOwner: boolean; role: string } },
   provider: LlmProviderRow,
@@ -175,6 +327,80 @@ function parseLlmProviderAccessId(value: string) {
   return normalizeDenTypeId("llmProviderAccess", value)
 }
 
+export function getCredentialFlags(provider: Pick<LlmProviderRow, "credentialKind" | "apiKey" | "opencodeAuth">) {
+  const hasApiKey = Boolean(provider.apiKey && provider.apiKey.trim().length > 0)
+  const hasOpencodeAuth = Boolean(provider.opencodeAuth && provider.opencodeAuth.trim().length > 0)
+  return {
+    hasApiKey,
+    hasOpencodeAuth,
+    hasCredential: provider.credentialKind === "opencode_oauth" ? hasOpencodeAuth : hasApiKey,
+  }
+}
+
+export function redactLlmProviderCredentials<T extends { apiKey?: unknown; opencodeAuth?: unknown }>(provider: T): Omit<T, "apiKey" | "opencodeAuth"> & { apiKey: undefined; opencodeAuth: undefined } {
+  return {
+    ...provider,
+    apiKey: undefined,
+    opencodeAuth: undefined,
+  }
+}
+
+export function serializeLlmProviderAccessUser(input: {
+  user: { id: string | null; name: string | null; email: string | null; image: string | null } | null
+  invitation: { email: string | null } | null
+}) {
+  return input.user?.id
+    ? input.user
+    : {
+        id: null,
+        name: null,
+        email: input.invitation?.email ?? null,
+        image: null,
+      }
+}
+
+function buildLlmProviderCredentialPayload(provider: LlmProviderRow) {
+  return {
+    ...redactLlmProviderCredentials(provider),
+    ...getCredentialFlags(provider),
+    apiKey: provider.credentialKind === "api_key" ? provider.apiKey : undefined,
+    opencodeAuth: provider.credentialKind === "opencode_oauth" ? provider.opencodeAuth : undefined,
+  }
+}
+
+function normalizeOpencodeAuth(value: string | undefined) {
+  const trimmed = value?.trim()
+  if (!trimmed) return null
+
+  try {
+    const parsed = JSON.parse(trimmed) as unknown
+    if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
+      throw new Error("OpenCode OAuth auth must be a JSON object.")
+    }
+    const auth = parsed as Record<string, unknown>
+    if (auth.type !== "oauth") {
+      throw new Error('OpenCode OAuth auth must include "type": "oauth".')
+    }
+    if (typeof auth.access !== "string" || !auth.access.trim()) {
+      throw new Error("OpenCode OAuth auth must include an access token.")
+    }
+    if (typeof auth.refresh !== "string" || !auth.refresh.trim()) {
+      throw new Error("OpenCode OAuth auth must include a refresh token.")
+    }
+    if (typeof auth.expires !== "number" || !Number.isFinite(auth.expires) || auth.expires < 0) {
+      throw new Error("OpenCode OAuth auth must include a non-negative numeric expires value.")
+    }
+  } catch (error) {
+    throw createFailure(
+      400,
+      "invalid_opencode_auth",
+      error instanceof Error ? error.message : "OpenCode OAuth auth must be valid JSON.",
+    )
+  }
+
+  return trimmed
+}
+
 function parseMemberId(value: string) {
   return normalizeDenTypeId("member", value)
 }
@@ -215,7 +441,7 @@ async function listAccessibleProviderAccess(input: {
     .where(accessWhere)
 }
 
-async function resolveMemberIds(input: {
+export async function resolveMemberIds(input: {
   organizationId: typeof LlmProviderTable.$inferSelect.organizationId
   values: string[]
 }) {
@@ -235,7 +461,11 @@ async function resolveMemberIds(input: {
   const rows = await db
     .select({ id: MemberTable.id })
     .from(MemberTable)
-    .where(and(eq(MemberTable.organizationId, input.organizationId), inArray(MemberTable.id, memberIds), isNull(MemberTable.removedAt)))
+    .where(and(
+      eq(MemberTable.organizationId, input.organizationId),
+      inArray(MemberTable.id, memberIds),
+      isNull(MemberTable.removedAt),
+    ))
 
   if (rows.length !== memberIds.length) {
     throw createFailure(404, "member_not_found")
@@ -274,6 +504,10 @@ async function resolveTeamIds(input: {
 }
 
 async function normalizeLlmProviderInput(input: z.infer<typeof llmProviderWriteSchema>) {
+  const credentialKind = input.credentialKind
+  const apiKey = credentialKind === "api_key" ? input.apiKey?.trim() || null : null
+  const opencodeAuth = credentialKind === "opencode_oauth" ? normalizeOpencodeAuth(input.opencodeAuth) : null
+
   if (input.source === "models_dev") {
     const provider = await getModelsDevProvider(input.providerId ?? "")
     if (!provider) {
@@ -290,10 +524,9 @@ async function normalizeLlmProviderInput(input: z.infer<typeof llmProviderWriteS
       return model
     })
 
-    const apiKey = input.apiKey?.trim() || null
-
     return {
       source: input.source,
+      credentialKind,
       providerId: provider.id,
       name: input.name,
       providerConfig: provider.config,
@@ -303,6 +536,7 @@ async function normalizeLlmProviderInput(input: z.infer<typeof llmProviderWriteS
         config: model.config,
       })),
       apiKey,
+      opencodeAuth,
     }
   }
 
@@ -323,9 +557,13 @@ async function normalizeLlmProviderInput(input: z.infer<typeof llmProviderWriteS
   }
 
   const { models, ...providerConfig } = customProvider.data
+  if (credentialKind === "opencode_oauth" && !isOpencodeOauthProviderAllowed(customProvider.data.id)) {
+    throw createFailure(400, "invalid_credential_kind", "OpenCode OAuth credentials can only be used with the OpenAI provider.")
+  }
 
   return {
     source: input.source,
+    credentialKind,
     providerId: customProvider.data.id,
     name: input.name,
     providerConfig: providerConfig as JsonRecord,
@@ -334,11 +572,12 @@ async function normalizeLlmProviderInput(input: z.infer<typeof llmProviderWriteS
       name: model.name,
       config: model as JsonRecord,
     })),
-    apiKey: input.apiKey?.trim() || null,
+    apiKey,
+    opencodeAuth,
   }
 }
 
-async function loadLlmProviders(input: {
+export async function loadLlmProviders(input: {
   organizationId: typeof LlmProviderTable.$inferSelect.organizationId
   currentMemberId: MemberId
   memberTeams: Array<{ id: TeamId }>
@@ -394,6 +633,10 @@ async function loadLlmProviders(input: {
       member: {
         id: MemberTable.id,
         role: MemberTable.role,
+        removedAt: MemberTable.removedAt,
+      },
+      invitation: {
+        email: InvitationTable.email,
       },
       user: {
         id: AuthUserTable.id,
@@ -401,15 +644,16 @@ async function loadLlmProviders(input: {
         email: AuthUserTable.email,
         image: AuthUserTable.image,
       },
-      invitation: {
-        email: InvitationTable.email,
-      },
     })
     .from(LlmProviderAccessTable)
     .innerJoin(MemberTable, eq(LlmProviderAccessTable.orgMembershipId, MemberTable.id))
     .leftJoin(AuthUserTable, eq(MemberTable.userId, AuthUserTable.id))
     .leftJoin(InvitationTable, eq(MemberTable.inviteId, InvitationTable.id))
-    .where(and(inArray(LlmProviderAccessTable.llmProviderId, providerIds), isNotNull(LlmProviderAccessTable.orgMembershipId), isNull(MemberTable.removedAt)))
+    .where(and(
+      inArray(LlmProviderAccessTable.llmProviderId, providerIds),
+      isNotNull(LlmProviderAccessTable.orgMembershipId),
+      isNull(MemberTable.removedAt),
+    ))
 
   const teamAccessRows = await db
     .select({
@@ -438,6 +682,7 @@ async function loadLlmProviders(input: {
 
   const memberAccessByProviderId = new Map<LlmProviderId, typeof memberAccessRows>()
   for (const row of memberAccessRows) {
+    if (row.member.removedAt) continue
     const existing = memberAccessByProviderId.get(row.access.llmProviderId) ?? []
     existing.push(row)
     memberAccessByProviderId.set(row.access.llmProviderId, existing)
@@ -464,7 +709,7 @@ async function loadLlmProviders(input: {
 
   return providers.map((provider) => ({
     ...provider,
-    hasApiKey: Boolean(provider.apiKey && provider.apiKey.trim().length > 0),
+    ...getCredentialFlags(provider),
     models: (modelsByProviderId.get(provider.id) ?? [])
       .map((model) => ({
         id: model.modelId,
@@ -474,21 +719,13 @@ async function loadLlmProviders(input: {
       }))
       .sort((left, right) => left.name.localeCompare(right.name)),
     access: {
-      members: (memberAccessByProviderId.get(provider.id) ?? []).map((row) => {
-        const email = row.user?.email ?? row.invitation?.email ?? "invited@example.com"
-        return {
-          id: row.access.id,
-          orgMembershipId: row.member.id,
-          role: row.member.role,
-          user: {
-            id: row.user?.id ?? row.member.id,
-            name: row.user?.name ?? getInvitedMemberName(email),
-            email,
-            image: row.user?.image ?? null,
-          },
-          createdAt: row.access.createdAt,
-        }
-      }),
+      members: (memberAccessByProviderId.get(provider.id) ?? []).map((row) => ({
+        id: row.access.id,
+        orgMembershipId: row.member.id,
+        role: row.member.role,
+        user: serializeLlmProviderAccessUser(row),
+        createdAt: row.access.createdAt,
+      })),
       teams: (teamAccessByProviderId.get(provider.id) ?? []).map((row) => ({
         id: row.access.id,
         teamId: row.team.id,
@@ -502,6 +739,69 @@ async function loadLlmProviders(input: {
 }
 
 export function registerOrgLlmProviderRoutes<T extends { Variables: OrgRouteVariables & Partial<MemberTeamsContext> }>(app: Hono<T>) {
+  app.post(
+    "/v1/llm-providers/openai-oauth/start",
+    describeRoute({
+      tags: ["LLM Providers"],
+      summary: "Start OpenAI OAuth device flow",
+      description: "Starts the same OpenAI/ChatGPT device auth flow used by OpenCode and returns the user code.",
+      responses: {
+        200: jsonResponse("OpenAI OAuth device flow started successfully.", openAiOauthStartResponseSchema),
+        401: jsonResponse("The caller must be signed in to connect OpenAI.", unauthorizedSchema),
+        403: jsonResponse("Only organization admins can connect OpenAI OAuth credentials.", forbiddenSchema),
+        502: jsonResponse("OpenAI OAuth could not be started.", conflictSchema),
+      },
+    }),
+    requireUserMiddleware,
+    resolveOrganizationContextMiddleware,
+    async (c) => {
+      const payload = c.get("organizationContext")
+      if (!canUseOpenAiOAuthCredentialFlow(payload)) {
+        return c.json({ error: "forbidden", message: "Only organization admins can connect OpenAI OAuth credentials." }, 403)
+      }
+
+      try {
+        return c.json(await startOpenAiDeviceAuth())
+      } catch (error) {
+        if (isRouteFailure(error)) return c.json({ error: error.error, message: error.message }, { status: error.status as 409 | 502 })
+        throw error
+      }
+    },
+  )
+
+  app.post(
+    "/v1/llm-providers/openai-oauth/complete",
+    describeRoute({
+      tags: ["LLM Providers"],
+      summary: "Complete OpenAI OAuth device flow",
+      description: "Completes OpenAI device auth and returns an OpenCode-native OAuth auth object serialized as JSON.",
+      responses: {
+        200: jsonResponse("OpenAI OAuth completed successfully.", openAiOauthCompleteResponseSchema),
+        401: jsonResponse("The caller must be signed in to complete OpenAI auth.", unauthorizedSchema),
+        403: jsonResponse("Only organization admins can connect OpenAI OAuth credentials.", forbiddenSchema),
+        409: jsonResponse("OpenAI authorization is still pending.", conflictSchema),
+        502: jsonResponse("OpenAI OAuth could not be completed.", conflictSchema),
+      },
+    }),
+    requireUserMiddleware,
+    resolveOrganizationContextMiddleware,
+    jsonValidator(openAiOauthCompleteSchema),
+    async (c) => {
+      const payload = c.get("organizationContext")
+      if (!canUseOpenAiOAuthCredentialFlow(payload)) {
+        return c.json({ error: "forbidden", message: "Only organization admins can connect OpenAI OAuth credentials." }, 403)
+      }
+
+      const input = c.req.valid("json")
+      try {
+        return c.json(await completeOpenAiDeviceAuth(input))
+      } catch (error) {
+        if (isRouteFailure(error)) return c.json({ error: error.error, message: error.message }, { status: error.status as 409 | 502 })
+        throw error
+      }
+    },
+  )
+
   app.get(
     "/v1/llm-provider-catalog",
     describeRoute({
@@ -607,8 +907,7 @@ export function registerOrgLlmProviderRoutes<T extends { Variables: OrgRouteVari
 
       return c.json({
         llmProviders: providers.map((provider) => ({
-          ...provider,
-          apiKey: undefined,
+          ...redactLlmProviderCredentials(provider),
           canManage: canManageLlmProvider(payload, provider),
         })),
       })
@@ -677,7 +976,72 @@ export function registerOrgLlmProviderRoutes<T extends { Variables: OrgRouteVari
 
       return c.json({
         llmProvider: {
-          ...provider,
+          ...redactLlmProviderCredentials(provider),
+          ...getCredentialFlags(provider),
+          models: models
+            .map((model) => ({
+              id: model.modelId,
+              name: model.name,
+              config: model.modelConfig,
+              createdAt: model.createdAt,
+            }))
+            .sort((left, right) => left.name.localeCompare(right.name)),
+        },
+      })
+    },
+  )
+
+  app.get(
+    "/v1/llm-providers/:llmProviderId/import-credential",
+    describeRoute({
+      tags: ["LLM Providers"],
+      summary: "Get LLM provider import credential",
+      description: "Returns a stored organization LLM provider credential for explicit import into a managed OpenCode client.",
+      responses: {
+        200: jsonResponse("Provider import credential returned successfully.", llmProviderResponseSchema),
+        400: jsonResponse("The provider import path parameters were invalid.", invalidRequestSchema),
+        401: jsonResponse("The caller must be signed in to import an organization LLM provider credential.", unauthorizedSchema),
+        403: jsonResponse("Only members who can manage this provider can import its credential.", forbiddenSchema),
+        404: jsonResponse("The provider could not be found.", notFoundSchema),
+      },
+    }),
+    requireUserMiddleware,
+    paramValidator(orgLlmProviderParamsSchema),
+    resolveOrganizationContextMiddleware,
+    async (c) => {
+      const payload = c.get("organizationContext")
+      const params = c.req.valid("param")
+
+      let llmProviderId: LlmProviderId
+      try {
+        llmProviderId = parseLlmProviderId(params.llmProviderId)
+      } catch {
+        return c.json({ error: "llm_provider_not_found" }, 404)
+      }
+
+      const providerRows = await db
+        .select()
+        .from(LlmProviderTable)
+        .where(and(eq(LlmProviderTable.id, llmProviderId), eq(LlmProviderTable.organizationId, payload.organization.id)))
+        .limit(1)
+
+      const provider = providerRows[0]
+      if (!provider) {
+        return c.json({ error: "llm_provider_not_found" }, 404)
+      }
+
+      if (!canImportLlmProviderCredential(payload)) {
+        return c.json({ error: "forbidden", message: "Only organization admins can import provider credentials." }, 403)
+      }
+
+      const models = await db
+        .select()
+        .from(LlmProviderModelTable)
+        .where(eq(LlmProviderModelTable.llmProviderId, llmProviderId))
+
+      return c.json({
+        llmProvider: {
+          ...buildLlmProviderCredentialPayload(provider),
           models: models
             .map((model) => ({
               id: model.modelId,
@@ -732,10 +1096,12 @@ export function registerOrgLlmProviderRoutes<T extends { Variables: OrgRouteVari
             organizationId: payload.organization.id,
             createdByOrgMembershipId: payload.currentMember.id,
             source: normalized.source,
+            credentialKind: normalized.credentialKind,
             providerId: normalized.providerId,
             name: normalized.name,
             providerConfig: normalized.providerConfig,
             apiKey: normalized.apiKey,
+            opencodeAuth: normalized.opencodeAuth,
             createdAt: now,
             updatedAt: now,
           })
@@ -781,10 +1147,13 @@ export function registerOrgLlmProviderRoutes<T extends { Variables: OrgRouteVari
             organizationId: payload.organization.id,
             createdByOrgMembershipId: payload.currentMember.id,
             source: normalized.source,
+            credentialKind: normalized.credentialKind,
             providerId: normalized.providerId,
             name: normalized.name,
             providerConfig: normalized.providerConfig,
             hasApiKey: Boolean(normalized.apiKey),
+            hasOpencodeAuth: Boolean(normalized.opencodeAuth),
+            hasCredential: normalized.credentialKind === "opencode_oauth" ? Boolean(normalized.opencodeAuth) : Boolean(normalized.apiKey),
             createdAt: now,
             updatedAt: now,
           },
@@ -868,10 +1237,16 @@ export function registerOrgLlmProviderRoutes<T extends { Variables: OrgRouteVari
             .update(LlmProviderTable)
             .set({
               source: normalized.source,
+              credentialKind: normalized.credentialKind,
               providerId: normalized.providerId,
               name: normalized.name,
               providerConfig: normalized.providerConfig,
-              apiKey: input.apiKey === undefined ? provider.apiKey : normalized.apiKey,
+              apiKey: normalized.credentialKind === "api_key"
+                ? (input.apiKey === undefined ? provider.apiKey : normalized.apiKey)
+                : null,
+              opencodeAuth: normalized.credentialKind === "opencode_oauth"
+                ? (input.opencodeAuth === undefined ? provider.opencodeAuth : normalized.opencodeAuth)
+                : null,
               updatedAt,
             })
             .where(eq(LlmProviderTable.id, provider.id))
@@ -916,12 +1291,21 @@ export function registerOrgLlmProviderRoutes<T extends { Variables: OrgRouteVari
 
         return c.json({
           llmProvider: {
-            ...provider,
+            ...redactLlmProviderCredentials(provider),
             source: normalized.source,
             providerId: normalized.providerId,
             name: normalized.name,
             providerConfig: normalized.providerConfig,
-            hasApiKey: input.apiKey === undefined ? Boolean(provider.apiKey) : Boolean(normalized.apiKey),
+            credentialKind: normalized.credentialKind,
+            hasApiKey: normalized.credentialKind === "api_key"
+              ? (input.apiKey === undefined ? Boolean(provider.apiKey) : Boolean(normalized.apiKey))
+              : false,
+            hasOpencodeAuth: normalized.credentialKind === "opencode_oauth"
+              ? (input.opencodeAuth === undefined ? Boolean(provider.opencodeAuth) : Boolean(normalized.opencodeAuth))
+              : false,
+            hasCredential: normalized.credentialKind === "opencode_oauth"
+              ? (input.opencodeAuth === undefined ? Boolean(provider.opencodeAuth) : Boolean(normalized.opencodeAuth))
+              : (input.apiKey === undefined ? Boolean(provider.apiKey) : Boolean(normalized.apiKey)),
             updatedAt,
           },
         })
diff --git a/ee/apps/den-api/src/routes/org/plugin-system/store.ts b/ee/apps/den-api/src/routes/org/plugin-system/store.ts
index ab84c66a66..f4723c2cf5 100644
--- a/ee/apps/den-api/src/routes/org/plugin-system/store.ts
+++ b/ee/apps/den-api/src/routes/org/plugin-system/store.ts
@@ -817,7 +817,7 @@ async function ensureGrantTargetsInOrganization(context: PluginArchActorContext,
     const member = await db
       .select({ id: MemberTable.id })
       .from(MemberTable)
-      .where(and(eq(MemberTable.organizationId, organizationId), eq(MemberTable.id, value.orgMembershipId)))
+      .where(and(eq(MemberTable.organizationId, organizationId), eq(MemberTable.id, value.orgMembershipId), isNull(MemberTable.removedAt)))
       .limit(1)
     if (!member[0]) {
       throw new PluginArchRouteFailure(404, "member_not_found", "Member not found.")
@@ -2945,7 +2945,6 @@ async function buildConnectorAutomationContext(input: { connectorInstance: Conne
         createdAt: member.createdAt,
         id: member.id,
         isOwner: roleIncludesOwner(member.role),
-        joinedAt: member.joinedAt,
         role: member.role,
         userId: member.userId,
       },
diff --git a/ee/apps/den-api/src/routes/workers/core.ts b/ee/apps/den-api/src/routes/workers/core.ts
index 2d0be1fe80..c6f0ab0d0d 100644
--- a/ee/apps/den-api/src/routes/workers/core.ts
+++ b/ee/apps/den-api/src/routes/workers/core.ts
@@ -1,17 +1,21 @@
-import { desc, eq } from "@openwork-ee/den-db/drizzle"
-import { WorkerTable, WorkerTokenTable } from "@openwork-ee/den-db/schema"
+import { and, desc, eq, inArray } from "@openwork-ee/den-db/drizzle"
+import { WorkerInstanceTable, WorkerTable, WorkerTokenTable } from "@openwork-ee/den-db/schema"
 import { createDenTypeId, normalizeDenTypeId } from "@openwork-ee/utils/typeid"
 import type { Hono } from "hono"
+import type { MiddlewareHandler } from "hono"
 import { describeRoute } from "hono-openapi"
 import { z } from "zod"
 import { db } from "../../db.js"
-import { jsonValidator, paramValidator, queryValidator, requireUserMiddleware, resolveUserOrganizationsMiddleware } from "../../middleware/index.js"
+import { env } from "../../env.js"
+import { jsonValidator, paramValidator, queryValidator, requireUserMiddleware, resolveOrganizationContextMiddleware, resolveUserOrganizationsMiddleware } from "../../middleware/index.js"
 import { denTypeIdSchema, emptyResponse, forbiddenSchema, invalidRequestSchema, jsonResponse, notFoundSchema, unauthorizedSchema } from "../../openapi.js"
 import { getOrganizationLimitStatus } from "../../organization-limits.js"
 import { getRequiredUserEmail } from "../../user.js"
 import type { WorkerRouteVariables } from "./shared.js"
 import {
   continueCloudProvisioning,
+  attachStaticWorkerSchema,
+  canAttachStaticWorkerForMember,
   createWorkerSchema,
   deleteWorkerCascade,
   getLatestWorkerInstance,
@@ -20,10 +24,14 @@ import {
   listWorkersQuerySchema,
   parseWorkerIdParam,
   requireCloudAccessOrPayment,
+  shouldUseSignupAutoExistingWorker,
   toInstanceResponse,
   toWorkerResponse,
   token,
   updateWorkerSchema,
+  type ValidatedStaticWorkerAttachUrl,
+  validateResolvedStaticWorkerAttachUrl,
+  withStaticAssignmentLock,
   workerIdParamSchema,
 } from "./shared.js"
 
@@ -79,6 +87,15 @@ const workerCreateResponseSchema = z.object({
   }),
 }).meta({ ref: "WorkerCreateResponse" })
 
+const staticWorkerAttachResponseSchema = z.object({
+  worker: workerSchema,
+  instance: workerInstanceSchema,
+  launch: z.object({
+    mode: z.literal("attached"),
+    pollAfterMs: z.literal(0),
+  }),
+}).meta({ ref: "StaticWorkerAttachResponse" })
+
 const workerTokensResponseSchema = z.object({
   tokens: z.object({
     owner: z.string(),
@@ -91,6 +108,8 @@ const workerTokensResponseSchema = z.object({
   }).nullable(),
 }).meta({ ref: "WorkerTokensResponse" })
 
+type WorkerRow = typeof WorkerTable.$inferSelect
+
 const organizationUnavailableSchema = z.object({
   error: z.literal("organization_unavailable"),
 }).meta({ ref: "OrganizationUnavailableError" })
@@ -124,6 +143,305 @@ const workerRuntimeUnavailableSchema = z.object({
   message: z.string(),
 })).meta({ ref: "WorkerConnectionError" })
 
+async function getExistingSignupAutoWorkerResponse(input: {
+  orgId: WorkerRow["org_id"]
+  userId: NonNullable<WorkerRow["created_by_user_id"]>
+}) {
+  const rows = await db
+    .select()
+    .from(WorkerTable)
+    .where(eq(WorkerTable.org_id, input.orgId))
+    .orderBy(desc(WorkerTable.created_at))
+    .limit(1)
+
+  const existingWorker = rows[0]
+  if (!existingWorker) {
+    return null
+  }
+
+  const instance = await getLatestWorkerInstance(existingWorker.id)
+  const tokensAndConnect = await getWorkerTokensAndConnect(existingWorker)
+  const tokens = "tokens" in tokensAndConnect ? tokensAndConnect.tokens : undefined
+  if (!tokens) {
+    return null
+  }
+
+  return {
+    worker: toWorkerResponse(existingWorker, input.userId),
+    tokens,
+    instance: toInstanceResponse(instance),
+    launch: { mode: "existing", pollAfterMs: 0 },
+  }
+}
+
+export async function fetchStaticWorker(url: string, path: string, headers: Record<string, string>) {
+  return fetch(`${url}${path}`, {
+    method: "GET",
+    redirect: "manual",
+    headers: { Accept: "application/json", ...headers },
+    signal: AbortSignal.timeout(env.staticWorkers.healthcheckTimeoutMs),
+  })
+}
+
+function formatIpForUrl(address: string) {
+  return address.includes(":") ? `[${address}]` : address
+}
+
+export async function fetchPinnedStaticWorker(target: ValidatedStaticWorkerAttachUrl, path: string, headers: Record<string, string>) {
+  const original = new URL(target.url)
+  const resolvedAddress = original.protocol === "http:" ? target.resolvedAddresses[0]?.address : undefined
+  const pinned = resolvedAddress ? new URL(target.url) : original
+  if (resolvedAddress) {
+    pinned.hostname = formatIpForUrl(resolvedAddress)
+  }
+  const hostHeader = original.port ? `${original.hostname}:${original.port}` : original.hostname
+  return fetch(`${pinned.toString().replace(/\/+$/, "")}${path}`, {
+    method: "GET",
+    redirect: "manual",
+    headers: {
+      Accept: "application/json",
+      ...(resolvedAddress && original.protocol === "http:" ? { Host: hostHeader } : {}),
+      ...headers,
+    },
+    signal: AbortSignal.timeout(env.staticWorkers.healthcheckTimeoutMs),
+  })
+}
+
+export async function assertStaticWorkerReachable(url: string | ValidatedStaticWorkerAttachUrl, clientToken: string, hostToken: string) {
+  const fetchWorker = typeof url === "string"
+    ? (path: string, headers: Record<string, string>) => fetchStaticWorker(url, path, headers)
+    : (path: string, headers: Record<string, string>) => fetchPinnedStaticWorker(url, path, headers)
+
+  const clientResponse = await fetchWorker("/workspaces", {
+    Authorization: `Bearer ${clientToken}`,
+  })
+
+  if (!clientResponse.ok) {
+    throw new Error(`Worker rejected the provided client token with HTTP ${clientResponse.status}`)
+  }
+
+  const hostResponse = await fetchWorker("/env/keys", {
+    "X-OpenWork-Host-Token": hostToken,
+  })
+
+  if (!hostResponse.ok) {
+    throw new Error(`Worker rejected the provided host token with HTTP ${hostResponse.status}`)
+  }
+}
+
+type StaticAttachTx = Pick<typeof db, "insert" | "select">
+type StaticAttachInput = z.infer<typeof attachStaticWorkerSchema>
+type StaticAttachRouteDeps = {
+  middlewares?: MiddlewareHandler<{ Variables: WorkerRouteVariables }>[]
+  data?: StaticAttachTx
+  lookup?: Parameters<typeof validateResolvedStaticWorkerAttachUrl>[2]
+  fetchReachable?: (url: ValidatedStaticWorkerAttachUrl, clientToken: string, hostToken: string) => Promise<void>
+  lock?: <T>(run: (tx: StaticAttachTx) => Promise<T>) => Promise<T>
+  getWorkerLimit?: typeof getOrganizationLimitStatus
+}
+
+async function findActiveStaticWorkerByUrl(tx: Pick<typeof db, "select">, normalizedUrl: string) {
+  return tx
+    .select({ id: WorkerInstanceTable.id })
+    .from(WorkerInstanceTable)
+    .where(
+      and(
+        eq(WorkerInstanceTable.provider, "static"),
+        eq(WorkerInstanceTable.url, normalizedUrl),
+        inArray(WorkerInstanceTable.status, ["provisioning", "healthy"]),
+      ),
+    )
+    .limit(1)
+}
+
+function staticAttachDuplicateResponse() {
+  return {
+    error: "worker_url_already_attached",
+    message: "This static worker URL is already attached to an active Den worker.",
+  }
+}
+
+export function registerStaticWorkerAttachRoute(app: Hono<{ Variables: WorkerRouteVariables }>, deps: StaticAttachRouteDeps = {}) {
+  const routeMiddlewares = deps.middlewares ?? [requireUserMiddleware, resolveOrganizationContextMiddleware, jsonValidator(attachStaticWorkerSchema)]
+  const data = deps.data ?? db
+  const fetchReachable = deps.fetchReachable ?? assertStaticWorkerReachable
+  const lock = deps.lock ?? ((run) => withStaticAssignmentLock(run))
+  const getWorkerLimit = deps.getWorkerLimit ?? getOrganizationLimitStatus
+
+  app.post(
+    "/v1/workers/static-attach",
+    describeRoute({
+      tags: ["Workers"],
+      summary: "Attach static worker",
+      description: "Registers a pre-running LAN/OpenWork worker for the active organization using its existing runtime URL and tokens.",
+      responses: {
+        201: jsonResponse("Static worker attached successfully.", staticWorkerAttachResponseSchema),
+        400: jsonResponse("The static worker attach payload was invalid.", invalidRequestSchema),
+        401: jsonResponse("The caller must be signed in to attach workers.", unauthorizedSchema),
+        403: jsonResponse("Only organization owners and admins can attach static workers.", forbiddenSchema),
+        409: jsonResponse("The organization has reached its worker limit or the URL is already attached.", orgLimitReachedSchema.or(z.object({ error: z.literal("worker_url_already_attached"), message: z.string() }))),
+      },
+    }),
+    ...(routeMiddlewares as never[]),
+    async (c) => {
+    const user = c.get("user")
+    const orgId = c.get("activeOrganizationId")
+    const organizationContext = c.get("organizationContext")
+    const input = c.req.valid("json" as never) as StaticAttachInput
+
+    if (!user?.id) {
+      return c.json({ error: "unauthorized" }, 401)
+    }
+
+    if (!orgId) {
+      return c.json({ error: "organization_unavailable" }, 400)
+    }
+
+    const normalizedOrgId = normalizeDenTypeId("organization", orgId)
+    const normalizedUserId = normalizeDenTypeId("user", user.id)
+
+    if (!organizationContext || !canAttachStaticWorkerForMember(organizationContext)) {
+      return c.json({
+        error: "forbidden",
+        message: "Only organization owners and admins can attach static workers.",
+      }, 403)
+    }
+
+    const validatedUrl = await validateResolvedStaticWorkerAttachUrl(input.url, {
+      allowPrivate: env.staticWorkers.allowPrivateAttach,
+      allowedHosts: env.staticWorkers.attachAllowedHosts,
+      allowedCidrs: env.staticWorkers.attachAllowedCidrs,
+    }, deps.lookup)
+    if (!validatedUrl.ok) {
+      return c.json({ error: "invalid_request", message: validatedUrl.message }, 400)
+    }
+
+    const normalizedUrl = validatedUrl.url
+    const existing = await findActiveStaticWorkerByUrl(data, normalizedUrl)
+    if (existing.length > 0) {
+      return c.json(staticAttachDuplicateResponse(), 409)
+    }
+
+    try {
+      await fetchReachable(validatedUrl, input.clientToken.trim(), input.hostToken.trim())
+    } catch (error) {
+      return c.json({
+        error: "invalid_request",
+        message: "Static worker verification failed with the provided URL and tokens.",
+      }, 400)
+    }
+
+    const workerId = createDenTypeId("worker")
+    const instanceId = createDenTypeId("workerInstance")
+    const activityToken = input.activityToken?.trim() || token()
+    const now = new Date()
+
+    const insertResult = await lock(async (tx) => {
+      const duplicateRows = await findActiveStaticWorkerByUrl(tx, normalizedUrl)
+      if (duplicateRows.length > 0) {
+        return { status: "duplicate" as const }
+      }
+
+      const workerLimit = await getWorkerLimit(normalizedOrgId, "workers")
+      if (workerLimit.exceeded) {
+        return { status: "limit" as const, workerLimit }
+      }
+
+      await tx.insert(WorkerTable).values({
+        id: workerId,
+        org_id: normalizedOrgId,
+        created_by_user_id: normalizedUserId,
+        name: input.name,
+        description: input.description?.trim() || null,
+        destination: "cloud",
+        status: "healthy",
+        image_version: null,
+        workspace_path: null,
+        sandbox_backend: "static",
+      } as never)
+
+      await tx.insert(WorkerTokenTable).values([
+        {
+          id: createDenTypeId("workerToken"),
+          worker_id: workerId,
+          scope: "host",
+          token: input.hostToken.trim(),
+        },
+        {
+          id: createDenTypeId("workerToken"),
+          worker_id: workerId,
+          scope: "client",
+          token: input.clientToken.trim(),
+        },
+        {
+          id: createDenTypeId("workerToken"),
+          worker_id: workerId,
+          scope: "activity",
+          token: activityToken,
+        },
+      ] as never)
+
+      await tx.insert(WorkerInstanceTable).values({
+        id: instanceId,
+        worker_id: workerId,
+        provider: "static",
+        region: "on-prem",
+        url: normalizedUrl,
+        status: "healthy",
+      } as never)
+      return { status: "inserted" as const }
+    })
+
+    if (insertResult.status === "duplicate") {
+      return c.json(staticAttachDuplicateResponse(), 409)
+    }
+
+    if (insertResult.status === "limit") {
+      return c.json({
+        error: "org_limit_reached",
+        limitType: "workers",
+        limit: insertResult.workerLimit.limit,
+        currentCount: insertResult.workerLimit.currentCount,
+        message: `This workspace currently supports up to ${insertResult.workerLimit.limit} workers. Contact support to increase the limit.`,
+      }, 409)
+    }
+
+    return c.json({
+      worker: toWorkerResponse(
+        {
+          id: workerId,
+          org_id: normalizedOrgId,
+          created_by_user_id: normalizedUserId,
+          name: input.name,
+          description: input.description?.trim() || null,
+          destination: "cloud",
+          status: "healthy",
+          image_version: null,
+          workspace_path: null,
+          sandbox_backend: "static",
+          last_heartbeat_at: null,
+          last_active_at: null,
+          created_at: now,
+          updated_at: now,
+        },
+        normalizedUserId,
+      ),
+      instance: toInstanceResponse({
+        id: instanceId,
+        worker_id: workerId,
+        provider: "static",
+        region: "on-prem",
+        url: normalizedUrl,
+        status: "healthy",
+        created_at: now,
+        updated_at: now,
+      }),
+      launch: { mode: "attached", pollAfterMs: 0 },
+    }, 201)
+    },
+  )
+}
+
 export function registerWorkerCoreRoutes<T extends { Variables: WorkerRouteVariables }>(app: Hono<T>) {
   app.get(
     "/v1/workers",
@@ -197,6 +515,16 @@ export function registerWorkerCoreRoutes<T extends { Variables: WorkerRouteVaria
       return c.json({ error: "organization_unavailable" }, 400)
     }
 
+    if (shouldUseSignupAutoExistingWorker(input)) {
+      const existingSignupAutoWorker = await getExistingSignupAutoWorkerResponse({
+        orgId,
+        userId: user.id,
+      })
+      if (existingSignupAutoWorker) {
+        return c.json(existingSignupAutoWorker, 202)
+      }
+    }
+
     if (input.destination === "local" && !input.workspacePath) {
       return c.json({ error: "workspace_path_required" }, 400)
     }
@@ -313,6 +641,8 @@ export function registerWorkerCoreRoutes<T extends { Variables: WorkerRouteVaria
     },
   )
 
+  registerStaticWorkerAttachRoute(app as unknown as Hono<{ Variables: WorkerRouteVariables }>)
+
   app.get(
     "/v1/workers/:id",
     describeRoute({
diff --git a/ee/apps/den-api/src/routes/workers/index.ts b/ee/apps/den-api/src/routes/workers/index.ts
index 4c14419dfb..c9282da1b8 100644
--- a/ee/apps/den-api/src/routes/workers/index.ts
+++ b/ee/apps/den-api/src/routes/workers/index.ts
@@ -3,11 +3,13 @@ import type { WorkerRouteVariables } from "./shared.js"
 import { registerWorkerActivityRoutes } from "./activity.js"
 import { registerWorkerBillingRoutes } from "./billing.js"
 import { registerWorkerCoreRoutes } from "./core.js"
+import { registerManagedProviderSyncRoutes } from "./managed-providers.js"
 import { registerWorkerRuntimeRoutes } from "./runtime.js"
 
 export function registerWorkerRoutes<T extends { Variables: WorkerRouteVariables }>(app: Hono<T>) {
   registerWorkerActivityRoutes(app)
   registerWorkerBillingRoutes(app)
   registerWorkerCoreRoutes(app)
+  registerManagedProviderSyncRoutes(app as unknown as Hono<{ Variables: WorkerRouteVariables }>)
   registerWorkerRuntimeRoutes(app)
 }
diff --git a/ee/apps/den-api/src/routes/workers/managed-providers.ts b/ee/apps/den-api/src/routes/workers/managed-providers.ts
new file mode 100644
index 0000000000..628688cc24
--- /dev/null
+++ b/ee/apps/den-api/src/routes/workers/managed-providers.ts
@@ -0,0 +1,166 @@
+import { eq, inArray } from "@openwork-ee/den-db/drizzle"
+import { LlmProviderModelTable, LlmProviderTable } from "@openwork-ee/den-db/schema"
+import { normalizeDenTypeId } from "@openwork-ee/utils/typeid"
+import type { Hono } from "hono"
+import { describeRoute } from "hono-openapi"
+import { z } from "zod"
+import { db } from "../../db.js"
+import { paramValidator, requireUserMiddleware, resolveOrganizationContextMiddleware } from "../../middleware/index.js"
+import { forbiddenSchema, invalidRequestSchema, jsonResponse, notFoundSchema, unauthorizedSchema } from "../../openapi.js"
+import { memberHasRole } from "../org/shared.js"
+import { fetchWorkerRuntimeJson, getWorkerByIdForOrg, parseWorkerIdParam, type WorkerId, type WorkerRouteVariables, workerIdParamSchema } from "./shared.js"
+
+type LlmProviderRow = typeof LlmProviderTable.$inferSelect
+type LlmProviderModelRow = typeof LlmProviderModelTable.$inferSelect
+type OrganizationId = LlmProviderRow["organizationId"]
+
+export type ManagedProviderSyncProvider = {
+  id: string
+  providerId: string
+  name: string
+  source: LlmProviderRow["source"]
+  credentialKind: LlmProviderRow["credentialKind"]
+  providerConfig: Record<string, unknown>
+  models: Array<{ id: string; name: string; config: Record<string, unknown> }>
+  apiKey?: string
+  opencodeAuth?: string
+  revision: string
+}
+
+type ManagedProviderRouteDeps = {
+  middlewares?: never[]
+  getWorker?: (workerId: WorkerId, orgId: OrganizationId) => Promise<{ id: WorkerId } | null>
+  listProviders?: (orgId: OrganizationId) => Promise<ManagedProviderSyncProvider[]>
+  pushRuntime?: (workerId: WorkerId, payload: { providers: ManagedProviderSyncProvider[]; revision: string }) => Promise<{ ok: boolean; status: number; payload: unknown }>
+}
+
+const managedProviderSyncResponseSchema = z.object({
+  status: z.enum(["applied", "failed"]),
+  providerCount: z.number().int().min(0),
+  revision: z.string(),
+  reason: z.string().optional(),
+}).meta({ ref: "ManagedProviderSyncResponse" })
+
+export function canSyncManagedProviders(payload: { currentMember: { isOwner: boolean; role: string } }) {
+  return payload.currentMember.isOwner || memberHasRole(payload.currentMember.role, "admin")
+}
+
+function credentialPresent(provider: Pick<LlmProviderRow, "credentialKind" | "apiKey" | "opencodeAuth">) {
+  return provider.credentialKind === "opencode_oauth"
+    ? Boolean(provider.opencodeAuth?.trim())
+    : Boolean(provider.apiKey?.trim())
+}
+
+function revisionForProvider(provider: Pick<LlmProviderRow, "id" | "updatedAt" | "credentialKind">, models: LlmProviderModelRow[]) {
+  return [
+    provider.id,
+    provider.credentialKind,
+    provider.updatedAt instanceof Date ? provider.updatedAt.toISOString() : String(provider.updatedAt),
+    models.map((model) => `${model.modelId}:${model.name}`).sort().join(","),
+  ].join(":")
+}
+
+export function computeManagedProviderRevision(providers: Pick<ManagedProviderSyncProvider, "id" | "revision">[]) {
+  return providers.map((provider) => `${provider.id}:${provider.revision}`).sort().join("|") || "empty"
+}
+
+export function sanitizeManagedProviderSyncFailure(payload: unknown) {
+  return "Worker provider sync failed."
+}
+
+export async function listManagedProviderSyncProviders(organizationId: OrganizationId) {
+  const providers = await db
+    .select()
+    .from(LlmProviderTable)
+    .where(eq(LlmProviderTable.organizationId, organizationId))
+
+  const eligible = providers.filter(credentialPresent)
+  if (!eligible.length) return []
+
+  const models = await db
+    .select()
+    .from(LlmProviderModelTable)
+    .where(inArray(LlmProviderModelTable.llmProviderId, eligible.map((provider) => provider.id)))
+
+  return eligible.map((provider) => {
+    const providerModels = models.filter((model) => model.llmProviderId === provider.id)
+    return {
+      id: provider.id,
+      providerId: provider.providerId,
+      name: provider.name,
+      source: provider.source,
+      credentialKind: provider.credentialKind,
+      providerConfig: provider.providerConfig,
+      models: providerModels.map((model) => ({ id: model.modelId, name: model.name, config: model.modelConfig })),
+      ...(provider.credentialKind === "api_key" && provider.apiKey ? { apiKey: provider.apiKey } : {}),
+      ...(provider.credentialKind === "opencode_oauth" && provider.opencodeAuth ? { opencodeAuth: provider.opencodeAuth } : {}),
+      revision: revisionForProvider(provider, providerModels),
+    }
+  })
+}
+
+export function registerManagedProviderSyncRoutes(app: Hono<{ Variables: WorkerRouteVariables }>, deps: ManagedProviderRouteDeps = {}) {
+  const routeMiddlewares = deps.middlewares ?? [requireUserMiddleware, resolveOrganizationContextMiddleware, paramValidator(workerIdParamSchema)]
+  const getWorker = deps.getWorker ?? getWorkerByIdForOrg
+  const listProviders = deps.listProviders ?? listManagedProviderSyncProviders
+  const pushRuntime = deps.pushRuntime ?? ((workerId, payload) => fetchWorkerRuntimeJson({
+    workerId,
+    path: "/managed-providers/sync",
+    method: "POST",
+    body: payload,
+  }))
+
+  app.post(
+    "/v1/workers/:id/managed-providers/sync",
+    describeRoute({
+      tags: ["Workers", "Managed Providers"],
+      summary: "Sync managed providers to worker runtime",
+      description: "Applies organization-managed provider config/auth to a static worker through the host-token runtime channel.",
+      responses: {
+        200: jsonResponse("Managed providers applied successfully.", managedProviderSyncResponseSchema),
+        400: jsonResponse("The worker path parameters were invalid.", invalidRequestSchema),
+        401: jsonResponse("The caller must be signed in to sync providers.", unauthorizedSchema),
+        403: jsonResponse("Only organization owners and admins can sync providers.", forbiddenSchema),
+        404: jsonResponse("The worker could not be found.", notFoundSchema),
+        502: jsonResponse("The worker runtime failed to apply managed providers.", managedProviderSyncResponseSchema),
+      },
+    }),
+    ...(routeMiddlewares as never[]),
+    async (c) => {
+      const orgId = c.get("activeOrganizationId")
+      const organizationContext = c.get("organizationContext")
+      const params = c.req.valid("param" as never) as { id: string }
+
+      if (!orgId) return c.json({ error: "worker_not_found" }, 404)
+      if (!organizationContext || !canSyncManagedProviders(organizationContext)) {
+        return c.json({ error: "forbidden", message: "Only organization owners and admins can sync managed providers." }, 403)
+      }
+
+      let workerId: WorkerId
+      try {
+        workerId = parseWorkerIdParam(params.id)
+      } catch {
+        return c.json({ error: "worker_not_found" }, 404)
+      }
+
+      const normalizedOrgId = normalizeDenTypeId("organization", orgId)
+      const worker = await getWorker(workerId, normalizedOrgId)
+      if (!worker) return c.json({ error: "worker_not_found" }, 404)
+
+      const providers = await listProviders(normalizedOrgId)
+      const revision = computeManagedProviderRevision(providers)
+
+      const runtime = await pushRuntime(worker.id, { providers, revision })
+      if (!runtime.ok) {
+        return c.json({
+          status: "failed",
+          providerCount: providers.length,
+          revision,
+          reason: sanitizeManagedProviderSyncFailure(runtime.payload),
+        }, 502)
+      }
+
+      return c.json({ status: "applied", providerCount: providers.length, revision })
+    },
+  )
+}
diff --git a/ee/apps/den-api/src/routes/workers/shared.ts b/ee/apps/den-api/src/routes/workers/shared.ts
index cbf1f01d25..cd3dc76a15 100644
--- a/ee/apps/den-api/src/routes/workers/shared.ts
+++ b/ee/apps/den-api/src/routes/workers/shared.ts
@@ -1,5 +1,7 @@
 import { randomBytes } from "node:crypto"
-import { and, asc, desc, eq, isNull } from "@openwork-ee/den-db/drizzle"
+import { lookup as dnsLookup } from "node:dns/promises"
+import { isIP } from "node:net"
+import { and, asc, desc, eq, inArray, isNull, sql } from "@openwork-ee/den-db/drizzle"
 import {
   AuditEventTable,
   AuthUserTable,
@@ -13,23 +15,48 @@ import {
 import { createDenTypeId, normalizeDenTypeId } from "@openwork-ee/utils/typeid"
 import { z } from "zod"
 import { requireCloudWorkerAccess } from "../../billing/polar.js"
-import { db } from "../../db.js"
+import { db, dbClient } from "../../db.js"
 import { env } from "../../env.js"
-import type { UserOrganizationsContext } from "../../middleware/index.js"
+import type { OrganizationContextVariables, UserOrganizationsContext } from "../../middleware/index.js"
 import { denTypeIdSchema } from "../../openapi.js"
 import type { AuthContextVariables } from "../../session.js"
-import { deprovisionWorker, provisionWorker } from "../../workers/provisioner.js"
+import {
+  checkStaticWorkerHealth,
+  deprovisionWorker,
+  getStaticWorkerTokenPairForUrl,
+  normalizeStaticWorkerUrl,
+  provisionWorker,
+  selectStaticWorkerUrlFromPool,
+  verifyStaticWorkerRuntimeAccess,
+} from "../../workers/provisioner.js"
 import { customDomainForWorker } from "../../workers/vanity-domain.js"
 
 export const createWorkerSchema = z.object({
   name: z.string().min(1),
   description: z.string().optional(),
   destination: z.enum(["local", "cloud"]),
+  source: z.enum(["manual", "signup_auto"]).optional(),
   workspacePath: z.string().optional(),
   sandboxBackend: z.string().optional(),
   imageVersion: z.string().optional(),
 })
 
+export function shouldUseSignupAutoExistingWorker(input: {
+  destination: "local" | "cloud"
+  source?: "manual" | "signup_auto"
+}) {
+  return input.destination === "cloud" && input.source === "signup_auto"
+}
+
+export const attachStaticWorkerSchema = z.object({
+  name: z.string().trim().min(1).max(255),
+  description: z.string().trim().max(1024).optional(),
+  url: z.string().url(),
+  clientToken: z.string().trim().min(1).max(128),
+  hostToken: z.string().trim().min(1).max(128),
+  activityToken: z.string().trim().min(1).max(128).optional(),
+})
+
 export const updateWorkerSchema = z.object({
   name: z.string().trim().min(1).max(255),
 })
@@ -49,13 +76,21 @@ export const workerIdParamSchema = z.object({
   id: denTypeIdSchema("worker"),
 })
 
-export type WorkerRouteVariables = AuthContextVariables & Partial<UserOrganizationsContext>
+export type WorkerRouteVariables = AuthContextVariables & Partial<UserOrganizationsContext> & Partial<OrganizationContextVariables>
 
 type WorkerRow = typeof WorkerTable.$inferSelect
 type WorkerInstanceRow = typeof WorkerInstanceTable.$inferSelect
 export type WorkerId = WorkerRow["id"]
 type OrgId = typeof MemberTable.$inferSelect.organizationId
 type UserId = typeof AuthUserTable.$inferSelect.id
+type StaticAssignmentDb = Pick<typeof db, "execute" | "insert" | "select" | "update">
+type MySqlLockConnection = {
+  query: (statement: string, values?: unknown[]) => Promise<unknown>
+  release: () => void
+}
+type MySqlLockPool = {
+  getConnection: () => Promise<MySqlLockConnection>
+}
 
 export const token = () => randomBytes(32).toString("hex")
 
@@ -63,6 +98,262 @@ export function parseWorkerIdParam(value: string): WorkerId {
   return normalizeDenTypeId("worker", value)
 }
 
+export function normalizeWorkerRuntimeUrl(value: string): string {
+  const parsed = new URL(value.trim())
+  parsed.hash = ""
+  parsed.search = ""
+  parsed.username = ""
+  parsed.password = ""
+  parsed.pathname = parsed.pathname.replace(/\/+$/, "")
+  return parsed.toString().replace(/\/+$/, "")
+}
+
+export type StaticWorkerAttachUrlPolicy = {
+  allowPrivate: boolean
+  allowedHosts: readonly string[]
+  allowedCidrs: readonly string[]
+}
+
+export type DnsLookupAddress = {
+  address: string
+  family: 4 | 6
+}
+
+export type StaticWorkerDnsLookup = (hostname: string) => Promise<DnsLookupAddress[]>
+
+export type ValidatedStaticWorkerAttachUrl = {
+  ok: true
+  url: string
+  resolvedAddresses: DnsLookupAddress[]
+}
+
+export function canAttachStaticWorkerForMember(payload: { currentMember: { isOwner: boolean; role: string } }) {
+  return payload.currentMember.isOwner || payload.currentMember.role.split(",").map((role) => role.trim()).includes("admin")
+}
+
+function parseIpv4(value: string) {
+  const parts = value.split(".")
+  if (parts.length !== 4) {
+    return null
+  }
+  let result = 0
+  for (const part of parts) {
+    if (!/^\d{1,3}$/.test(part)) {
+      return null
+    }
+    const octet = Number(part)
+    if (octet < 0 || octet > 255) {
+      return null
+    }
+    result = (result << 8) + octet
+  }
+  return result >>> 0
+}
+
+function ipv4InCidr(host: string, cidr: string) {
+  const [base, prefixRaw] = cidr.split("/")
+  const ip = parseIpv4(host)
+  const baseIp = parseIpv4(base ?? "")
+  const prefix = Number(prefixRaw)
+  if (ip === null || baseIp === null || !Number.isInteger(prefix) || prefix < 0 || prefix > 32) {
+    return false
+  }
+  const mask = prefix === 0 ? 0 : (0xffffffff << (32 - prefix)) >>> 0
+  return (ip & mask) === (baseIp & mask)
+}
+
+function parseIpv6(value: string): bigint | null {
+  const normalized = value.toLowerCase()
+  const zoneIndex = normalized.indexOf("%")
+  const withoutZone = zoneIndex === -1 ? normalized : normalized.slice(0, zoneIndex)
+  const [headRaw, tailRaw, extra] = withoutZone.split("::")
+  if (extra !== undefined) {
+    return null
+  }
+
+  const parsePart = (part: string) => {
+    if (!part) {
+      return [] as number[]
+    }
+    const entries = part.split(":")
+    const words: number[] = []
+    for (const entry of entries) {
+      if (!entry) {
+        return null
+      }
+      if (entry.includes(".")) {
+        const ipv4 = parseIpv4(entry)
+        if (ipv4 === null) {
+          return null
+        }
+        words.push((ipv4 >>> 16) & 0xffff, ipv4 & 0xffff)
+        continue
+      }
+      if (!/^[0-9a-f]{1,4}$/.test(entry)) {
+        return null
+      }
+      words.push(Number.parseInt(entry, 16))
+    }
+    return words
+  }
+
+  const head = parsePart(headRaw ?? "")
+  const tail = parsePart(tailRaw ?? "")
+  if (!head || !tail) {
+    return null
+  }
+
+  const missing = tailRaw === undefined ? 0 : 8 - head.length - tail.length
+  if (missing < 0) {
+    return null
+  }
+  const words = [...head, ...Array.from({ length: missing }, () => 0), ...tail]
+  if (words.length !== 8) {
+    return null
+  }
+
+  return words.reduce((result, word) => (result << 16n) + BigInt(word), 0n)
+}
+
+function ipv6InCidr(host: string, cidr: string) {
+  const [base, prefixRaw] = cidr.split("/")
+  const ip = parseIpv6(host)
+  const baseIp = parseIpv6(base ?? "")
+  const prefix = Number(prefixRaw)
+  if (ip === null || baseIp === null || !Number.isInteger(prefix) || prefix < 0 || prefix > 128) {
+    return false
+  }
+  const hostBits = 128 - prefix
+  const mask = prefix === 0 ? 0n : ((1n << 128n) - 1n) ^ ((1n << BigInt(hostBits)) - 1n)
+  return (ip & mask) === (baseIp & mask)
+}
+
+function ipInCidr(host: string, cidr: string) {
+  return isIP(host) === 4 ? ipv4InCidr(host, cidr) : isIP(host) === 6 ? ipv6InCidr(host, cidr) : false
+}
+
+function isPrivateIpv4(hostname: string) {
+  const ip = parseIpv4(hostname)
+  if (ip === null) {
+    return false
+  }
+  return ipv4InCidr(hostname, "10.0.0.0/8")
+    || ipv4InCidr(hostname, "172.16.0.0/12")
+    || ipv4InCidr(hostname, "192.168.0.0/16")
+    || ipv4InCidr(hostname, "127.0.0.0/8")
+    || ipv4InCidr(hostname, "169.254.0.0/16")
+    || ip === 0
+}
+
+function isUnsafeIpv6(hostname: string) {
+  const ip = parseIpv6(hostname)
+  if (ip === null) {
+    return false
+  }
+  return ip === 0n
+    || ip === 1n
+    || ipv6InCidr(hostname, "fc00::/7")
+    || ipv6InCidr(hostname, "fe80::/10")
+    || ipv6InCidr(hostname, "::ffff:0:0/96")
+}
+
+function isUnsafeAddress(hostname: string) {
+  return isPrivateIpv4(hostname) || isUnsafeIpv6(hostname)
+}
+
+function isLocalHostname(hostname: string) {
+  const normalized = hostname.toLowerCase()
+  return normalized === "localhost" || normalized.endsWith(".local") || normalized.endsWith(".localhost")
+}
+
+export function validateStaticWorkerAttachUrl(value: string, policy: StaticWorkerAttachUrlPolicy) {
+  let parsed: URL
+  try {
+    parsed = new URL(value.trim())
+  } catch {
+    return { ok: false as const, message: "Worker URL must be a valid URL." }
+  }
+
+  if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
+    return { ok: false as const, message: "Worker URL must use http or https." }
+  }
+  if (parsed.username || parsed.password) {
+    return { ok: false as const, message: "Worker URL must not include credentials." }
+  }
+  if (parsed.search || parsed.hash) {
+    return { ok: false as const, message: "Worker URL must not include query parameters or fragments." }
+  }
+
+  const hostname = parsed.hostname.toLowerCase()
+  const allowedHosts = new Set(policy.allowedHosts.map((host) => host.trim().toLowerCase()).filter(Boolean))
+  const hostExplicitlyAllowed = allowedHosts.has(hostname)
+  const cidrAllowed = policy.allowedCidrs.some((cidr) => ipInCidr(hostname, cidr.trim()))
+  const privateOrLocal = isUnsafeAddress(hostname) || isLocalHostname(hostname)
+
+  if (privateOrLocal && !policy.allowPrivate && !hostExplicitlyAllowed && !cidrAllowed) {
+    return {
+      ok: false as const,
+      message: "Private and LAN worker URLs require explicit on-prem attach policy or an allowed host/CIDR.",
+    }
+  }
+
+  return { ok: true as const, url: normalizeWorkerRuntimeUrl(value), resolvedAddresses: [] as DnsLookupAddress[] }
+}
+
+async function defaultDnsLookup(hostname: string) {
+  if (isIP(hostname)) {
+    return [{ address: hostname, family: isIP(hostname) as 4 | 6 }]
+  }
+  return dnsLookup(hostname, { all: true }) as Promise<DnsLookupAddress[]>
+}
+
+export async function validateResolvedStaticWorkerAttachUrl(
+  value: string,
+  policy: StaticWorkerAttachUrlPolicy,
+  lookup: StaticWorkerDnsLookup = defaultDnsLookup,
+) {
+  const basic = validateStaticWorkerAttachUrl(value, policy)
+  if (!basic.ok) {
+    return basic
+  }
+
+  const parsed = new URL(basic.url)
+  const hostname = parsed.hostname.toLowerCase()
+  const allowedHosts = new Set(policy.allowedHosts.map((host) => host.trim().toLowerCase()).filter(Boolean))
+  const hostExplicitlyAllowed = allowedHosts.has(hostname)
+
+  let addresses: DnsLookupAddress[]
+  try {
+    addresses = await lookup(hostname)
+  } catch {
+    return { ok: false as const, message: "Worker URL hostname could not be resolved." }
+  }
+
+  if (addresses.length === 0) {
+    return { ok: false as const, message: "Worker URL hostname could not be resolved." }
+  }
+
+  if (parsed.protocol === "https:" && !isIP(hostname) && !hostExplicitlyAllowed) {
+    return {
+      ok: false as const,
+      message: "HTTPS static worker attach hostnames must be explicitly allowed by on-prem attach policy.",
+    }
+  }
+
+  for (const entry of addresses) {
+    const address = entry.address.toLowerCase()
+    const cidrAllowed = policy.allowedCidrs.some((cidr) => ipInCidr(address, cidr.trim()))
+    if (isUnsafeAddress(address) && !policy.allowPrivate && !cidrAllowed) {
+      return {
+        ok: false as const,
+        message: "Worker URL resolves to a private, loopback, link-local, or metadata address that is not explicitly allowed.",
+      }
+    }
+  }
+
+  return { ...basic, resolvedAddresses: addresses }
+}
+
 export function parseUserId(value: string): UserId {
   return normalizeDenTypeId("user", value)
 }
@@ -71,9 +362,8 @@ function isRecord(value: unknown): value is Record<string, unknown> {
   return typeof value === "object" && value !== null
 }
 
-function normalizeUrl(value: string): string {
-  return value.trim().replace(/\/+$/, "")
-}
+const normalizeUrl = normalizeWorkerRuntimeUrl
+const STATIC_PROVISIONING_LOCK_NAME = "den_static_provisioner_assignment"
 
 function parseWorkspaceSelection(payload: unknown): { workspaceId: string; openworkUrl: string } | null {
   if (!isRecord(payload) || !Array.isArray(payload.items)) {
@@ -192,7 +482,16 @@ async function resolveConnectUrlFromCandidates(workerId: WorkerId, instanceUrl:
 }
 
 async function getWorkerRuntimeAccess(workerId: WorkerId) {
-  const instance = await getLatestWorkerInstance(workerId)
+  const workerRows = await db
+    .select({ status: WorkerTable.status })
+    .from(WorkerTable)
+    .where(eq(WorkerTable.id, workerId))
+    .limit(1)
+  if (workerRows[0]?.status !== "healthy") {
+    return null
+  }
+
+  const instance = await getLatestHealthyWorkerInstance(workerId)
   const tokenRows = await db
     .select()
     .from(WorkerTokenTable)
@@ -284,6 +583,198 @@ export async function getLatestWorkerInstance(workerId: WorkerId) {
   return rows[0] ?? null
 }
 
+export async function getLatestHealthyWorkerInstance(workerId: WorkerId) {
+  const rows = await db
+    .select()
+    .from(WorkerInstanceTable)
+    .where(and(eq(WorkerInstanceTable.worker_id, workerId), eq(WorkerInstanceTable.status, "healthy")))
+    .orderBy(desc(WorkerInstanceTable.created_at))
+    .limit(1)
+
+  return rows[0] ?? null
+}
+
+export function isWorkerRuntimeSyncTarget(input: { workerStatus?: string | null; instanceStatus?: string | null; instanceUrl?: string | null; hostToken?: string | null }) {
+  return input.workerStatus === "healthy"
+    && input.instanceStatus === "healthy"
+    && Boolean(input.instanceUrl?.trim())
+    && Boolean(input.hostToken?.trim())
+}
+
+async function getUnavailableStaticWorkerUrls() {
+  if (env.provisionerMode !== "static") {
+    return []
+  }
+
+  const rows = await db
+    .select({ url: WorkerInstanceTable.url })
+    .from(WorkerInstanceTable)
+    .where(
+      and(
+        eq(WorkerInstanceTable.provider, "static"),
+        inArray(WorkerInstanceTable.status, ["provisioning", "healthy"]),
+      ),
+    )
+
+  return rows.map((row) => normalizeUrl(row.url)).filter(Boolean)
+}
+
+function staticReservationStaleBefore() {
+  return new Date(Date.now() - env.staticWorkers.reservationTtlMs)
+}
+
+async function markStaleStaticReservationsFailed(tx: StaticAssignmentDb) {
+  await tx
+    .update(WorkerInstanceTable)
+    .set({ status: "failed" })
+    .where(
+      and(
+        eq(WorkerInstanceTable.provider, "static"),
+        eq(WorkerInstanceTable.status, "provisioning"),
+        sql`${WorkerInstanceTable.updated_at} < ${staticReservationStaleBefore()}`,
+      ),
+    )
+}
+
+export function readMySqlLockAcquired(result: unknown) {
+  const rows = Array.isArray(result) && Array.isArray(result[0]) ? result[0] : result
+  if (!Array.isArray(rows)) {
+    return 0
+  }
+  const first = rows[0]
+  if (first && typeof first === "object" && "acquired" in first) {
+    return Number((first as { acquired: unknown }).acquired)
+  }
+  return 0
+}
+
+function getMySqlLockPool(): MySqlLockPool {
+  if (dbClient && typeof dbClient === "object" && "getConnection" in dbClient && typeof dbClient.getConnection === "function") {
+    return dbClient as MySqlLockPool
+  }
+  throw new Error("Static worker assignment locking requires MySQL DB_MODE")
+}
+
+export async function withStaticAssignmentLockUsing<T>(input: {
+  pool: MySqlLockPool
+  transaction: (run: (tx: StaticAssignmentDb) => Promise<T>) => Promise<T>
+  run: (tx: StaticAssignmentDb) => Promise<T>
+}) {
+  const connection = await input.pool.getConnection()
+  let lockAcquired = false
+
+  try {
+    const lockRows = await connection.query(`SELECT GET_LOCK(?, 10) AS acquired`, [STATIC_PROVISIONING_LOCK_NAME])
+    const acquired = readMySqlLockAcquired(lockRows)
+
+    if (acquired !== 1) {
+      throw new Error("Timed out waiting for static worker assignment lock")
+    }
+
+    lockAcquired = true
+    return await input.transaction(input.run)
+  } finally {
+    if (lockAcquired) {
+      await connection.query(`SELECT RELEASE_LOCK(?)`, [STATIC_PROVISIONING_LOCK_NAME])
+    }
+    connection.release()
+  }
+}
+
+export async function withStaticAssignmentLock<T>(run: (tx: StaticAssignmentDb) => Promise<T>) {
+  return withStaticAssignmentLockUsing({
+    pool: getMySqlLockPool(),
+    transaction: (callback) => db.transaction(callback),
+    run,
+  })
+}
+
+async function reserveStaticWorkerInstance(input: {
+  workerId: WorkerId
+}) {
+  return withStaticAssignmentLock(async (tx) => {
+    await markStaleStaticReservationsFailed(tx)
+
+    const rows = await tx
+      .select({ url: WorkerInstanceTable.url })
+      .from(WorkerInstanceTable)
+      .where(
+        and(
+          eq(WorkerInstanceTable.provider, "static"),
+          inArray(WorkerInstanceTable.status, ["provisioning", "healthy"]),
+        ),
+      )
+
+    const url = normalizeStaticWorkerUrl(selectStaticWorkerUrlFromPool(input.workerId, {
+      ...env.staticWorkers,
+      unavailableUrls: rows.map((row) => row.url),
+    }))
+    const tokens = getStaticWorkerTokenPairForUrl(url, env.staticWorkers)
+    const instanceId = createDenTypeId("workerInstance")
+
+    await tx.insert(WorkerInstanceTable).values({
+      id: instanceId,
+      worker_id: input.workerId,
+      provider: "static",
+      region: "on-prem",
+      url,
+      status: "provisioning",
+    })
+
+    await tx
+      .update(WorkerTokenTable)
+      .set({ token: tokens.hostToken })
+      .where(and(eq(WorkerTokenTable.worker_id, input.workerId), eq(WorkerTokenTable.scope, "host")))
+
+    await tx
+      .update(WorkerTokenTable)
+      .set({ token: tokens.clientToken })
+      .where(and(eq(WorkerTokenTable.worker_id, input.workerId), eq(WorkerTokenTable.scope, "client")))
+
+    return { instanceId, url, tokens }
+  })
+}
+
+async function continueStaticCloudProvisioning(input: {
+  workerId: WorkerId
+  name: string
+  hostToken: string
+  clientToken: string
+  activityToken: string
+}) {
+  const reservation = await reserveStaticWorkerInstance({ workerId: input.workerId })
+
+  try {
+    await checkStaticWorkerHealth(reservation.url, env.staticWorkers)
+    await verifyStaticWorkerRuntimeAccess(reservation.url, reservation.tokens, env.staticWorkers)
+
+    await db.transaction(async (tx) => {
+      await tx
+        .update(WorkerTable)
+        .set({ status: "healthy" })
+        .where(eq(WorkerTable.id, input.workerId))
+
+      await tx
+        .update(WorkerInstanceTable)
+        .set({ status: "healthy" })
+        .where(eq(WorkerInstanceTable.id, reservation.instanceId))
+    })
+  } catch (error) {
+    await db.transaction(async (tx) => {
+      await tx
+        .update(WorkerTable)
+        .set({ status: "failed" })
+        .where(eq(WorkerTable.id, input.workerId))
+
+      await tx
+        .update(WorkerInstanceTable)
+        .set({ status: "failed" })
+        .where(eq(WorkerInstanceTable.id, reservation.instanceId))
+    })
+    throw error
+  }
+}
+
 export function toInstanceResponse(instance: WorkerInstanceRow | null) {
   if (!instance) {
     return null
@@ -327,12 +818,18 @@ export async function continueCloudProvisioning(input: {
   activityToken: string
 }) {
   try {
+    if (env.provisionerMode === "static") {
+      await continueStaticCloudProvisioning(input)
+      return
+    }
+
     const provisioned = await provisionWorker({
       workerId: input.workerId,
       name: input.name,
       hostToken: input.hostToken,
       clientToken: input.clientToken,
       activityToken: input.activityToken,
+      unavailableStaticWorkerUrls: await getUnavailableStaticWorkerUrls(),
     })
 
     await db
diff --git a/ee/apps/den-api/src/workers/provisioner.ts b/ee/apps/den-api/src/workers/provisioner.ts
index dcf952a34e..d144211ba3 100644
--- a/ee/apps/den-api/src/workers/provisioner.ts
+++ b/ee/apps/den-api/src/workers/provisioner.ts
@@ -17,6 +17,7 @@ export type ProvisionInput = {
   hostToken: string
   clientToken: string
   activityToken: string
+  unavailableStaticWorkerUrls?: string[]
 }
 
 export type ProvisionedInstance = {
@@ -26,6 +27,26 @@ export type ProvisionedInstance = {
   region?: string
 }
 
+export type StaticWorkerTokenPair = {
+  clientToken: string
+  hostToken: string
+}
+
+export type StaticWorkerConfig = {
+  urls: string[]
+  healthPath: string
+  healthcheckTimeoutMs: number
+  healthcheckIntervalMs: number
+  reservationTtlMs?: number
+  unavailableUrls?: string[]
+  tokenMap?: Record<string, StaticWorkerTokenPair>
+}
+
+type StaticWorkerReservation = {
+  workerId: string
+  expiresAt: number
+}
+
 type RenderService = {
   id: string
   name?: string
@@ -54,6 +75,7 @@ const terminalDeployStates = new Set([
 ])
 
 const sleep = (ms: number) => new Promise((resolve) => setTimeout(resolve, ms))
+const staticWorkerReservations = new Map<string, StaticWorkerReservation>()
 
 const slug = (value: string) =>
   value
@@ -135,25 +157,219 @@ async function waitForDeployLive(serviceId: string) {
 async function waitForHealth(
   url: string,
   timeoutMs = env.render.healthcheckTimeoutMs,
+  intervalMs = env.render.pollIntervalMs,
+  healthPath = "/health",
 ) {
-  const healthUrl = `${url.replace(/\/$/, "")}/health`
+  const normalizedPath = healthPath.startsWith("/") ? healthPath : `/${healthPath}`
+  const healthUrl = `${url.replace(/\/$/, "")}${normalizedPath}`
   const startedAt = Date.now()
 
   while (Date.now() - startedAt < timeoutMs) {
+    const remainingMs = timeoutMs - (Date.now() - startedAt)
+    const controller = new AbortController()
+    const timeout = setTimeout(() => controller.abort(), remainingMs)
+
     try {
-      const response = await fetch(healthUrl, { method: "GET" })
+      const response = await fetch(healthUrl, {
+        method: "GET",
+        signal: controller.signal,
+      })
       if (response.ok) {
         return
       }
     } catch {
       // ignore transient network failures while the instance boots
+    } finally {
+      clearTimeout(timeout)
+    }
+
+    const elapsedMs = Date.now() - startedAt
+    const sleepMs = Math.min(intervalMs, Math.max(timeoutMs - elapsedMs, 0))
+    if (sleepMs > 0) {
+      await sleep(sleepMs)
     }
-    await sleep(env.render.pollIntervalMs)
   }
 
   throw new Error(`Timed out waiting for worker health endpoint ${healthUrl}`)
 }
 
+export function normalizeStaticWorkerUrl(value: string) {
+  const parsedUrl = new URL(value.trim())
+  parsedUrl.hash = ""
+  parsedUrl.search = ""
+  parsedUrl.pathname = parsedUrl.pathname.replace(/\/+$/, "")
+  return parsedUrl.toString().replace(/\/+$/, "")
+}
+
+function safeNormalizeWorkerUrl(value: string) {
+  try {
+    return normalizeStaticWorkerUrl(value)
+  } catch {
+    return ""
+  }
+}
+
+export function getStaticWorkerTokenPairForUrl(url: string, config: StaticWorkerConfig) {
+  const normalizedUrl = normalizeStaticWorkerUrl(url)
+  const pair = config.tokenMap?.[normalizedUrl]
+  if (!pair?.clientToken.trim() || !pair.hostToken.trim()) {
+    throw new Error(`STATIC_WORKER_TOKEN_MAP_JSON is missing token pair for ${normalizedUrl}`)
+  }
+  return {
+    clientToken: pair.clientToken.trim(),
+    hostToken: pair.hostToken.trim(),
+  }
+}
+
+async function fetchStaticWorkerRuntime(url: string, path: string, headers: Record<string, string>, timeoutMs: number) {
+  return fetch(`${url.replace(/\/$/, "")}${path}`, {
+    method: "GET",
+    redirect: "manual",
+    headers: { Accept: "application/json", ...headers },
+    signal: AbortSignal.timeout(timeoutMs),
+  })
+}
+
+export async function verifyStaticWorkerRuntimeAccess(
+  url: string,
+  tokens: StaticWorkerTokenPair,
+  config: Pick<StaticWorkerConfig, "healthcheckTimeoutMs">,
+) {
+  const clientResponse = await fetchStaticWorkerRuntime(url, "/workspaces", {
+    Authorization: `Bearer ${tokens.clientToken}`,
+  }, config.healthcheckTimeoutMs)
+  if (!clientResponse.ok) {
+    throw new Error(`Worker rejected configured static client token with HTTP ${clientResponse.status}`)
+  }
+
+  const hostResponse = await fetchStaticWorkerRuntime(url, "/env/keys", {
+    "X-OpenWork-Host-Token": tokens.hostToken,
+  }, config.healthcheckTimeoutMs)
+  if (!hostResponse.ok) {
+    throw new Error(`Worker rejected configured static host token with HTTP ${hostResponse.status}`)
+  }
+}
+
+function pruneExpiredStaticWorkerReservations(now = Date.now()) {
+  for (const [url, reservation] of staticWorkerReservations) {
+    if (reservation.expiresAt <= now) {
+      staticWorkerReservations.delete(url)
+    }
+  }
+}
+
+function selectStaticWorkerUrl(workerId: string, config: StaticWorkerConfig) {
+  pruneExpiredStaticWorkerReservations()
+
+  return selectStaticWorkerUrlFromPool(workerId, config, true)
+}
+
+export function selectStaticWorkerUrlFromPool(
+  workerId: string,
+  config: StaticWorkerConfig,
+  includeInProcessReservations = false,
+) {
+  if (includeInProcessReservations) {
+    pruneExpiredStaticWorkerReservations()
+  }
+
+  const urls = config.urls.map(safeNormalizeWorkerUrl).filter(Boolean)
+  if (urls.length === 0) {
+    throw new Error("STATIC_WORKER_URLS is required when PROVISIONER_MODE=static")
+  }
+
+  const unavailableUrls = new Set(
+    (config.unavailableUrls ?? []).map(safeNormalizeWorkerUrl).filter(Boolean),
+  )
+  if (includeInProcessReservations) {
+    for (const [url, reservation] of staticWorkerReservations) {
+      if (reservation.workerId !== workerId) {
+        unavailableUrls.add(url)
+      }
+    }
+  }
+
+  const availableUrls = urls.filter((url) => !unavailableUrls.has(url))
+
+  if (availableUrls.length === 0) {
+    throw new Error(
+      "No available static worker URL remains; all configured STATIC_WORKER_URLS are already assigned to active workers",
+    )
+  }
+
+  let hash = 0
+  for (const char of workerId) {
+    hash = (hash * 31 + char.charCodeAt(0)) >>> 0
+  }
+
+  return availableUrls[hash % availableUrls.length]!
+}
+
+function reserveStaticWorkerUrl(workerId: string, url: string, ttlMs: number) {
+  if (ttlMs <= 0) {
+    return
+  }
+  staticWorkerReservations.set(url, {
+    workerId,
+    expiresAt: Date.now() + ttlMs,
+  })
+}
+
+export function releaseStaticWorkerUrl(workerId: string, url: string) {
+  const reservation = staticWorkerReservations.get(url)
+  if (reservation?.workerId === workerId) {
+    staticWorkerReservations.delete(url)
+  }
+}
+
+export async function provisionStaticWorker(
+  input: ProvisionInput,
+  config: StaticWorkerConfig = env.staticWorkers,
+): Promise<ProvisionedInstance> {
+  const reservationTtlMs = config.reservationTtlMs ?? 300000
+  const url = selectStaticWorkerUrl(input.workerId, {
+    ...config,
+    unavailableUrls: config.unavailableUrls ?? input.unavailableStaticWorkerUrls,
+  })
+  reserveStaticWorkerUrl(input.workerId, url, reservationTtlMs)
+
+  try {
+    await waitForHealth(
+      url,
+      config.healthcheckTimeoutMs,
+      config.healthcheckIntervalMs,
+      config.healthPath,
+    )
+    const tokens = config.tokenMap?.[url]
+    if (tokens) {
+      await verifyStaticWorkerRuntimeAccess(url, tokens, config)
+    }
+  } catch (error) {
+    releaseStaticWorkerUrl(input.workerId, url)
+    throw error
+  }
+
+  if (reservationTtlMs <= 0) {
+    releaseStaticWorkerUrl(input.workerId, url)
+  }
+
+  return {
+    provider: "static",
+    url,
+    status: "healthy",
+    region: "on-prem",
+  }
+}
+
+export async function checkStaticWorkerHealth(url: string, config: StaticWorkerConfig) {
+  await waitForHealth(
+    url,
+    config.healthcheckTimeoutMs,
+    config.healthcheckIntervalMs,
+    config.healthPath,
+  )
+}
+
 async function listRenderServices(limit = 200) {
   const rows: RenderService[] = []
   let cursor: string | undefined
@@ -343,6 +559,10 @@ export async function provisionWorker(
     return provisionWorkerOnDaytona(input)
   }
 
+  if (env.provisionerMode === "static") {
+    return provisionStaticWorker(input)
+  }
+
   const template = env.workerUrlTemplate ?? "https://workers.local/{workerId}"
   const url = template.replace("{workerId}", input.workerId)
   return {
@@ -356,6 +576,13 @@ export async function deprovisionWorker(input: {
   workerId: WorkerId
   instanceUrl: string | null
 }) {
+  if (env.provisionerMode === "static") {
+    if (input.instanceUrl) {
+      releaseStaticWorkerUrl(input.workerId, safeNormalizeWorkerUrl(input.instanceUrl))
+    }
+    return
+  }
+
   if (env.provisionerMode === "daytona") {
     await deprovisionWorkerOnDaytona(input.workerId)
     return
diff --git a/ee/apps/den-api/test/desktop-handoff.test.ts b/ee/apps/den-api/test/desktop-handoff.test.ts
new file mode 100644
index 0000000000..850b8f2e9a
--- /dev/null
+++ b/ee/apps/den-api/test/desktop-handoff.test.ts
@@ -0,0 +1,32 @@
+import { beforeAll, expect, test } from "bun:test"
+
+function seedRequiredEnv() {
+  process.env.DATABASE_URL = process.env.DATABASE_URL ?? "mysql://root:password@127.0.0.1:3306/openwork_test"
+  process.env.DEN_DB_ENCRYPTION_KEY = process.env.DEN_DB_ENCRYPTION_KEY ?? "x".repeat(32)
+  process.env.BETTER_AUTH_SECRET = process.env.BETTER_AUTH_SECRET ?? "y".repeat(32)
+  process.env.BETTER_AUTH_URL = process.env.BETTER_AUTH_URL ?? "http://127.0.0.1:8790"
+  process.env.CORS_ORIGINS = process.env.CORS_ORIGINS ?? "http://127.0.0.1:8790"
+}
+
+let desktopHandoffModule: typeof import("../src/routes/auth/desktop-handoff.js")
+
+beforeAll(async () => {
+  seedRequiredEnv()
+  desktopHandoffModule = await import("../src/routes/auth/desktop-handoff.js")
+})
+
+test("desktop handoff Den base URL resolves trusted web app origin through proxy path", () => {
+  const request = new Request("http://den-api.internal/v1/auth/desktop-handoff", {
+    headers: { origin: "https://app.openworklabs.com" },
+  })
+
+  expect(desktopHandoffModule.resolveDesktopDenBaseUrl(request)).toBe("https://app.openworklabs.com/api/den")
+})
+
+test("desktop handoff Den base URL fails closed instead of falling back to public cloud", () => {
+  const request = new Request("http://den-api.internal/v1/auth/desktop-handoff", {
+    headers: { host: "", "x-forwarded-host": "bad host", "x-forwarded-proto": "https" },
+  })
+
+  expect(() => desktopHandoffModule.resolveDesktopDenBaseUrl(request)).toThrow("trusted Den base URL")
+})
diff --git a/ee/apps/den-api/test/entra-sso.test.ts b/ee/apps/den-api/test/entra-sso.test.ts
new file mode 100644
index 0000000000..fd87e1848d
--- /dev/null
+++ b/ee/apps/den-api/test/entra-sso.test.ts
@@ -0,0 +1,334 @@
+import { expect, test } from "bun:test"
+import {
+  extractEntraGroupsFromIdToken,
+  ensureEntraSsoMembership,
+  type EntraSsoMembershipRecord,
+  isEntraSsoEnabled,
+  mapEntraProfileToUser,
+  normalizeEntraTenantId,
+  normalizeSsoAssignableRole,
+  parseEntraSsoEnv,
+  resolveEntraSsoRole,
+  validateEntraSsoEnv,
+} from "../src/entra-sso.js"
+
+function unsignedJwt(payload: Record<string, unknown>) {
+  const encodedPayload = Buffer.from(JSON.stringify(payload), "utf8")
+    .toString("base64url")
+  return `eyJhbGciOiJub25lIn0.${encodedPayload}.`
+}
+
+test("parses Entra SSO environment into provider and auto-join config", () => {
+  const config = parseEntraSsoEnv({
+    DEN_ENTRA_TENANT_ID: " 00000000-0000-0000-0000-000000000123 ",
+    DEN_ENTRA_CLIENT_ID: " client-123 ",
+    DEN_ENTRA_CLIENT_SECRET: " secret-123 ",
+    DEN_ENTRA_AUTO_JOIN_ENABLED: "true",
+    DEN_ENTRA_AUTO_JOIN_ORG_ID: " organization_123 ",
+    DEN_ENTRA_ADMIN_GROUP_IDS: "admin-a, admin-b",
+    DEN_ENTRA_MEMBER_GROUP_IDS: "member-a,member-b",
+  })
+
+  expect(config).toEqual({
+    tenantId: "00000000-0000-0000-0000-000000000123",
+    clientId: "client-123",
+    clientSecret: "secret-123",
+    autoJoinEnabled: true,
+    autoJoinOrganizationId: "organization_123",
+    autoJoinOrganizationSlug: undefined,
+    adminGroupIds: ["admin-a", "admin-b"],
+    memberGroupIds: ["member-a", "member-b"],
+  })
+  expect(isEntraSsoEnabled(config)).toBe(true)
+})
+
+test("does not enable provider for multi-tenant aliases, non-GUID, or partial Entra config", () => {
+  expect(normalizeEntraTenantId("common")).toBeUndefined()
+  expect(normalizeEntraTenantId("organizations")).toBeUndefined()
+  expect(normalizeEntraTenantId("consumers")).toBeUndefined()
+  expect(normalizeEntraTenantId("tenant-123")).toBeUndefined()
+  expect(isEntraSsoEnabled({
+    tenantId: normalizeEntraTenantId("common"),
+    clientId: "client-123",
+    clientSecret: "secret-123",
+  })).toBe(false)
+  expect(isEntraSsoEnabled({
+    tenantId: "00000000-0000-0000-0000-000000000123",
+    clientId: "client-123",
+  })).toBe(false)
+})
+
+test("validates fixed tenant, safe origin, and exact auto-join organization selector", () => {
+  expect(validateEntraSsoEnv({
+    DEN_ENTRA_TENANT_ID: "organizations",
+    DEN_ENTRA_CLIENT_ID: "client-123",
+    DEN_ENTRA_CLIENT_SECRET: "secret-123",
+    BETTER_AUTH_URL: "http://public.example.com",
+    DEN_BETTER_AUTH_TRUSTED_ORIGINS: "*",
+    DEN_ENTRA_AUTO_JOIN_ENABLED: "true",
+    DEN_ENTRA_AUTO_JOIN_ORG_ID: "organization_123",
+    DEN_ENTRA_AUTO_JOIN_ORG_SLUG: "platform",
+  }).map((issue) => issue.path)).toEqual([
+    "DEN_ENTRA_TENANT_ID",
+    "DEN_BETTER_AUTH_TRUSTED_ORIGINS",
+    "BETTER_AUTH_URL",
+    "DEN_ENTRA_AUTO_JOIN_ORG_ID",
+  ])
+
+  expect(validateEntraSsoEnv({
+    DEN_ENTRA_TENANT_ID: "00000000-0000-0000-0000-000000000123",
+    DEN_ENTRA_CLIENT_ID: "client-123",
+    DEN_ENTRA_CLIENT_SECRET: "secret-123",
+    BETTER_AUTH_URL: "http://192.168.1.50:3005",
+    DEN_BETTER_AUTH_TRUSTED_ORIGINS: "http://192.168.1.50:3005",
+    DEN_ENTRA_AUTO_JOIN_ENABLED: "true",
+    DEN_ENTRA_AUTO_JOIN_ORG_SLUG: "platform",
+  })).toEqual([])
+})
+
+test("rejects public HTTP trusted origins when Entra is enabled", () => {
+  expect(validateEntraSsoEnv({
+    DEN_ENTRA_TENANT_ID: "00000000-0000-0000-0000-000000000123",
+    DEN_ENTRA_CLIENT_ID: "client-123",
+    DEN_ENTRA_CLIENT_SECRET: "secret-123",
+    BETTER_AUTH_URL: "https://den.example.com",
+    DEN_BETTER_AUTH_TRUSTED_ORIGINS: "http://public.example.com",
+  }).map((issue) => issue.path)).toEqual(["DEN_BETTER_AUTH_TRUSTED_ORIGINS"])
+
+  expect(validateEntraSsoEnv({
+    DEN_ENTRA_TENANT_ID: "00000000-0000-0000-0000-000000000123",
+    DEN_ENTRA_CLIENT_ID: "client-123",
+    DEN_ENTRA_CLIENT_SECRET: "secret-123",
+    BETTER_AUTH_URL: "https://den.example.com",
+    CORS_ORIGINS: "https://den.example.com,http://public.example.com",
+  }).map((issue) => issue.path)).toEqual(["CORS_ORIGINS"])
+})
+
+test("allows local and LAN HTTP trusted origins when Entra is enabled", () => {
+  expect(validateEntraSsoEnv({
+    DEN_ENTRA_TENANT_ID: "00000000-0000-0000-0000-000000000123",
+    DEN_ENTRA_CLIENT_ID: "client-123",
+    DEN_ENTRA_CLIENT_SECRET: "secret-123",
+    BETTER_AUTH_URL: "http://localhost:3005",
+    DEN_BETTER_AUTH_TRUSTED_ORIGINS: "http://localhost:3005,http://127.0.0.1:3005,http://192.168.1.50:3005,http://den.company.local:3005",
+  })).toEqual([])
+})
+
+test("maps Entra role from token groups with admin precedence and no owner assignment", () => {
+  expect(resolveEntraSsoRole({
+    groups: ["group-admin", "group-member"],
+    adminGroupIds: ["group-admin"],
+    memberGroupIds: ["group-member"],
+  })).toBe("admin")
+
+  expect(resolveEntraSsoRole({
+    groups: ["group-member"],
+    adminGroupIds: ["group-admin"],
+    memberGroupIds: ["group-member"],
+  })).toBe("member")
+
+  expect(resolveEntraSsoRole({
+    groups: ["unmapped"],
+    adminGroupIds: ["group-admin"],
+    memberGroupIds: ["group-member"],
+  })).toBe("member")
+
+  expect(resolveEntraSsoRole({
+    groups: [],
+    adminGroupIds: ["group-admin"],
+    memberGroupIds: ["group-member"],
+  })).toBe("member")
+
+  expect(normalizeSsoAssignableRole("owner")).toBe("member")
+})
+
+test("extracts only token groups claim for Entra role mapping", () => {
+  const token = unsignedJwt({
+    groups: [" group-a ", "group-b", 42, ""],
+    roles: ["owner"],
+  })
+
+  expect(extractEntraGroupsFromIdToken(token)).toEqual(["group-a", "group-b"])
+  expect(extractEntraGroupsFromIdToken(unsignedJwt({ roles: ["admin"] }))).toEqual([])
+})
+
+test("maps Entra profile email fallback to preferred username or UPN", () => {
+  expect(mapEntraProfileToUser({
+    name: "Ada Lovelace",
+    preferred_username: "ada@example.com",
+  })).toEqual({
+    email: "ada@example.com",
+    emailVerified: true,
+    name: "Ada Lovelace",
+  })
+
+  expect(mapEntraProfileToUser({
+    oid: "00000000-0000-0000-0000-000000000001",
+  }).email).toBe("00000000-0000-0000-0000-000000000001@entra.local")
+})
+
+function createMembershipSeam(existingMember?: EntraSsoMembershipRecord | null) {
+  const calls = {
+    create: 0,
+    update: 0,
+    ensureRoles: 0,
+    resolveOrganization: 0,
+  }
+  let member = existingMember ?? null
+
+  return {
+    calls,
+    get member() {
+      return member
+    },
+    deps: {
+      resolveOrganizationId: async () => {
+        calls.resolveOrganization += 1
+        return "organization_entra"
+      },
+      getExistingMember: async () => member,
+      createMember: async (input: { role: "admin" | "member" }) => {
+        calls.create += 1
+        member = { id: "member_created", role: input.role }
+        return member
+      },
+      updateMemberRole: async (input: { role: "admin" | "member" }) => {
+        calls.update += 1
+        member = { id: member?.id ?? "member_updated", role: input.role }
+        return member
+      },
+      ensureDefaultRoles: async () => {
+        calls.ensureRoles += 1
+      },
+      isOwnerRole: (role: string) => role.split(",").includes("owner"),
+    },
+  }
+}
+
+const autoJoinConfig = {
+  autoJoinEnabled: true,
+  autoJoinOrganizationId: "organization_entra",
+  autoJoinOrganizationSlug: undefined,
+  adminGroupIds: ["group-admin"],
+  memberGroupIds: ["group-member"],
+}
+
+test("Microsoft account auto-join creates membership with mapped role", async () => {
+  const seam = createMembershipSeam()
+  const result = await ensureEntraSsoMembership({
+    userId: "user_entra",
+    providerId: "microsoft",
+    idToken: unsignedJwt({ groups: ["group-admin"] }),
+    config: autoJoinConfig,
+    deps: seam.deps,
+  })
+
+  expect(result.status).toBe("created")
+  expect(result.role).toBe("admin")
+  expect(seam.member).toEqual({ id: "member_created", role: "admin" })
+  expect(seam.calls).toEqual({
+    create: 1,
+    update: 0,
+    ensureRoles: 1,
+    resolveOrganization: 1,
+  })
+})
+
+test("Microsoft account auto-join rejects ambiguous organization selector", async () => {
+  const seam = createMembershipSeam()
+  const result = await ensureEntraSsoMembership({
+    userId: "user_entra",
+    providerId: "microsoft",
+    idToken: unsignedJwt({ groups: ["group-admin"] }),
+    config: {
+      ...autoJoinConfig,
+      autoJoinOrganizationSlug: "platform",
+    },
+    deps: seam.deps,
+  })
+
+  expect(result.status).toBe("invalid_organization_selector")
+  expect(seam.calls).toEqual({
+    create: 0,
+    update: 0,
+    ensureRoles: 0,
+    resolveOrganization: 0,
+  })
+})
+
+test("Microsoft account auto-join updates existing non-owner membership", async () => {
+  const seam = createMembershipSeam({ id: "member_existing", role: "member" })
+  const result = await ensureEntraSsoMembership({
+    userId: "user_entra",
+    providerId: "microsoft",
+    idToken: unsignedJwt({ groups: ["group-admin"] }),
+    config: autoJoinConfig,
+    deps: seam.deps,
+  })
+
+  expect(result.status).toBe("updated")
+  expect(result.role).toBe("admin")
+  expect(seam.member).toEqual({ id: "member_existing", role: "admin" })
+  expect(seam.calls.create).toBe(0)
+  expect(seam.calls.update).toBe(1)
+})
+
+test("non-Microsoft provider and email/password paths do not auto-join", async () => {
+  const githubSeam = createMembershipSeam()
+  const githubResult = await ensureEntraSsoMembership({
+    userId: "user_github",
+    providerId: "github",
+    idToken: unsignedJwt({ groups: ["group-admin"] }),
+    config: autoJoinConfig,
+    deps: githubSeam.deps,
+  })
+
+  const emailPasswordSeam = createMembershipSeam()
+  const emailPasswordResult = await ensureEntraSsoMembership({
+    userId: "user_password",
+    providerId: null,
+    idToken: null,
+    config: autoJoinConfig,
+    deps: emailPasswordSeam.deps,
+  })
+
+  expect(githubResult.status).toBe("provider_not_microsoft")
+  expect(emailPasswordResult.status).toBe("provider_not_microsoft")
+  expect(githubSeam.calls).toEqual({ create: 0, update: 0, ensureRoles: 0, resolveOrganization: 0 })
+  expect(emailPasswordSeam.calls).toEqual({ create: 0, update: 0, ensureRoles: 0, resolveOrganization: 0 })
+})
+
+test("Microsoft account auto-join preserves existing owner membership", async () => {
+  const seam = createMembershipSeam({ id: "member_owner", role: "owner" })
+  const result = await ensureEntraSsoMembership({
+    userId: "user_owner",
+    providerId: "microsoft",
+    idToken: unsignedJwt({ groups: ["group-member"] }),
+    config: autoJoinConfig,
+    deps: seam.deps,
+  })
+
+  expect(result.status).toBe("owner_preserved")
+  expect(result.role).toBe("owner")
+  expect(seam.member).toEqual({ id: "member_owner", role: "owner" })
+  expect(seam.calls.create).toBe(0)
+  expect(seam.calls.update).toBe(0)
+  expect(seam.calls.ensureRoles).toBe(1)
+})
+
+test("Microsoft account auto-join preserves existing owner even when admin group matches", async () => {
+  const seam = createMembershipSeam({ id: "member_owner", role: "owner,admin" })
+  const result = await ensureEntraSsoMembership({
+    userId: "user_owner",
+    providerId: "microsoft",
+    idToken: unsignedJwt({ groups: ["group-admin"] }),
+    config: autoJoinConfig,
+    deps: seam.deps,
+  })
+
+  expect(result.status).toBe("owner_preserved")
+  expect(result.role).toBe("owner,admin")
+  expect(seam.member).toEqual({ id: "member_owner", role: "owner,admin" })
+  expect(seam.calls.create).toBe(0)
+  expect(seam.calls.update).toBe(0)
+})
diff --git a/ee/apps/den-api/test/llm-provider-access-lifecycle.test.ts b/ee/apps/den-api/test/llm-provider-access-lifecycle.test.ts
new file mode 100644
index 0000000000..fd191273d6
--- /dev/null
+++ b/ee/apps/den-api/test/llm-provider-access-lifecycle.test.ts
@@ -0,0 +1,170 @@
+import { beforeAll, beforeEach, expect, mock, test } from "bun:test"
+import { createDenTypeId } from "@openwork-ee/utils/typeid"
+
+function seedRequiredEnv() {
+  process.env.DATABASE_URL = process.env.DATABASE_URL ?? "mysql://root:password@127.0.0.1:3306/openwork_test"
+  process.env.DEN_DB_ENCRYPTION_KEY = process.env.DEN_DB_ENCRYPTION_KEY ?? "x".repeat(32)
+  process.env.BETTER_AUTH_SECRET = process.env.BETTER_AUTH_SECRET ?? "y".repeat(32)
+  process.env.BETTER_AUTH_URL = process.env.BETTER_AUTH_URL ?? "http://127.0.0.1:8790"
+  process.env.CORS_ORIGINS = process.env.CORS_ORIGINS ?? "http://127.0.0.1:8790"
+}
+
+let queryRows: unknown[][] = []
+
+function queryFor(rows: unknown[]) {
+  const chain: any = {
+    from: () => chain,
+    innerJoin: () => chain,
+    leftJoin: () => chain,
+    where: () => chain,
+    orderBy: () => rows,
+    limit: () => rows,
+    then: (resolve: (value: unknown[]) => unknown) => resolve(rows),
+  }
+  return chain
+}
+
+let llmProviderModule: typeof import("../src/routes/org/llm-providers.js")
+
+beforeAll(async () => {
+  seedRequiredEnv()
+  mock.module("../src/db.js", () => ({
+    db: {
+      select: () => queryFor(queryRows.shift() ?? []),
+    },
+  }))
+
+  llmProviderModule = await import("../src/routes/org/llm-providers.js")
+})
+
+beforeEach(() => {
+  queryRows = []
+})
+
+test("active members remain assignable to LLM provider access", async () => {
+  const organizationId = createDenTypeId("organization")
+  const activeMemberId = createDenTypeId("member")
+  queryRows = [[{ id: activeMemberId }]]
+
+  await expect(llmProviderModule.resolveMemberIds({
+    organizationId,
+    values: [activeMemberId],
+  })).resolves.toEqual([activeMemberId])
+})
+
+test("removed members are rejected when assigning LLM provider access", async () => {
+  const organizationId = createDenTypeId("organization")
+  const removedMemberId = createDenTypeId("member")
+  queryRows = [[]]
+
+  await expect(llmProviderModule.resolveMemberIds({
+    organizationId,
+    values: [removedMemberId],
+  })).rejects.toMatchObject({
+    status: 404,
+    error: "member_not_found",
+  })
+})
+
+test("existing access rows to removed members are not returned as active grants", async () => {
+  const organizationId = createDenTypeId("organization")
+  const currentMemberId = createDenTypeId("member")
+  const activeMemberId = createDenTypeId("member")
+  const removedMemberId = createDenTypeId("member")
+  const llmProviderId = createDenTypeId("llmProvider")
+  const now = new Date("2026-06-09T00:00:00.000Z")
+
+  queryRows = [
+    [],
+    [{
+      id: llmProviderId,
+      organizationId,
+      createdByOrgMembershipId: currentMemberId,
+      source: "models_dev",
+      credentialKind: "api_key",
+      providerId: "openai",
+      name: "OpenAI",
+      providerConfig: {},
+      apiKey: "sk-test",
+      opencodeAuth: null,
+      createdAt: now,
+      updatedAt: now,
+    }],
+    [],
+    [
+      {
+        access: { id: createDenTypeId("llmProviderAccess"), llmProviderId, createdAt: now },
+        member: { id: activeMemberId, role: "member", removedAt: null },
+        user: { id: createDenTypeId("user"), name: "Active", email: "active@example.com", image: null },
+      },
+      {
+        access: { id: createDenTypeId("llmProviderAccess"), llmProviderId, createdAt: now },
+        member: { id: removedMemberId, role: "member", removedAt: new Date("2026-06-08T00:00:00.000Z") },
+        user: { id: createDenTypeId("user"), name: "Removed", email: "removed@example.com", image: null },
+      },
+    ],
+    [],
+  ]
+
+  const providers = await llmProviderModule.loadLlmProviders({
+    organizationId,
+    currentMemberId,
+    memberTeams: [],
+    isAdmin: true,
+    scope: "manageable",
+  })
+
+  expect(providers).toHaveLength(1)
+  expect(providers[0]?.access.members.map((member) => member.orgMembershipId)).toEqual([activeMemberId])
+})
+
+test("pending invited members remain visible in LLM provider access listings", async () => {
+  const organizationId = createDenTypeId("organization")
+  const currentMemberId = createDenTypeId("member")
+  const pendingMemberId = createDenTypeId("member")
+  const llmProviderId = createDenTypeId("llmProvider")
+  const now = new Date("2026-06-10T00:00:00.000Z")
+
+  queryRows = [
+    [],
+    [{
+      id: llmProviderId,
+      organizationId,
+      createdByOrgMembershipId: currentMemberId,
+      source: "models_dev",
+      credentialKind: "api_key",
+      providerId: "openai",
+      name: "OpenAI",
+      providerConfig: {},
+      apiKey: "sk-test",
+      opencodeAuth: null,
+      createdAt: now,
+      updatedAt: now,
+    }],
+    [],
+    [{
+      access: { id: createDenTypeId("llmProviderAccess"), llmProviderId, createdAt: now },
+      member: { id: pendingMemberId, role: "member", removedAt: null },
+      user: null,
+      invitation: { email: "pending@example.com" },
+    }],
+    [],
+  ]
+
+  const providers = await llmProviderModule.loadLlmProviders({
+    organizationId,
+    currentMemberId,
+    memberTeams: [],
+    isAdmin: true,
+    scope: "manageable",
+  })
+
+  expect(providers).toHaveLength(1)
+  expect(providers[0]?.access.members).toEqual([{
+    id: expect.any(String),
+    orgMembershipId: pendingMemberId,
+    role: "member",
+    user: { id: null, name: "pending@example.com", email: "pending@example.com", image: null },
+    createdAt: now,
+  }])
+})
diff --git a/ee/apps/den-api/test/llm-provider-credentials.test.ts b/ee/apps/den-api/test/llm-provider-credentials.test.ts
new file mode 100644
index 0000000000..26510c1a65
--- /dev/null
+++ b/ee/apps/den-api/test/llm-provider-credentials.test.ts
@@ -0,0 +1,73 @@
+import { beforeAll, expect, test } from "bun:test"
+import { Hono } from "hono"
+
+function seedRequiredEnv() {
+  process.env.DATABASE_URL = process.env.DATABASE_URL ?? "mysql://root:password@127.0.0.1:3306/openwork_test"
+  process.env.DEN_DB_ENCRYPTION_KEY = process.env.DEN_DB_ENCRYPTION_KEY ?? "x".repeat(32)
+  process.env.BETTER_AUTH_SECRET = process.env.BETTER_AUTH_SECRET ?? "y".repeat(32)
+  process.env.BETTER_AUTH_URL = process.env.BETTER_AUTH_URL ?? "http://127.0.0.1:8790"
+  process.env.CORS_ORIGINS = process.env.CORS_ORIGINS ?? "http://127.0.0.1:8790"
+}
+
+let llmProviderModule: typeof import("../src/routes/org/llm-providers.js")
+
+beforeAll(async () => {
+  seedRequiredEnv()
+  llmProviderModule = await import("../src/routes/org/llm-providers.js")
+})
+
+test("generic provider payload redaction removes API key and OAuth auth material", () => {
+  const redacted = llmProviderModule.redactLlmProviderCredentials({
+    id: "llmProvider_secret_123",
+    apiKey: "plain-secret",
+    opencodeAuth: JSON.stringify({ type: "oauth", access: "access", refresh: "refresh", expires: 1 }),
+  })
+
+  expect(redacted).toEqual({
+    id: "llmProvider_secret_123",
+    apiKey: undefined,
+    opencodeAuth: undefined,
+  })
+})
+
+test("credential flags expose presence only, never credential values", () => {
+  expect(llmProviderModule.getCredentialFlags({
+    credentialKind: "opencode_oauth",
+    apiKey: "plain-secret",
+    opencodeAuth: JSON.stringify({ type: "oauth", access: "access", refresh: "refresh", expires: 1 }),
+  })).toEqual({ hasApiKey: true, hasOpencodeAuth: true, hasCredential: true })
+})
+
+test("provider access serialization preserves pending invitation email", () => {
+  expect(llmProviderModule.serializeLlmProviderAccessUser({
+    user: { id: null, name: null, email: null, image: null },
+    invitation: { email: "pending@example.com" },
+  })).toEqual({
+    id: null,
+    name: null,
+    email: "pending@example.com",
+    image: null,
+  })
+})
+
+test("credential import permission gate requires organization admin role", () => {
+  const owner = { currentMember: { isOwner: true, role: "member" } }
+  const admin = { currentMember: { isOwner: false, role: "admin" } }
+  const creatorOnly = { currentMember: { isOwner: false, role: "member" } }
+
+  expect(llmProviderModule.canImportLlmProviderCredential(owner)).toBe(true)
+  expect(llmProviderModule.canImportLlmProviderCredential(admin)).toBe(true)
+  expect(llmProviderModule.canImportLlmProviderCredential(creatorOnly)).toBe(false)
+})
+
+test("purpose-specific import endpoint requires authentication", async () => {
+  const app = new Hono()
+  llmProviderModule.registerOrgLlmProviderRoutes(app)
+
+  const response = await app.request("http://den.local/v1/llm-providers/llmProvider_secret_123/import-credential", {
+    method: "GET",
+  })
+
+  expect(response.status).toBe(401)
+  await expect(response.json()).resolves.toEqual({ error: "unauthorized" })
+})
diff --git a/ee/apps/den-api/test/llm-providers-oauth.test.ts b/ee/apps/den-api/test/llm-providers-oauth.test.ts
new file mode 100644
index 0000000000..4786b321ad
--- /dev/null
+++ b/ee/apps/den-api/test/llm-providers-oauth.test.ts
@@ -0,0 +1,220 @@
+import { beforeAll, expect, test } from "bun:test"
+import { readFile } from "node:fs/promises"
+import { Hono } from "hono"
+
+function seedRequiredEnv() {
+  process.env.DATABASE_URL = process.env.DATABASE_URL ?? "mysql://root:password@127.0.0.1:3306/openwork_test"
+  process.env.DEN_DB_ENCRYPTION_KEY = process.env.DEN_DB_ENCRYPTION_KEY ?? "x".repeat(32)
+  process.env.BETTER_AUTH_SECRET = process.env.BETTER_AUTH_SECRET ?? "y".repeat(32)
+  process.env.BETTER_AUTH_URL = process.env.BETTER_AUTH_URL ?? "http://127.0.0.1:8790"
+  process.env.CORS_ORIGINS = process.env.CORS_ORIGINS ?? "http://127.0.0.1:8790"
+}
+
+let llmProviderModule: typeof import("../src/routes/org/llm-providers.js")
+
+beforeAll(async () => {
+  seedRequiredEnv()
+  llmProviderModule = await import("../src/routes/org/llm-providers.js")
+})
+
+function createRouteApp() {
+  const app = new Hono()
+  llmProviderModule.registerOrgLlmProviderRoutes(app)
+  return app
+}
+
+function jwtWithClaims(claims: Record<string, unknown>) {
+  return [
+    Buffer.from(JSON.stringify({ alg: "none" })).toString("base64url"),
+    Buffer.from(JSON.stringify(claims)).toString("base64url"),
+    "signature",
+  ].join(".")
+}
+
+test("generic provider payload redaction removes API key and OAuth auth material", () => {
+  const redacted = llmProviderModule.redactLlmProviderCredentials({
+    id: "llmProvider_secret_123",
+    apiKey: "sk-secret",
+    opencodeAuth: JSON.stringify({ type: "oauth", access: "access", refresh: "refresh", expires: 1 }),
+  })
+
+  expect(redacted).toEqual({
+    id: "llmProvider_secret_123",
+    apiKey: undefined,
+    opencodeAuth: undefined,
+  })
+})
+
+test("credential flags expose presence only, never credential values", () => {
+  expect(llmProviderModule.getCredentialFlags({
+    credentialKind: "opencode_oauth",
+    apiKey: "sk-secret",
+    opencodeAuth: JSON.stringify({ type: "oauth", access: "access", refresh: "refresh", expires: 1 }),
+  })).toEqual({ hasApiKey: true, hasOpencodeAuth: true, hasCredential: true })
+})
+
+test("OpenCode OAuth credential type rejects non-OpenAI providers", () => {
+  expect(llmProviderModule.isOpencodeOauthProviderAllowed("openai")).toBe(true)
+  expect(llmProviderModule.isOpencodeOauthProviderAllowed(" OpenAI ")).toBe(true)
+  expect(llmProviderModule.isOpencodeOauthProviderAllowed("anthropic")).toBe(false)
+  expect(llmProviderModule.isOpencodeOauthProviderAllowed(undefined)).toBe(false)
+})
+
+test("OAuth credential and import permission gates require organization admin role", () => {
+  const owner = { currentMember: { isOwner: true, role: "member" } }
+  const admin = { currentMember: { isOwner: false, role: "admin" } }
+  const creatorOnly = { currentMember: { isOwner: false, role: "member" } }
+
+  expect(llmProviderModule.canUseOpenAiOAuthCredentialFlow(owner)).toBe(true)
+  expect(llmProviderModule.canUseOpenAiOAuthCredentialFlow(admin)).toBe(true)
+  expect(llmProviderModule.canUseOpenAiOAuthCredentialFlow(creatorOnly)).toBe(false)
+  expect(llmProviderModule.canImportLlmProviderCredential(owner)).toBe(true)
+  expect(llmProviderModule.canImportLlmProviderCredential(admin)).toBe(true)
+  expect(llmProviderModule.canImportLlmProviderCredential(creatorOnly)).toBe(false)
+})
+
+test("OpenAI OAuth routes require an authenticated caller before returning credential material", async () => {
+  const app = createRouteApp()
+
+  const startResponse = await app.request("http://den.local/v1/llm-providers/openai-oauth/start", {
+    method: "POST",
+    headers: { "content-type": "application/json" },
+    body: JSON.stringify({}),
+  })
+  expect(startResponse.status).toBe(401)
+  await expect(startResponse.json()).resolves.toEqual({ error: "unauthorized" })
+
+  const completeResponse = await app.request("http://den.local/v1/llm-providers/openai-oauth/complete", {
+    method: "POST",
+    headers: { "content-type": "application/json" },
+    body: JSON.stringify({ deviceAuthId: "dev", userCode: "code" }),
+  })
+  expect(completeResponse.status).toBe(401)
+  await expect(completeResponse.json()).resolves.toEqual({ error: "unauthorized" })
+})
+
+test("purpose-specific import endpoint requires authentication", async () => {
+  const app = createRouteApp()
+  const response = await app.request("http://den.local/v1/llm-providers/llmProvider_secret_123/import-credential", {
+    method: "GET",
+  })
+
+  expect(response.status).toBe(401)
+  await expect(response.json()).resolves.toEqual({ error: "unauthorized" })
+})
+
+test("OpenAI OAuth completion reports pending authorization without tokens", async () => {
+  const originalFetch = globalThis.fetch
+  globalThis.fetch = (async () => new Response(JSON.stringify({}), { status: 403 })) as typeof fetch
+  try {
+    await expect(llmProviderModule.completeOpenAiDeviceAuth({
+      deviceAuthId: "device-pending",
+      userCode: "CODE",
+    })).rejects.toMatchObject({ error: "openai_oauth_pending", status: 409 })
+  } finally {
+    globalThis.fetch = originalFetch
+  }
+})
+
+test("OpenAI OAuth completion reports expired device authorization separately from pending", async () => {
+  const originalFetch = globalThis.fetch
+  globalThis.fetch = (async () => new Response(JSON.stringify({ error: "not_found" }), { status: 404 })) as typeof fetch
+  try {
+    await expect(llmProviderModule.completeOpenAiDeviceAuth({
+      deviceAuthId: "device-expired",
+      userCode: "CODE",
+    })).rejects.toMatchObject({ error: "openai_oauth_expired", status: 410 })
+  } finally {
+    globalThis.fetch = originalFetch
+  }
+})
+
+test("OpenAI OAuth start reports upstream failure without credential material", async () => {
+  const originalFetch = globalThis.fetch
+  globalThis.fetch = (async () => new Response(JSON.stringify({ error: "upstream" }), { status: 500 })) as typeof fetch
+  try {
+    await expect(llmProviderModule.startOpenAiDeviceAuth()).rejects.toMatchObject({
+      error: "openai_oauth_start_failed",
+      status: 502,
+    })
+  } finally {
+    globalThis.fetch = originalFetch
+  }
+})
+
+test("OpenAI OAuth completion reports token exchange failure without credential material", async () => {
+  const originalFetch = globalThis.fetch
+  globalThis.fetch = (async (input: RequestInfo | URL) => {
+    const url = String(input)
+    if (url.endsWith("/api/accounts/deviceauth/token")) {
+      return Response.json({ authorization_code: "authorization-code", code_verifier: "verifier" })
+    }
+    if (url.endsWith("/oauth/token")) {
+      return new Response(JSON.stringify({ error: "exchange_failed" }), { status: 500 })
+    }
+    return new Response("not found", { status: 404 })
+  }) as typeof fetch
+
+  try {
+    await expect(llmProviderModule.completeOpenAiDeviceAuth({
+      deviceAuthId: "device-failure",
+      userCode: "CODE",
+    })).rejects.toMatchObject({ error: "openai_oauth_complete_failed", status: 502 })
+  } finally {
+    globalThis.fetch = originalFetch
+  }
+})
+
+test("OpenAI OAuth completion returns importable OpenCode OAuth auth on success", async () => {
+  const originalFetch = globalThis.fetch
+  const calls: string[] = []
+  globalThis.fetch = (async (input: RequestInfo | URL) => {
+    const url = String(input)
+    calls.push(url)
+    if (url.endsWith("/api/accounts/deviceauth/token")) {
+      return Response.json({ authorization_code: "authorization-code", code_verifier: "verifier" })
+    }
+    if (url.endsWith("/oauth/token")) {
+      return Response.json({
+        access_token: jwtWithClaims({ chatgpt_account_id: "acct_123" }),
+        refresh_token: "refresh-token",
+        expires_in: 60,
+      })
+    }
+    return new Response("not found", { status: 404 })
+  }) as typeof fetch
+
+  try {
+    const completed = await llmProviderModule.completeOpenAiDeviceAuth({
+      deviceAuthId: "device-complete",
+      userCode: "CODE",
+    })
+    const auth = JSON.parse(completed.opencodeAuth) as Record<string, unknown>
+
+    expect(calls).toHaveLength(2)
+    expect(auth.type).toBe("oauth")
+    expect(typeof auth.access).toBe("string")
+    expect(auth.refresh).toBe("refresh-token")
+    expect(auth.accountId).toBe("acct_123")
+    expect(completed.accountId).toBe("acct_123")
+    expect(typeof auth.expires).toBe("number")
+  } finally {
+    globalThis.fetch = originalFetch
+  }
+})
+
+test("LLM provider migration journal remains valid JSON", async () => {
+  const journal = await readFile(new URL("../../../packages/den-db/drizzle/meta/_journal.json", import.meta.url), "utf8")
+  const parsed = JSON.parse(journal) as { entries?: Array<{ tag?: string }> }
+
+  expect(parsed.entries?.some((entry) => entry.tag === "0021_llm_provider_opencode_oauth")).toBe(true)
+})
+
+test("LLM provider OAuth migration snapshot metadata is present", async () => {
+  const snapshot = await readFile(new URL("../../../packages/den-db/drizzle/meta/0021_snapshot.json", import.meta.url), "utf8")
+  const parsed = JSON.parse(snapshot) as { tables?: Record<string, { columns?: Record<string, unknown> }> }
+  const llmProviderColumns = parsed.tables?.llm_provider?.columns ?? {}
+
+  expect("credential_kind" in llmProviderColumns).toBe(true)
+  expect("opencode_auth" in llmProviderColumns).toBe(true)
+})
diff --git a/ee/apps/den-api/test/managed-provider-sync.test.ts b/ee/apps/den-api/test/managed-provider-sync.test.ts
new file mode 100644
index 0000000000..3898df8ec5
--- /dev/null
+++ b/ee/apps/den-api/test/managed-provider-sync.test.ts
@@ -0,0 +1,153 @@
+import { beforeAll, expect, test } from "bun:test"
+import { Hono } from "hono"
+import { createDenTypeId } from "@openwork-ee/utils/typeid"
+import { paramValidator } from "../src/middleware/validation.js"
+
+function seedRequiredEnv() {
+  process.env.DATABASE_URL = process.env.DATABASE_URL ?? "mysql://root:password@127.0.0.1:3306/openwork_test"
+  process.env.DEN_DB_ENCRYPTION_KEY = process.env.DEN_DB_ENCRYPTION_KEY ?? "x".repeat(32)
+  process.env.BETTER_AUTH_SECRET = process.env.BETTER_AUTH_SECRET ?? "y".repeat(32)
+  process.env.BETTER_AUTH_URL = process.env.BETTER_AUTH_URL ?? "http://127.0.0.1:8790"
+  process.env.CORS_ORIGINS = process.env.CORS_ORIGINS ?? "http://127.0.0.1:8790"
+}
+
+let managedProviderModule: typeof import("../src/routes/workers/managed-providers.js")
+let workersSharedModule: typeof import("../src/routes/workers/shared.js")
+
+beforeAll(async () => {
+  seedRequiredEnv()
+  managedProviderModule = await import("../src/routes/workers/managed-providers.js")
+  workersSharedModule = await import("../src/routes/workers/shared.js")
+})
+
+function createApp(input: {
+  role?: string
+  isOwner?: boolean
+  listProviders?: Parameters<typeof managedProviderModule.registerManagedProviderSyncRoutes>[1]["listProviders"]
+  pushRuntime?: Parameters<typeof managedProviderModule.registerManagedProviderSyncRoutes>[1]["pushRuntime"]
+}) {
+  const app = new Hono()
+  const orgId = createDenTypeId("organization")
+  const workerId = createDenTypeId("worker")
+  const provider = {
+    id: createDenTypeId("llmProvider"),
+    providerId: "anthropic",
+    name: "Anthropic",
+    source: "models_dev" as const,
+    credentialKind: "api_key" as const,
+    providerConfig: { id: "anthropic", name: "Anthropic", env: ["ANTHROPIC_API_KEY"], npm: "@ai-sdk/anthropic" },
+    models: [{ id: "claude", name: "Claude", config: { id: "claude" } }],
+    apiKey: "plain-provider-secret-den-test",
+    revision: "rev-1",
+  }
+  managedProviderModule.registerManagedProviderSyncRoutes(app as never, {
+    middlewares: [
+      async (c, next) => {
+        c.set("activeOrganizationId", orgId)
+        c.set("organizationContext", {
+          organization: { id: orgId },
+          currentMember: { id: createDenTypeId("member"), userId: createDenTypeId("user"), role: input.role ?? "admin", isOwner: input.isOwner ?? false },
+        })
+        await next()
+      },
+      paramValidator(workersSharedModule.workerIdParamSchema),
+    ] as never,
+    getWorker: async (id, activeOrgId) => id === workerId && activeOrgId === orgId ? { id } : null,
+    listProviders: input.listProviders ?? (async () => [provider]),
+    pushRuntime: input.pushRuntime ?? (async () => ({ ok: true, status: 200, payload: { status: "applied" } })),
+  })
+  return { app, workerId, provider }
+}
+
+test("managed provider sync rejects non-admin members", async () => {
+  const { app, workerId } = createApp({ role: "member" })
+  const response = await app.request(`http://den.local/v1/workers/${workerId}/managed-providers/sync`, { method: "POST" })
+  expect(response.status).toBe(403)
+})
+
+test("managed provider sync sends credentials only to worker runtime and redacts response", async () => {
+  const calls: unknown[] = []
+  const { app, workerId, provider } = createApp({
+    pushRuntime: async (_workerId, payload) => {
+      calls.push(payload)
+      return { ok: true, status: 200, payload: { status: "applied", apiKey: provider.apiKey } }
+    },
+  })
+
+  const response = await app.request(`http://den.local/v1/workers/${workerId}/managed-providers/sync`, { method: "POST" })
+  expect(response.status).toBe(200)
+  const body = await response.json()
+  expect(JSON.stringify(body)).not.toContain("plain-provider-secret")
+  expect(JSON.stringify(calls[0])).toContain("plain-provider-secret-den-test")
+  expect(body).toMatchObject({ status: "applied", providerCount: 1 })
+})
+
+test("managed provider sync sanitizes worker failures", async () => {
+  const { app, workerId } = createApp({
+    pushRuntime: async () => ({ ok: false, status: 500, payload: { message: "failed with plain-provider-secret-den-test access-token-den refresh-token-den" } }),
+  })
+  const response = await app.request(`http://den.local/v1/workers/${workerId}/managed-providers/sync`, { method: "POST" })
+  expect(response.status).toBe(502)
+  const body = await response.json()
+  expect(body.status).toBe("failed")
+  expect(JSON.stringify(body)).not.toContain("plain-provider-secret")
+  expect(JSON.stringify(body)).not.toContain("access-token-den")
+  expect(JSON.stringify(body)).not.toContain("refresh-token-den")
+  expect(body.reason).toBe("Worker provider sync failed.")
+})
+
+test("managed provider sync pushes an empty provider set so workers remove revoked providers", async () => {
+  let called = false
+  const { app, workerId } = createApp({
+    listProviders: async () => [],
+    pushRuntime: async (_workerId, payload) => {
+      called = true
+      expect(payload).toEqual({ providers: [], revision: "empty" })
+      return { ok: true, status: 200, payload: { status: "applied" } }
+    },
+  })
+
+  const response = await app.request(`http://den.local/v1/workers/${workerId}/managed-providers/sync`, { method: "POST" })
+  expect(response.status).toBe(200)
+  await expect(response.json()).resolves.toEqual({ status: "applied", providerCount: 0, revision: "empty" })
+  expect(called).toBe(true)
+})
+
+test("managed provider sync reports missing worker as not found", async () => {
+  const { app } = createApp({ role: "admin" })
+  const missingWorker = createDenTypeId("worker")
+  const response = await app.request(`http://den.local/v1/workers/${missingWorker}/managed-providers/sync`, { method: "POST" })
+  expect(response.status).toBe(404)
+})
+
+test("managed provider revision is stable and redaction helper removes token-shaped secrets", () => {
+  expect(managedProviderModule.computeManagedProviderRevision([{ id: "b", revision: "2" }, { id: "a", revision: "1" }])).toBe("a:1|b:2")
+  expect(managedProviderModule.sanitizeManagedProviderSyncFailure({ message: "bad plain-secret access-token refresh-token" })).toBe("Worker provider sync failed.")
+})
+
+test("managed provider runtime sync targets only current healthy worker instances", () => {
+  expect(workersSharedModule.isWorkerRuntimeSyncTarget({
+    workerStatus: "healthy",
+    instanceStatus: "healthy",
+    instanceUrl: "https://worker.example.com",
+    hostToken: "host-token",
+  })).toBe(true)
+  expect(workersSharedModule.isWorkerRuntimeSyncTarget({
+    workerStatus: "failed",
+    instanceStatus: "healthy",
+    instanceUrl: "https://worker.example.com",
+    hostToken: "host-token",
+  })).toBe(false)
+  expect(workersSharedModule.isWorkerRuntimeSyncTarget({
+    workerStatus: "healthy",
+    instanceStatus: "failed",
+    instanceUrl: "https://stale-reservation.example.com",
+    hostToken: "host-token",
+  })).toBe(false)
+  expect(workersSharedModule.isWorkerRuntimeSyncTarget({
+    workerStatus: "healthy",
+    instanceStatus: "healthy",
+    instanceUrl: "",
+    hostToken: "host-token",
+  })).toBe(false)
+})
diff --git a/ee/apps/den-api/test/org-invitation-lifecycle.test.ts b/ee/apps/den-api/test/org-invitation-lifecycle.test.ts
new file mode 100644
index 0000000000..a9cbfc154d
--- /dev/null
+++ b/ee/apps/den-api/test/org-invitation-lifecycle.test.ts
@@ -0,0 +1,249 @@
+import { beforeAll, beforeEach, expect, mock, test } from "bun:test"
+import { createDenTypeId } from "@openwork-ee/utils/typeid"
+
+function seedRequiredEnv() {
+  process.env.DATABASE_URL = process.env.DATABASE_URL ?? "mysql://root:password@127.0.0.1:3306/openwork_test"
+  process.env.DEN_DB_ENCRYPTION_KEY = process.env.DEN_DB_ENCRYPTION_KEY ?? "x".repeat(32)
+  process.env.BETTER_AUTH_SECRET = process.env.BETTER_AUTH_SECRET ?? "y".repeat(32)
+  process.env.BETTER_AUTH_URL = process.env.BETTER_AUTH_URL ?? "http://127.0.0.1:8790"
+  process.env.CORS_ORIGINS = process.env.CORS_ORIGINS ?? "http://127.0.0.1:8790"
+}
+
+let queryRows: unknown[][] = []
+let operations: Array<{ type: "insert" | "update"; value: any }> = []
+let hookCalls: Array<{ organizationId: string; memberId: string; change: "added" | "removed" }> = []
+let whereInputs: unknown[] = []
+
+function queryFor(rows: unknown[]) {
+  const chain: any = {
+    from: () => chain,
+    innerJoin: () => chain,
+    where: (input: unknown) => {
+      whereInputs.push(input)
+      return chain
+    },
+    orderBy: () => rows,
+    limit: () => rows,
+    then: (resolve: (value: unknown[]) => unknown) => resolve(rows),
+  }
+  return chain
+}
+
+function conditionReferencesRemovedAt(input: unknown, seen = new Set<unknown>()): boolean {
+  if (input === null || input === undefined) return false
+  if (typeof input === "string") return input.includes("removedAt") || input.includes("removed_at")
+  if (typeof input !== "object" && typeof input !== "function") return false
+  if (seen.has(input)) return false
+  seen.add(input)
+
+  const record = input as Record<PropertyKey, unknown>
+  for (const key of Reflect.ownKeys(input)) {
+    const keyText = String(key)
+    if (keyText.includes("removedAt") || keyText.includes("removed_at")) return true
+    try {
+      if (conditionReferencesRemovedAt(record[key], seen)) return true
+    } catch {}
+  }
+
+  return false
+}
+
+function writeResult() {
+  return {
+    onDuplicateKeyUpdate: () => Promise.resolve(),
+    then: (resolve: (value: undefined) => unknown) => Promise.resolve().then(() => resolve(undefined)),
+  }
+}
+
+mock.module("../src/db.js", () => ({
+  db: {
+    select: () => queryFor(queryRows.shift() ?? []),
+    insert: () => ({
+      values: (value: any) => {
+        operations.push({ type: "insert", value })
+        return writeResult()
+      },
+    }),
+    update: () => ({
+      set: (value: any) => ({
+        where: () => {
+          operations.push({ type: "update", value })
+          return Promise.resolve()
+        },
+      }),
+    }),
+    transaction: async (callback: (tx: unknown) => Promise<void>) => callback({
+      delete: () => ({
+        where: () => Promise.resolve(),
+      }),
+      update: () => ({
+        set: (value: any) => ({
+          where: () => {
+            operations.push({ type: "update", value })
+            return Promise.resolve()
+          },
+        }),
+      }),
+    }),
+  },
+}))
+
+mock.module("../src/organization-member-hooks.js", () => ({
+  runPostOrganizationMemberChangeHooks: (input: { organizationId: string; memberId: string; change: "added" | "removed" }) => {
+    hookCalls.push(input)
+    return Promise.resolve()
+  },
+}))
+
+let orgsModule: typeof import("../src/orgs.js")
+
+beforeAll(async () => {
+  seedRequiredEnv()
+  orgsModule = await import("../src/orgs.js")
+})
+
+beforeEach(() => {
+  queryRows = []
+  operations = []
+  hookCalls = []
+  whereInputs = []
+})
+
+test("invitation preview resolves an invite token", async () => {
+  const invitationId = createDenTypeId("invitation")
+  const organizationId = createDenTypeId("organization")
+  const expiresAt = new Date(Date.now() + 60_000)
+  const createdAt = new Date("2026-06-09T00:00:00.000Z")
+  queryRows = [[{
+    invitation: {
+      id: invitationId,
+      email: "teammate@example.com",
+      role: "member",
+      status: "pending",
+      expiresAt,
+      createdAt,
+    },
+    organization: {
+      id: organizationId,
+      name: "Demo Org",
+      slug: "demo-org",
+      allowedEmailDomains: null,
+    },
+  }]]
+
+  const preview = await orgsModule.getInvitationPreview("invite-token-123")
+
+  expect(preview?.invitation.id).toBe(invitationId)
+  expect(preview?.invitation.status).toBe("pending")
+  expect(preview?.organization.id).toBe(organizationId)
+})
+
+test("accept by invite token claims placeholder member and emits the acceptance lifecycle hook", async () => {
+  const invitationId = createDenTypeId("invitation")
+  const organizationId = createDenTypeId("organization")
+  const userId = createDenTypeId("user")
+  const placeholderMemberId = createDenTypeId("member")
+  const teamId = createDenTypeId("team")
+  const teamMemberId = createDenTypeId("teamMember")
+  const invitation = {
+    id: invitationId,
+    email: "teammate@example.com",
+    role: "member",
+    organizationId,
+    status: "pending",
+    expiresAt: new Date(Date.now() + 60_000),
+    teamId,
+  }
+  const claimedMember = {
+    id: placeholderMemberId,
+    organizationId,
+    userId,
+    inviteId: invitationId,
+    invitedByOrgMember: null,
+    role: "member",
+    joinedAt: new Date("2026-06-09T00:00:00.000Z"),
+    removedAt: null,
+    removedByOrgMember: null,
+    createdAt: new Date("2026-06-08T00:00:00.000Z"),
+  }
+  queryRows = [
+    [invitation],
+    [{ allowedEmailDomains: null }],
+    [{ role: "member" }, { role: "admin" }],
+    [],
+    [{ id: placeholderMemberId }],
+    [claimedMember],
+    [{ id: teamId }],
+    [{ id: teamMemberId }],
+  ]
+
+  const accepted = await orgsModule.acceptInvitationForUser({
+    userId,
+    email: "teammate@example.com",
+    invitationId: "invite-token-123",
+  })
+
+  expect(accepted?.member.id).toBe(placeholderMemberId)
+  expect(accepted?.member.userId).toBe(userId)
+  expect(operations.some((operation) => operation.type === "insert" && operation.value?.userId === userId)).toBe(false)
+  expect(operations.some((operation) => operation.type === "insert" && operation.value?.orgMembershipId === placeholderMemberId)).toBe(false)
+  expect(operations.some((operation) => operation.type === "update" && operation.value?.status === "accepted")).toBe(true)
+  expect(operations.some((operation) => operation.type === "update" && operation.value?.userId === userId)).toBe(true)
+  expect(hookCalls).toEqual([{ organizationId, memberId: placeholderMemberId, change: "added" }])
+})
+
+test("accept by invite token does not emit duplicate member hooks for existing active members", async () => {
+  const invitationId = createDenTypeId("invitation")
+  const organizationId = createDenTypeId("organization")
+  const userId = createDenTypeId("user")
+  const existingMemberId = createDenTypeId("member")
+  const invitation = {
+    id: invitationId,
+    email: "teammate@example.com",
+    role: "member",
+    organizationId,
+    status: "pending",
+    expiresAt: new Date(Date.now() + 60_000),
+    teamId: null,
+  }
+  const existingMember = {
+    id: existingMemberId,
+    organizationId,
+    userId,
+    inviteId: null,
+    invitedByOrgMember: null,
+    role: "member",
+    joinedAt: new Date("2026-06-09T00:00:00.000Z"),
+    removedAt: null,
+    removedByOrgMember: null,
+    createdAt: new Date("2026-06-08T00:00:00.000Z"),
+  }
+  queryRows = [
+    [invitation],
+    [{ allowedEmailDomains: null }],
+    [{ role: "member" }, { role: "admin" }],
+    [existingMember],
+  ]
+
+  const accepted = await orgsModule.acceptInvitationForUser({
+    userId,
+    email: "teammate@example.com",
+    invitationId: "invite-token-123",
+  })
+
+  expect(accepted?.member.id).toBe(existingMemberId)
+  expect(hookCalls).toEqual([])
+})
+
+test("member removal targets active members only and repeated removals emit no hook", async () => {
+  const organizationId = createDenTypeId("organization")
+  const memberId = createDenTypeId("member")
+  queryRows = [[]]
+
+  const removed = await orgsModule.removeOrganizationMember({ organizationId, memberId })
+
+  expect(removed).toBeNull()
+  expect(operations).toEqual([])
+  expect(hookCalls).toEqual([])
+  expect(whereInputs.some((input) => conditionReferencesRemovedAt(input))).toBe(true)
+})
diff --git a/ee/apps/den-api/test/org-invitations.test.ts b/ee/apps/den-api/test/org-invitations.test.ts
index ea09aa1c5b..0a478a62d3 100644
--- a/ee/apps/den-api/test/org-invitations.test.ts
+++ b/ee/apps/den-api/test/org-invitations.test.ts
@@ -11,12 +11,16 @@ function seedRequiredEnv() {
 
 let invitationModule: typeof import("../src/routes/org/invitations.js")
 let orgRoutesModule: typeof import("../src/routes/org/index.js")
+let orgsModule: typeof import("../src/orgs.js")
+let authModule: typeof import("../src/auth.js")
 let userOrganizationsModule: typeof import("../src/middleware/user-organizations.js")
 
 beforeAll(async () => {
   seedRequiredEnv()
   invitationModule = await import("../src/routes/org/invitations.js")
   orgRoutesModule = await import("../src/routes/org/index.js")
+  orgsModule = await import("../src/orgs.js")
+  authModule = await import("../src/auth.js")
   userOrganizationsModule = await import("../src/middleware/user-organizations.js")
 })
 
@@ -74,6 +78,23 @@ test("invitation cancel still validates against the unscoped handler", async ()
   await expect(response.json()).resolves.toEqual({ error: "unauthorized" })
 })
 
+test("invitation lookup accepts both invitation IDs and invite tokens", () => {
+  const invitationId = "inv_01j00000000000000000000000"
+  expect(orgsModule.parseInvitationLookupIdentifier(invitationId)).toEqual({
+    invitationId,
+    inviteToken: invitationId,
+  })
+  expect(orgsModule.parseInvitationLookupIdentifier(" invite-token-123 ")).toEqual({
+    invitationId: null,
+    inviteToken: "invite-token-123",
+  })
+})
+
+test("dev sign-up rate limit remains higher than production", () => {
+  expect(authModule.getSignUpEmailRateLimitMax(true)).toBe(100)
+  expect(authModule.getSignUpEmailRateLimitMax(false)).toBe(3)
+})
+
 test("session hydration only runs when a user session is missing an active organization", () => {
   expect(userOrganizationsModule.shouldHydrateSessionActiveOrganization({
     scopedOrganizationId: null,
diff --git a/ee/apps/den-api/test/provisioner-static.test.ts b/ee/apps/den-api/test/provisioner-static.test.ts
new file mode 100644
index 0000000000..408d4eb635
--- /dev/null
+++ b/ee/apps/den-api/test/provisioner-static.test.ts
@@ -0,0 +1,765 @@
+import { afterAll, beforeAll, expect, test } from "bun:test"
+import { Hono } from "hono"
+import { jsonValidator } from "../src/middleware/validation.js"
+import { WorkerInstanceTable, WorkerTable, WorkerTokenTable } from "@openwork-ee/den-db/schema"
+import { createDenTypeId } from "@openwork-ee/utils/typeid"
+import type { ProvisionedInstance, StaticWorkerConfig } from "../src/workers/provisioner.js"
+
+function seedRequiredEnv() {
+  process.env.DATABASE_URL = process.env.DATABASE_URL ?? "mysql://root:password@127.0.0.1:3306/openwork_test"
+  process.env.DEN_DB_ENCRYPTION_KEY = process.env.DEN_DB_ENCRYPTION_KEY ?? "x".repeat(32)
+  process.env.BETTER_AUTH_SECRET = process.env.BETTER_AUTH_SECRET ?? "y".repeat(32)
+  process.env.BETTER_AUTH_URL = process.env.BETTER_AUTH_URL ?? "http://127.0.0.1:8790"
+  process.env.CORS_ORIGINS = process.env.CORS_ORIGINS ?? "http://127.0.0.1:8790"
+  process.env.PROVISIONER_MODE = "static"
+  process.env.STATIC_WORKER_URLS = process.env.STATIC_WORKER_URLS ?? "http://127.0.0.1:8787"
+  process.env.STATIC_WORKER_ATTACH_ALLOW_PRIVATE = "true"
+}
+
+let provisionerModule: typeof import("../src/workers/provisioner.js")
+let envModule: typeof import("../src/env.js")
+let workersSharedModule: typeof import("../src/routes/workers/shared.js")
+let workersCoreModule: typeof import("../src/routes/workers/core.js")
+let server: ReturnType<typeof Bun.serve>
+let staticWorkerUrl: string
+
+function staticWorkerConfig(overrides: Partial<StaticWorkerConfig> = {}): StaticWorkerConfig {
+  return {
+    urls: [staticWorkerUrl],
+    healthPath: "/health",
+    healthcheckTimeoutMs: 1000,
+    healthcheckIntervalMs: 10,
+    reservationTtlMs: 0,
+    ...overrides,
+  }
+}
+
+function createFakeStaticAttachStore() {
+  const instances: Array<Record<string, unknown>> = []
+  const workers: Array<Record<string, unknown>> = []
+  const tokens: Array<Record<string, unknown>> = []
+  const selectedUrl = { value: "" }
+
+  const data = {
+    select() {
+      return {
+        from(table: unknown) {
+          return {
+            where() {
+              return {
+                async limit() {
+                  if (table !== WorkerInstanceTable) {
+                    return []
+                  }
+                  return instances
+                    .filter((entry) => entry.provider === "static"
+                      && entry.url === selectedUrl.value
+                      && (entry.status === "provisioning" || entry.status === "healthy"))
+                    .map((entry) => ({ id: entry.id }))
+                },
+              }
+            },
+          }
+        },
+      }
+    },
+    insert(table: unknown) {
+      return {
+        async values(value: unknown) {
+          const values = Array.isArray(value) ? value : [value]
+          if (table === WorkerInstanceTable) {
+            instances.push(...values as Record<string, unknown>[])
+            selectedUrl.value = String((values[0] as Record<string, unknown>).url ?? "")
+          } else if (table === WorkerTokenTable) {
+            tokens.push(...values as Record<string, unknown>[])
+          } else if (table === WorkerTable) {
+            workers.push(...values as Record<string, unknown>[])
+          }
+        },
+      }
+    },
+  }
+
+  return { data, instances, workers, tokens, selectedUrl }
+}
+
+function createStaticAttachRouteApp(input: {
+  role?: string
+  isOwner?: boolean
+  store?: ReturnType<typeof createFakeStaticAttachStore>
+  fetchReachable?: typeof workersCoreModule.assertStaticWorkerReachable
+  lookup?: Parameters<typeof workersSharedModule.validateResolvedStaticWorkerAttachUrl>[2]
+}) {
+  const app = new Hono()
+  const store = input.store ?? createFakeStaticAttachStore()
+  const userId = createDenTypeId("user")
+  const orgId = createDenTypeId("organization")
+  const memberId = createDenTypeId("member")
+
+  workersCoreModule.registerStaticWorkerAttachRoute(app as never, {
+    data: store.data as never,
+    lookup: input.lookup ?? (async () => [{ address: "203.0.113.10", family: 4 }]),
+    fetchReachable: input.fetchReachable ?? (async () => undefined),
+    getWorkerLimit: async () => ({ exceeded: false, limit: 10, currentCount: 0 }),
+    lock: async (run) => run(store.data as never),
+    middlewares: [
+      async (c, next) => {
+        c.set("user", { id: userId, email: "admin@example.com", name: "Admin" })
+        c.set("activeOrganizationId", orgId)
+        c.set("organizationContext", {
+          organization: { id: orgId },
+          currentMember: {
+            id: memberId,
+            userId,
+            role: input.role ?? "admin",
+            createdAt: new Date(),
+            isOwner: input.isOwner ?? false,
+          },
+        })
+        await next()
+      },
+      jsonValidator(workersSharedModule.attachStaticWorkerSchema),
+    ] as never,
+  })
+  return { app, store }
+}
+
+async function postStaticAttach(app: Hono, overrides: Record<string, unknown> = {}) {
+  return app.request("http://den.local/v1/workers/static-attach", {
+    method: "POST",
+    headers: { "content-type": "application/json" },
+    body: JSON.stringify({
+      name: "Static Attach Route Worker",
+      url: "http://worker.example.com",
+      clientToken: "valid-client-token",
+      hostToken: "valid-host-token",
+      ...overrides,
+    }),
+  })
+}
+
+beforeAll(async () => {
+  seedRequiredEnv()
+  server = Bun.serve({
+    port: 0,
+    fetch(request) {
+      const url = new URL(request.url)
+      const authorization = request.headers.get("authorization")
+      const hostToken = request.headers.get("x-openwork-host-token")
+      if (url.pathname === "/health") {
+        return Response.json({ ok: true })
+      }
+      if (url.pathname === "/workspaces") {
+        return authorization === "Bearer valid-client-token"
+          ? Response.json({ items: [], activeId: null })
+          : Response.json({ error: "unauthorized" }, { status: 401 })
+      }
+      if (url.pathname === "/env/keys") {
+        return hostToken === "valid-host-token"
+          ? Response.json({ keys: [] })
+          : Response.json({ error: "forbidden" }, { status: 403 })
+      }
+      if (url.pathname === "/redirect-workspaces") {
+        return new Response(null, { status: 302, headers: { location: "/workspaces" } })
+      }
+      if (url.pathname === "/hang-health") {
+        return new Promise<Response>(() => {})
+      }
+      return new Response("not found", { status: 404 })
+    },
+  })
+  staticWorkerUrl = `http://127.0.0.1:${server.port}`
+  envModule = await import("../src/env.js")
+  provisionerModule = await import("../src/workers/provisioner.js")
+  workersSharedModule = await import("../src/routes/workers/shared.js")
+  workersCoreModule = await import("../src/routes/workers/core.js")
+})
+
+afterAll(() => {
+  server.stop(true)
+})
+
+test("static provisioner assigns a configured healthy worker URL", async () => {
+  const provisioned = await provisionerModule.provisionStaticWorker(
+    {
+      workerId: "worker_static_health_123",
+      name: "Static Health",
+      hostToken: "host-token",
+      clientToken: "client-token",
+      activityToken: "activity-token",
+    },
+    staticWorkerConfig(),
+  )
+
+  expect(provisioned).toEqual({
+    provider: "static",
+    region: "on-prem",
+    status: "healthy",
+    url: staticWorkerUrl,
+  })
+})
+
+test("static provisioner skips URLs already assigned to active workers", async () => {
+  const provisioned = await provisionerModule.provisionStaticWorker(
+    {
+      workerId: "worker_static_available_url_123",
+      name: "Static Available URL",
+      hostToken: "host-token",
+      clientToken: "client-token",
+      activityToken: "activity-token",
+      unavailableStaticWorkerUrls: ["http://127.0.0.1:1/"],
+    },
+    staticWorkerConfig({
+      urls: ["http://127.0.0.1:1/", staticWorkerUrl],
+    }),
+  )
+
+  expect(provisioned.url).toBe(staticWorkerUrl)
+  expect(provisioned.status).toBe("healthy")
+})
+
+test("static provisioner fails clearly when every configured URL is already active", async () => {
+  await expect(provisionerModule.provisionStaticWorker(
+    {
+      workerId: "worker_static_exhausted_123",
+      name: "Static Exhausted",
+      hostToken: "host-token",
+      clientToken: "client-token",
+      activityToken: "activity-token",
+      unavailableStaticWorkerUrls: [staticWorkerUrl],
+    },
+    staticWorkerConfig({
+      urls: [staticWorkerUrl],
+    }),
+  )).rejects.toThrow("No available static worker URL remains")
+})
+
+test("static selector exhausts against DB-recomputed active normalized URLs", () => {
+  expect(() => provisionerModule.selectStaticWorkerUrlFromPool(
+    "worker_static_db_active_exhausted_123",
+    staticWorkerConfig({
+      urls: [staticWorkerUrl],
+      unavailableUrls: [`${staticWorkerUrl}/`],
+    }),
+  )).toThrow("No available static worker URL remains")
+})
+
+test("static selector allows failed or stopped URLs when DB active set excludes them", () => {
+  const selected = provisionerModule.selectStaticWorkerUrlFromPool(
+    "worker_static_db_failed_reuse_123",
+    staticWorkerConfig({
+      urls: [staticWorkerUrl],
+      unavailableUrls: [],
+    }),
+  )
+
+  expect(selected).toBe(staticWorkerUrl)
+})
+
+test("static DB assignment lock releases only after reservation transaction completes", async () => {
+  const events: string[] = []
+  const result = await workersSharedModule.withStaticAssignmentLockUsing({
+    pool: {
+      async getConnection() {
+        return {
+          async query(statement: string) {
+            if (statement.includes("GET_LOCK")) {
+              events.push("lock:acquired")
+              return [[{ acquired: 1 }], []]
+            }
+            if (statement.includes("RELEASE_LOCK")) {
+              events.push("lock:released")
+              return [[{}], []]
+            }
+            throw new Error(`unexpected query: ${statement}`)
+          },
+          release() {
+            events.push("connection:released")
+          },
+        }
+      },
+    },
+    async transaction(run) {
+      events.push("transaction:started")
+      const value = await run({} as never)
+      events.push("transaction:committed")
+      return value
+    },
+    async run() {
+      events.push("reservation:inserted")
+      return "reserved"
+    },
+  })
+
+  expect(result).toBe("reserved")
+  expect(events).toEqual([
+    "lock:acquired",
+    "transaction:started",
+    "reservation:inserted",
+    "transaction:committed",
+    "lock:released",
+    "connection:released",
+  ])
+})
+
+test("static attach permission gate allows owners and admins only", () => {
+  expect(workersSharedModule.canAttachStaticWorkerForMember({ currentMember: { isOwner: true, role: "member" } })).toBe(true)
+  expect(workersSharedModule.canAttachStaticWorkerForMember({ currentMember: { isOwner: false, role: "admin" } })).toBe(true)
+  expect(workersSharedModule.canAttachStaticWorkerForMember({ currentMember: { isOwner: false, role: "member" } })).toBe(false)
+})
+
+test("static attach route requires authentication", async () => {
+  const app = new Hono()
+  workersCoreModule.registerWorkerCoreRoutes(app)
+
+  const response = await app.request("http://den.local/v1/workers/static-attach", {
+    method: "POST",
+    headers: { "content-type": "application/json" },
+    body: JSON.stringify({ name: "Static", url: staticWorkerUrl, clientToken: "valid-client-token", hostToken: "valid-host-token" }),
+  })
+
+  expect(response.status).toBe(401)
+  await expect(response.json()).resolves.toEqual({ error: "unauthorized" })
+})
+
+test("static attach route succeeds for organization admin without token echo", async () => {
+  const { app, store } = createStaticAttachRouteApp({ role: "admin" })
+  const response = await postStaticAttach(app)
+  const payload = await response.json() as Record<string, unknown>
+
+  expect(response.status).toBe(201)
+  expect(payload.worker).toBeTruthy()
+  expect(payload.instance).toBeTruthy()
+  expect(JSON.stringify(payload).includes("valid-client-token")).toBe(false)
+  expect(JSON.stringify(payload).includes("valid-host-token")).toBe(false)
+  expect(store.tokens.map((entry) => entry.scope).sort()).toEqual(["activity", "client", "host"])
+})
+
+test("static attach route rejects ordinary organization members", async () => {
+  const { app } = createStaticAttachRouteApp({ role: "member", isOwner: false })
+  const response = await postStaticAttach(app)
+
+  expect(response.status).toBe(403)
+  await expect(response.json()).resolves.toMatchObject({ error: "forbidden" })
+})
+
+test("static attach route rejects duplicate URLs before verification", async () => {
+  const store = createFakeStaticAttachStore()
+  store.instances.push({ id: "existing", provider: "static", url: "http://worker.example.com", status: "healthy" })
+  store.selectedUrl.value = "http://worker.example.com"
+  const { app } = createStaticAttachRouteApp({ store })
+  const response = await postStaticAttach(app)
+
+  expect(response.status).toBe(409)
+  await expect(response.json()).resolves.toMatchObject({ error: "worker_url_already_attached" })
+})
+
+test("static attach route re-checks duplicate URL inside lock before insert", async () => {
+  const store = createFakeStaticAttachStore()
+  const app = new Hono()
+  workersCoreModule.registerStaticWorkerAttachRoute(app as never, {
+    data: store.data as never,
+    lookup: async () => [{ address: "203.0.113.10", family: 4 }],
+    fetchReachable: async () => undefined,
+    getWorkerLimit: async () => ({ exceeded: false, limit: 10, currentCount: 0 }),
+    lock: async (run) => {
+      store.instances.push({ id: "raced", provider: "static", url: "http://worker.example.com", status: "healthy" })
+      store.selectedUrl.value = "http://worker.example.com"
+      return run(store.data as never)
+    },
+    middlewares: [
+      async (c, next) => {
+        const userId = createDenTypeId("user")
+        const orgId = createDenTypeId("organization")
+        c.set("user", { id: userId, email: "admin@example.com" })
+        c.set("activeOrganizationId", orgId)
+        c.set("organizationContext", { currentMember: { id: createDenTypeId("member"), userId, role: "admin", createdAt: new Date(), isOwner: false } })
+        await next()
+      },
+      jsonValidator(workersSharedModule.attachStaticWorkerSchema),
+    ] as never,
+  })
+
+  const response = await postStaticAttach(app)
+  expect(response.status).toBe(409)
+  expect(store.workers).toHaveLength(0)
+})
+
+test("static attach route checks worker quota inside lock before insert", async () => {
+  const store = createFakeStaticAttachStore()
+  let lockActive = false
+  let quotaCheckedInsideLock = false
+  const app = new Hono()
+  workersCoreModule.registerStaticWorkerAttachRoute(app as never, {
+    data: store.data as never,
+    lookup: async () => [{ address: "203.0.113.10", family: 4 }],
+    fetchReachable: async () => undefined,
+    getWorkerLimit: async () => {
+      quotaCheckedInsideLock = lockActive
+      return { exceeded: true, limit: 1, currentCount: 1 }
+    },
+    lock: async (run) => {
+      lockActive = true
+      try {
+        return await run(store.data as never)
+      } finally {
+        lockActive = false
+      }
+    },
+    middlewares: [
+      async (c, next) => {
+        const userId = createDenTypeId("user")
+        const orgId = createDenTypeId("organization")
+        c.set("user", { id: userId, email: "admin@example.com" })
+        c.set("activeOrganizationId", orgId)
+        c.set("organizationContext", { currentMember: { id: createDenTypeId("member"), userId, role: "admin", createdAt: new Date(), isOwner: false } })
+        await next()
+      },
+      jsonValidator(workersSharedModule.attachStaticWorkerSchema),
+    ] as never,
+  })
+
+  const response = await postStaticAttach(app)
+  expect(response.status).toBe(409)
+  await expect(response.json()).resolves.toMatchObject({ error: "org_limit_reached" })
+  expect(quotaCheckedInsideLock).toBe(true)
+  expect(store.workers).toHaveLength(0)
+})
+
+test("static attach route rejects invalid URL", async () => {
+  const { app } = createStaticAttachRouteApp({})
+  const response = await postStaticAttach(app, { url: "ftp://worker.example.com" })
+
+  expect(response.status).toBe(400)
+  await expect(response.json()).resolves.toMatchObject({ error: "invalid_request" })
+})
+
+test("static attach route rejects invalid client and host tokens", async () => {
+  const clientFailure = createStaticAttachRouteApp({
+    fetchReachable: async () => { throw new Error("arbitrary upstream text valid-client-token") },
+  })
+  const clientResponse = await postStaticAttach(clientFailure.app)
+  const clientPayload = await clientResponse.json() as Record<string, unknown>
+  expect(clientResponse.status).toBe(400)
+  expect(clientPayload.message).toBe("Static worker verification failed with the provided URL and tokens.")
+  expect(JSON.stringify(clientPayload).includes("valid-client-token")).toBe(false)
+
+  const hostFailure = createStaticAttachRouteApp({
+    fetchReachable: async () => { throw new Error("arbitrary upstream text valid-host-token") },
+  })
+  const hostResponse = await postStaticAttach(hostFailure.app)
+  const hostPayload = await hostResponse.json() as Record<string, unknown>
+  expect(hostResponse.status).toBe(400)
+  expect(hostPayload.message).toBe("Static worker verification failed with the provided URL and tokens.")
+  expect(JSON.stringify(hostPayload).includes("valid-host-token")).toBe(false)
+})
+
+test("static attach URL policy rejects unsafe URLs and allows explicit on-prem hosts", () => {
+  const defaultPolicy = { allowPrivate: false, allowedHosts: [], allowedCidrs: [] }
+
+  expect(workersSharedModule.validateStaticWorkerAttachUrl("ftp://worker.example.com", defaultPolicy)).toMatchObject({ ok: false })
+  expect(workersSharedModule.validateStaticWorkerAttachUrl("http://user:pass@worker.example.com", defaultPolicy)).toMatchObject({ ok: false })
+  expect(workersSharedModule.validateStaticWorkerAttachUrl("http://worker.example.com/?token=abc", defaultPolicy)).toMatchObject({ ok: false })
+  expect(workersSharedModule.validateStaticWorkerAttachUrl("http://127.0.0.1:8787", defaultPolicy)).toMatchObject({ ok: false })
+  expect(workersSharedModule.validateStaticWorkerAttachUrl("http://127.0.0.1:8787", { ...defaultPolicy, allowedCidrs: ["127.0.0.0/8"] })).toMatchObject({
+    ok: true,
+    url: "http://127.0.0.1:8787",
+  })
+  expect(workersSharedModule.validateStaticWorkerAttachUrl("http://lan-worker.local:8787", { ...defaultPolicy, allowedHosts: ["lan-worker.local"] })).toMatchObject({ ok: true })
+})
+
+test("static attach URL policy blocks DNS names resolving to unsafe IPv4 and IPv6 addresses", async () => {
+  await expect(workersSharedModule.validateResolvedStaticWorkerAttachUrl(
+    "http://public-name.example.com",
+    { allowPrivate: false, allowedHosts: [], allowedCidrs: [] },
+    async () => [{ address: "127.0.0.1", family: 4 }],
+  )).resolves.toMatchObject({ ok: false })
+
+  await expect(workersSharedModule.validateResolvedStaticWorkerAttachUrl(
+    "http://public-name.example.com",
+    { allowPrivate: false, allowedHosts: [], allowedCidrs: [] },
+    async () => [{ address: "fe80::1", family: 6 }],
+  )).resolves.toMatchObject({ ok: false })
+
+  await expect(workersSharedModule.validateResolvedStaticWorkerAttachUrl(
+    "http://public-name.example.com",
+    { allowPrivate: false, allowedHosts: [], allowedCidrs: ["127.0.0.0/8"] },
+    async () => [{ address: "127.0.0.1", family: 4 }],
+  )).resolves.toMatchObject({ ok: true })
+
+  await expect(workersSharedModule.validateResolvedStaticWorkerAttachUrl(
+    "http://allowed-host.example.com",
+    { allowPrivate: false, allowedHosts: ["allowed-host.example.com"], allowedCidrs: [] },
+    async () => [{ address: "::1", family: 6 }],
+  )).resolves.toMatchObject({ ok: false })
+})
+
+test("static attach URL policy allows explicitly allow-listed HTTPS hostnames", async () => {
+  await expect(workersSharedModule.validateResolvedStaticWorkerAttachUrl(
+    "https://worker.example.com",
+    { allowPrivate: false, allowedHosts: ["worker.example.com"], allowedCidrs: [] },
+    async () => [{ address: "203.0.113.10", family: 4 }],
+  )).resolves.toMatchObject({ ok: true })
+})
+
+test("static attach URL policy rejects non-allow-listed HTTPS hostnames", async () => {
+  await expect(workersSharedModule.validateResolvedStaticWorkerAttachUrl(
+    "https://worker.example.com",
+    { allowPrivate: false, allowedHosts: [], allowedCidrs: [] },
+    async () => [{ address: "203.0.113.10", family: 4 }],
+  )).resolves.toMatchObject({ ok: false })
+})
+
+test("static attach URL policy still rejects allow-listed HTTPS hostnames resolving to unsafe addresses", async () => {
+  await expect(workersSharedModule.validateResolvedStaticWorkerAttachUrl(
+    "https://worker.example.com",
+    { allowPrivate: false, allowedHosts: ["worker.example.com"], allowedCidrs: [] },
+    async () => [{ address: "127.0.0.1", family: 4 }],
+  )).resolves.toMatchObject({ ok: false })
+})
+
+test("static attach verification fetch uses the validated IP address instead of re-resolving hostname", async () => {
+  const seenHosts: string[] = []
+  const pinServer = Bun.serve({
+    port: 0,
+    fetch(request) {
+      seenHosts.push(request.headers.get("host") ?? "")
+      const url = new URL(request.url)
+      if (url.pathname === "/workspaces") {
+        return Response.json({ items: [] })
+      }
+      if (url.pathname === "/env/keys") {
+        return Response.json({ keys: [] })
+      }
+      return new Response("not found", { status: 404 })
+    },
+  })
+  try {
+    const target = await workersSharedModule.validateResolvedStaticWorkerAttachUrl(
+      `http://rebinding-worker.test:${pinServer.port}`,
+      { allowPrivate: false, allowedHosts: [], allowedCidrs: ["127.0.0.0/8"] },
+      async () => [{ address: "127.0.0.1", family: 4 }],
+    )
+    expect(target.ok).toBe(true)
+    if (target.ok) {
+      await workersCoreModule.assertStaticWorkerReachable(target, "valid-client-token", "valid-host-token")
+    }
+    expect(seenHosts).toEqual([`rebinding-worker.test:${pinServer.port}`, `rebinding-worker.test:${pinServer.port}`])
+  } finally {
+    pinServer.stop(true)
+  }
+})
+
+test("static attach verification keeps HTTPS hostname for certificate validation", async () => {
+  const originalFetch = globalThis.fetch
+  const requestedUrls: string[] = []
+  globalThis.fetch = ((input: RequestInfo | URL) => {
+    requestedUrls.push(String(input))
+    return Promise.resolve(Response.json({ ok: true }))
+  }) as typeof fetch
+  try {
+    await workersCoreModule.assertStaticWorkerReachable({
+      ok: true,
+      url: "https://worker.example.com:8787",
+      resolvedAddresses: [{ address: "203.0.113.10", family: 4 }],
+    }, "valid-client-token", "valid-host-token")
+    expect(requestedUrls).toEqual([
+      "https://worker.example.com:8787/workspaces",
+      "https://worker.example.com:8787/env/keys",
+    ])
+  } finally {
+    globalThis.fetch = originalFetch
+  }
+})
+
+test("static attach worker token verification succeeds without following redirects", async () => {
+  await expect(workersCoreModule.assertStaticWorkerReachable(staticWorkerUrl, "valid-client-token", "valid-host-token")).resolves.toBeUndefined()
+
+  const redirectResponse = await workersCoreModule.fetchStaticWorker(staticWorkerUrl, "/redirect-workspaces", {})
+  expect(redirectResponse.status).toBe(302)
+})
+
+test("static attach worker token verification rejects invalid client and host tokens without echoing tokens", async () => {
+  await expect(workersCoreModule.assertStaticWorkerReachable(staticWorkerUrl, "invalid-client-token", "valid-host-token"))
+    .rejects.toThrow("Worker rejected the provided client token with HTTP 401")
+  await expect(workersCoreModule.assertStaticWorkerReachable(staticWorkerUrl, "valid-client-token", "invalid-host-token"))
+    .rejects.toThrow("Worker rejected the provided host token with HTTP 403")
+
+  try {
+    await workersCoreModule.assertStaticWorkerReachable(staticWorkerUrl, "invalid-client-token", "valid-host-token")
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error)
+    expect(message.includes("invalid-client-token")).toBe(false)
+    expect(message.includes("valid-host-token")).toBe(false)
+  }
+})
+
+test("static provisioner fails clearly when no worker URLs are configured", async () => {
+  await expect(provisionerModule.provisionStaticWorker(
+    {
+      workerId: "worker_static_missing_url_123",
+      name: "Static Missing URL",
+      hostToken: "host-token",
+      clientToken: "client-token",
+      activityToken: "activity-token",
+    },
+    staticWorkerConfig({
+      urls: [],
+    }),
+  )).rejects.toThrow("STATIC_WORKER_URLS is required when PROVISIONER_MODE=static")
+})
+
+test("static provisioner fails clearly when health check does not pass", async () => {
+  await expect(provisionerModule.provisionStaticWorker(
+    {
+      workerId: "worker_static_unhealthy_123",
+      name: "Static Unhealthy",
+      hostToken: "host-token",
+      clientToken: "client-token",
+      activityToken: "activity-token",
+    },
+    staticWorkerConfig({
+      urls: [`${staticWorkerUrl}/missing`],
+      healthcheckTimeoutMs: 50,
+    }),
+  )).rejects.toThrow("Timed out waiting for worker health endpoint")
+})
+
+test("static provisioner aborts a hanging health check within the configured timeout", async () => {
+  const startedAt = performance.now()
+
+  await expect(provisionerModule.provisionStaticWorker(
+    {
+      workerId: "worker_static_hanging_health_123",
+      name: "Static Hanging Health",
+      hostToken: "host-token",
+      clientToken: "client-token",
+      activityToken: "activity-token",
+    },
+    staticWorkerConfig({
+      healthPath: "/hang-health",
+      healthcheckTimeoutMs: 75,
+    }),
+  )).rejects.toThrow("Timed out waiting for worker health endpoint")
+
+  expect(performance.now() - startedAt).toBeLessThan(1000)
+})
+
+test("static env validation requires config only when static mode is enabled", () => {
+  expect(envModule.parseStaticWorkersEnv({ STATIC_WORKER_URLS: undefined }).issues).toContainEqual({
+    path: "STATIC_WORKER_URLS",
+    message: "STATIC_WORKER_URLS is required when PROVISIONER_MODE=static",
+  })
+})
+
+test("static env validation normalizes URLs and rejects duplicate normalized URLs", () => {
+  const parsed = envModule.parseStaticWorkersEnv({
+    STATIC_WORKER_URLS: "https://Worker.Example.com/, https://worker.example.com",
+  })
+
+  expect(parsed.urls).toEqual(["https://worker.example.com"])
+  expect(parsed.issues.some((issue) => issue.message.includes("duplicate URL https://worker.example.com"))).toBe(true)
+})
+
+test("static env validation rejects invalid URL, protocol, health path, and timeout values", () => {
+  const parsed = envModule.parseStaticWorkersEnv({
+    STATIC_WORKER_URLS: "not-a-url, ftp://worker.example.com",
+    STATIC_WORKER_HEALTH_PATH: "health?ready=1",
+    STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS: "0",
+    STATIC_WORKER_HEALTHCHECK_INTERVAL_MS: "NaN",
+    STATIC_WORKER_RESERVATION_TTL_MS: "-1",
+  })
+
+  expect(parsed.issues.some((issue) => issue.message === "STATIC_WORKER_URLS entries must be valid URLs")).toBe(true)
+  expect(parsed.issues.some((issue) => issue.message === "STATIC_WORKER_URLS entries must use http or https URLs")).toBe(true)
+  expect(parsed.issues.some((issue) => issue.path === "STATIC_WORKER_HEALTH_PATH")).toBe(true)
+  expect(parsed.issues.some((issue) => issue.path === "STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS")).toBe(true)
+  expect(parsed.issues.some((issue) => issue.path === "STATIC_WORKER_HEALTHCHECK_INTERVAL_MS")).toBe(true)
+  expect(parsed.issues.some((issue) => issue.path === "STATIC_WORKER_RESERVATION_TTL_MS")).toBe(true)
+})
+
+test("static provisioner in-process reservations prevent concurrent duplicate assignment", async () => {
+  const config = staticWorkerConfig({ reservationTtlMs: 1000 })
+  const first = provisionerModule.provisionStaticWorker(
+    {
+      workerId: "worker_static_concurrent_a_123",
+      name: "Static Concurrent A",
+      hostToken: "host-token",
+      clientToken: "client-token",
+      activityToken: "activity-token",
+    },
+    config,
+  )
+  const second = provisionerModule.provisionStaticWorker(
+    {
+      workerId: "worker_static_concurrent_b_123",
+      name: "Static Concurrent B",
+      hostToken: "host-token",
+      clientToken: "client-token",
+      activityToken: "activity-token",
+    },
+    config,
+  )
+
+  const results = await Promise.allSettled([first, second])
+  expect(results.filter((result) => result.status === "fulfilled")).toHaveLength(1)
+  expect(results.filter((result) => result.status === "rejected")).toHaveLength(1)
+
+  const fulfilled = results.find((result): result is PromiseFulfilledResult<ProvisionedInstance> => result.status === "fulfilled")
+  expect(fulfilled?.value.url).toBe(staticWorkerUrl)
+  await provisionerModule.deprovisionWorker({ workerId: "worker_static_concurrent_a_123", instanceUrl: staticWorkerUrl })
+  await provisionerModule.deprovisionWorker({ workerId: "worker_static_concurrent_b_123", instanceUrl: staticWorkerUrl })
+})
+
+test("static provisioner releases failed health reservations for reuse", async () => {
+  await expect(provisionerModule.provisionStaticWorker(
+    {
+      workerId: "worker_static_failed_cleanup_123",
+      name: "Static Failed Cleanup",
+      hostToken: "host-token",
+      clientToken: "client-token",
+      activityToken: "activity-token",
+    },
+    staticWorkerConfig({ healthPath: "/missing", healthcheckTimeoutMs: 50, reservationTtlMs: 1000 }),
+  )).rejects.toThrow("Timed out waiting for worker health endpoint")
+
+  const provisioned = await provisionerModule.provisionStaticWorker(
+    {
+      workerId: "worker_static_failed_cleanup_reuse_123",
+      name: "Static Failed Cleanup Reuse",
+      hostToken: "host-token",
+      clientToken: "client-token",
+      activityToken: "activity-token",
+    },
+    staticWorkerConfig(),
+  )
+  expect(provisioned.url).toBe(staticWorkerUrl)
+})
+
+test("static provisioner recovers stale reservations for reuse", async () => {
+  const first = await provisionerModule.provisionStaticWorker(
+    {
+      workerId: "worker_static_stale_a_123",
+      name: "Static Stale A",
+      hostToken: "host-token",
+      clientToken: "client-token",
+      activityToken: "activity-token",
+    },
+    staticWorkerConfig({ reservationTtlMs: 1 }),
+  )
+  expect(first.url).toBe(staticWorkerUrl)
+
+  await new Promise((resolve) => setTimeout(resolve, 5))
+
+  const second = await provisionerModule.provisionStaticWorker(
+    {
+      workerId: "worker_static_stale_b_123",
+      name: "Static Stale B",
+      hostToken: "host-token",
+      clientToken: "client-token",
+      activityToken: "activity-token",
+    },
+    staticWorkerConfig(),
+  )
+  expect(second.url).toBe(staticWorkerUrl)
+})
diff --git a/ee/apps/den-web/app/(den)/_lib/den-flow.ts b/ee/apps/den-web/app/(den)/_lib/den-flow.ts
index 3cb38f61bc..def4207222 100644
--- a/ee/apps/den-web/app/(den)/_lib/den-flow.ts
+++ b/ee/apps/den-web/app/(den)/_lib/den-flow.ts
@@ -148,6 +148,8 @@ export type OnboardingIntent = {
   authMethod: AuthMethod;
 };
 
+export type OnboardingAutoLaunchDecision = "idle" | "wait" | "complete_existing" | "launch";
+
 type PosthogClient = {
   capture?: (eventName: string, properties?: Record<string, unknown>) => void;
   identify?: (distinctId?: string, properties?: Record<string, unknown>) => void;
@@ -253,6 +255,40 @@ export function deriveOnboardingWorkerName(user: AuthUser): string {
   return normalizeWorkerName(`${owner}${suffix}`);
 }
 
+export function getOnboardingAutoLaunchDecision(input: {
+  userId: string | null;
+  activeOrganizationId: string | null;
+  onboardingIntent: OnboardingIntent | null;
+  billingSummary: BillingSummary | null;
+  workersLoadedOnce: boolean;
+  ownedWorkerCount: number;
+  launchBusy: boolean;
+  currentAutoLaunchKey: string | null;
+}): OnboardingAutoLaunchDecision {
+  if (!input.userId || !input.onboardingIntent?.shouldLaunch || input.onboardingIntent.completed) {
+    return "idle";
+  }
+
+  if (!input.activeOrganizationId || !input.billingSummary || !input.workersLoadedOnce) {
+    return "wait";
+  }
+
+  if (input.ownedWorkerCount > 0) {
+    return "complete_existing";
+  }
+
+  if (input.billingSummary.featureGateEnabled && !input.billingSummary.hasActivePlan) {
+    return "wait";
+  }
+
+  if (input.launchBusy) {
+    return "wait";
+  }
+
+  const autoLaunchKey = `${input.activeOrganizationId}:${input.onboardingIntent.workerName || DEFAULT_WORKER_NAME}`;
+  return input.currentAutoLaunchKey === autoLaunchKey ? "wait" : "launch";
+}
+
 export function getSocialCallbackUrl(): string {
   try {
     const origin = typeof window !== "undefined" ? window.location.origin : OPENWORK_AUTH_CALLBACK_BASE_URL || "https://app.openworklabs.com";
diff --git a/ee/apps/den-web/app/(den)/_providers/den-flow-provider.tsx b/ee/apps/den-web/app/(den)/_providers/den-flow-provider.tsx
index 2db51d2a83..666c2eeab1 100644
--- a/ee/apps/den-web/app/(den)/_providers/den-flow-provider.tsx
+++ b/ee/apps/den-web/app/(den)/_providers/den-flow-provider.tsx
@@ -31,6 +31,7 @@ import {
   getBillingSummary,
   getEmailDomain,
   getErrorMessage,
+  getOnboardingAutoLaunchDecision,
   getOrgLimitError,
   getRuntimeServiceLabel,
   getSocialCallbackUrl,
@@ -215,6 +216,7 @@ export function DenFlowProvider({ children }: { children: ReactNode }) {
   const [runtimeBusy, setRuntimeBusy] = useState(false);
   const [runtimeError, setRuntimeError] = useState<string | null>(null);
   const [runtimeUpgradeBusy, setRuntimeUpgradeBusy] = useState(false);
+  const [activeOrganizationId, setActiveOrganizationId] = useState<string | null>(null);
 
   const [onboardingIntent, setOnboardingIntent] = useState<OnboardingIntent | null>(null);
   const onboardingAutoLaunchKeyRef = useRef<string | null>(null);
@@ -906,6 +908,7 @@ export function DenFlowProvider({ children }: { children: ReactNode }) {
 
     const { response, payload } = await requestJson("/v1/me/orgs", { method: "GET", headers }, 12000);
     if (!response.ok) {
+      setActiveOrganizationId(null);
       return {
         orgs: [],
         activeOrgId: null,
@@ -913,7 +916,9 @@ export function DenFlowProvider({ children }: { children: ReactNode }) {
       };
     }
 
-    return parseOrgListPayload(payload);
+    const orgDirectory = parseOrgListPayload(payload);
+    setActiveOrganizationId(orgDirectory.activeOrgId ?? orgDirectory.orgs[0]?.id ?? null);
+    return orgDirectory;
   }
 
   async function resolveDashboardRoute() {
@@ -1189,6 +1194,7 @@ export function DenFlowProvider({ children }: { children: ReactNode }) {
     setBillingSummary(null);
     setBillingError(null);
     setOrgLimitError(null);
+    setActiveOrganizationId(null);
     setBillingBusy(false);
     setBillingLoadedOnce(false);
     setTokenFetchedForWorkerId(null);
@@ -1724,6 +1730,7 @@ export function DenFlowProvider({ children }: { children: ReactNode }) {
 
   useEffect(() => {
     if (!user) {
+      setActiveOrganizationId(null);
       setWorkers([]);
       setWorkersLoadedOnce(false);
       setWorkersError(null);
@@ -1917,36 +1924,35 @@ export function DenFlowProvider({ children }: { children: ReactNode }) {
   }, [desktopAuthRequested, user?.id, authToken, desktopRedirectUrl, desktopRedirectBusy, desktopRedirectAttempted, desktopAuthScheme]);
 
   useEffect(() => {
-    if (!user || !onboardingPending) {
-      onboardingAutoLaunchKeyRef.current = null;
-      return;
-    }
-
-    if (!billingSummary) {
-      return;
-    }
+    const decision = getOnboardingAutoLaunchDecision({
+      userId: user?.id ?? null,
+      activeOrganizationId,
+      onboardingIntent,
+      billingSummary,
+      workersLoadedOnce,
+      ownedWorkerCount,
+      launchBusy,
+      currentAutoLaunchKey: onboardingAutoLaunchKeyRef.current,
+    });
 
-    if (billingSummary.featureGateEnabled && !billingSummary.hasActivePlan) {
+    if (decision === "idle") {
+      onboardingAutoLaunchKeyRef.current = null;
       return;
     }
 
-    if (ownedWorkerCount > 0) {
+    if (decision === "complete_existing") {
       markOnboardingComplete();
       return;
     }
 
-    if (launchBusy) {
-      return;
-    }
-
-    const autoLaunchKey = `${user.id}:${onboardingIntent?.workerName ?? DEFAULT_WORKER_NAME}`;
-    if (onboardingAutoLaunchKeyRef.current === autoLaunchKey) {
+    if (decision !== "launch" || !user || !onboardingIntent) {
       return;
     }
 
+    const autoLaunchKey = `${activeOrganizationId}:${onboardingIntent.workerName || DEFAULT_WORKER_NAME}`;
     onboardingAutoLaunchKeyRef.current = autoLaunchKey;
-    markOnboardingComplete();
-  }, [billingSummary?.featureGateEnabled, billingSummary?.hasActivePlan, launchBusy, onboardingIntent?.workerName, onboardingPending, ownedWorkerCount, user?.id]);
+    void launchWorker({ source: "signup_auto", workerNameOverride: onboardingIntent.workerName });
+  }, [activeOrganizationId, billingSummary, launchBusy, onboardingIntent, onboardingPending, ownedWorkerCount, user?.id, workersLoadedOnce]);
 
   useEffect(() => {
     if (!user) {
diff --git a/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-data.test.tsx b/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-data.test.tsx
new file mode 100644
index 0000000000..852a429729
--- /dev/null
+++ b/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-data.test.tsx
@@ -0,0 +1,62 @@
+import { parseDenLlmProvidersResponse } from "./llm-provider-data";
+
+declare const test: (name: string, fn: () => void | Promise<void>) => void;
+declare const expect: any;
+
+test("parses pending invited LLM provider member access entries", () => {
+  const parsed = parseDenLlmProvidersResponse({
+    llmProviders: [
+      {
+        id: "llmProvider_pending",
+        organizationId: "org_pending",
+        createdByOrgMembershipId: "om_creator",
+        source: "models_dev",
+        providerId: "openai",
+        name: "OpenAI",
+        providerConfig: {},
+        credentialKind: "opencode_oauth",
+        hasApiKey: false,
+        hasOpencodeAuth: true,
+        hasCredential: true,
+        createdAt: "2026-06-10T00:00:00.000Z",
+        updatedAt: "2026-06-10T00:00:00.000Z",
+        canManage: true,
+        accessibleVia: { orgMembershipIds: [], teamIds: [] },
+        models: [],
+        access: {
+          members: [
+            {
+              id: "llmProviderAccess_pending",
+              orgMembershipId: "om_pending",
+              role: "member",
+              user: {
+                id: null,
+                name: "pending@example.com",
+                email: "pending@example.com",
+                image: null,
+              },
+              createdAt: "2026-06-10T00:00:00.000Z",
+            },
+          ],
+          teams: [],
+        },
+      },
+    ],
+  });
+
+  expect(parsed).toHaveLength(1);
+  expect(parsed[0]?.access.members).toEqual([
+    {
+      id: "llmProviderAccess_pending",
+      orgMembershipId: "om_pending",
+      role: "member",
+      user: {
+        id: null,
+        name: "pending@example.com",
+        email: "pending@example.com",
+        image: null,
+      },
+      createdAt: "2026-06-10T00:00:00.000Z",
+    },
+  ]);
+});
diff --git a/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-data.tsx b/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-data.tsx
index 751b911462..4545c12581 100644
--- a/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-data.tsx
+++ b/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-data.tsx
@@ -4,6 +4,7 @@ import { useEffect, useState } from "react";
 import { getErrorMessage, requestJson } from "../../_lib/den-flow";
 
 export type DenLlmProviderSource = "models_dev" | "custom" | "openwork";
+export type DenLlmProviderCredentialKind = "api_key" | "opencode_oauth";
 
 export type DenLlmProviderModel = {
   id: string;
@@ -18,7 +19,7 @@ export type DenLlmProviderMemberAccess = {
   role: string;
   createdAt: string | null;
   user: {
-    id: string;
+    id: string | null;
     name: string;
     email: string;
     image: string | null;
@@ -41,7 +42,10 @@ export type DenLlmProvider = {
   providerId: string;
   name: string;
   providerConfig: Record<string, unknown>;
+  credentialKind: DenLlmProviderCredentialKind;
   hasApiKey: boolean;
+  hasOpencodeAuth: boolean;
+  hasCredential: boolean;
   createdAt: string | null;
   updatedAt: string | null;
   canManage: boolean;
@@ -122,10 +126,12 @@ function asLlmProviderMemberAccess(value: unknown): DenLlmProviderMemberAccess |
   const id = asString(value.id);
   const orgMembershipId = asString(value.orgMembershipId);
   const role = asString(value.role);
-  const userId = asString(value.user.id);
+  const rawUserId = value.user.id;
+  const userId = rawUserId === null ? null : asString(rawUserId);
+  const validUserId = rawUserId === null || (typeof rawUserId === "string" && rawUserId.length > 0);
   const name = asString(value.user.name);
   const email = asString(value.user.email);
-  if (!id || !orgMembershipId || !role || !userId || !name || !email) {
+  if (!id || !orgMembershipId || !role || !validUserId || !name || !email) {
     return null;
   }
 
@@ -143,6 +149,12 @@ function asLlmProviderMemberAccess(value: unknown): DenLlmProviderMemberAccess |
   };
 }
 
+export function parseDenLlmProvidersResponse(payload: unknown): DenLlmProvider[] {
+  return isRecord(payload) && Array.isArray(payload.llmProviders)
+    ? payload.llmProviders.map(asLlmProvider).filter((entry): entry is DenLlmProvider => entry !== null)
+    : [];
+}
+
 function asLlmProviderTeamAccess(value: unknown): DenLlmProviderTeamAccess | null {
   if (!isRecord(value)) {
     return null;
@@ -178,6 +190,7 @@ function asLlmProvider(value: unknown): DenLlmProvider | null {
     value.source === "models_dev" || value.source === "custom" || value.source === "openwork"
       ? value.source
       : null;
+  const credentialKind = value.credentialKind === "opencode_oauth" ? "opencode_oauth" : "api_key";
   if (!id || !organizationId || !createdByOrgMembershipId || !providerId || !name || !source) {
     return null;
   }
@@ -190,7 +203,10 @@ function asLlmProvider(value: unknown): DenLlmProvider | null {
     providerId,
     name,
     providerConfig: asJsonRecord(value.providerConfig),
+    credentialKind,
     hasApiKey: value.hasApiKey === true,
+    hasOpencodeAuth: value.hasOpencodeAuth === true,
+    hasCredential: value.hasCredential === true || value.hasApiKey === true || value.hasOpencodeAuth === true,
     createdAt: asIsoString(value.createdAt),
     updatedAt: asIsoString(value.updatedAt),
     canManage: value.canManage === true,
@@ -417,9 +433,7 @@ export function useOrgLlmProviders(
         throw new Error(getErrorMessage(payload, `Failed to load providers (${response.status}).`));
       }
 
-      const nextProviders = isRecord(payload) && Array.isArray(payload.llmProviders)
-        ? payload.llmProviders.map(asLlmProvider).filter((entry): entry is DenLlmProvider => entry !== null)
-        : [];
+      const nextProviders = parseDenLlmProvidersResponse(payload);
       setLlmProviders(nextProviders);
     } catch (loadError) {
       setError(loadError instanceof Error ? loadError.message : "Failed to load the provider library.");
diff --git a/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-detail-screen.tsx b/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-detail-screen.tsx
index c208bfdaa9..4b50aac65c 100644
--- a/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-detail-screen.tsx
+++ b/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-detail-screen.tsx
@@ -185,10 +185,10 @@ export function LlmProviderDetailScreen({
                     </div>
 
                     <div
-                        className={`inline-flex items-center gap-2 rounded-full px-4 py-2 text-[13px] font-medium ${provider.hasApiKey ? "bg-emerald-50 text-emerald-700" : "bg-amber-50 text-amber-700"}`}
+                        className={`inline-flex items-center gap-2 rounded-full px-4 py-2 text-[13px] font-medium ${provider.hasCredential ? "bg-emerald-50 text-emerald-700" : "bg-amber-50 text-amber-700"}`}
                     >
                         <KeyRound className="h-4 w-4" />
-                        {provider.hasApiKey
+                        {provider.hasCredential
                             ? "Credential saved"
                             : "Credential missing"}
                     </div>
@@ -221,10 +221,10 @@ export function LlmProviderDetailScreen({
                     </div>
                     <div className="rounded-[24px] bg-gray-50 p-5">
                         <p className="text-[12px] font-semibold uppercase tracking-[0.16em] text-gray-400">
-                            Updated
+                            Credential
                         </p>
                         <p className="mt-3 text-[16px] font-medium text-gray-900">
-                            {formatProviderTimestamp(provider.updatedAt)}
+                            {provider.credentialKind === "opencode_oauth" ? "OpenCode OAuth" : "API key"}
                         </p>
                     </div>
                 </div>
diff --git a/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-editor-screen.tsx b/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-editor-screen.tsx
index fec4fc356b..69e48aa91b 100644
--- a/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-editor-screen.tsx
+++ b/ee/apps/den-web/app/(den)/dashboard/_components/llm-provider-editor-screen.tsx
@@ -34,6 +34,7 @@ import {
     requestLlmProviderCatalogDetail,
     useOrgLlmProviders,
     type DenLlmProvider,
+    type DenLlmProviderCredentialKind,
     type DenModelsDevProviderDetail,
     type DenModelsDevProviderSummary,
 } from "./llm-provider-data";
@@ -88,7 +89,18 @@ export function LlmProviderEditorScreen({
     const [customConfigText, setCustomConfigText] = useState(
         buildCustomProviderTemplate(),
     );
+    const [credentialKind, setCredentialKind] =
+        useState<DenLlmProviderCredentialKind>("api_key");
     const [apiKey, setApiKey] = useState("");
+    const [opencodeAuth, setOpencodeAuth] = useState("");
+    const [openAiOauthBusy, setOpenAiOauthBusy] = useState(false);
+    const [openAiOauthError, setOpenAiOauthError] = useState<string | null>(null);
+    const [openAiOauthSession, setOpenAiOauthSession] = useState<{
+        verificationUrl: string;
+        userCode: string;
+        deviceAuthId: string;
+        intervalMs: number;
+    } | null>(null);
     const [selectedMemberIds, setSelectedMemberIds] = useState<string[]>([]);
     const [selectedTeamIds, setSelectedTeamIds] = useState<string[]>([]);
     const [saveBusy, setSaveBusy] = useState(false);
@@ -146,7 +158,11 @@ export function LlmProviderEditorScreen({
                     ? buildEditableCustomProviderText(provider)
                     : buildCustomProviderTemplate(),
             );
+            setCredentialKind(provider.credentialKind);
             setApiKey("");
+            setOpencodeAuth("");
+            setOpenAiOauthError(null);
+            setOpenAiOauthSession(null);
             return;
         }
 
@@ -159,9 +175,99 @@ export function LlmProviderEditorScreen({
         );
         setSelectedTeamIds([]);
         setCustomConfigText(buildCustomProviderTemplate());
+        setCredentialKind("api_key");
         setApiKey("");
+        setOpencodeAuth("");
+        setOpenAiOauthError(null);
+        setOpenAiOauthSession(null);
     }, [orgContext?.currentMember.id, provider]);
 
+    useEffect(() => {
+        setOpenAiOauthError(null);
+        setOpenAiOauthSession(null);
+    }, [credentialKind, selectedProviderId, source]);
+
+    const canUseOpenCodeOAuth =
+        source === "models_dev" && selectedProviderId.trim().toLowerCase() === "openai";
+
+    useEffect(() => {
+        if (credentialKind === "opencode_oauth" && !canUseOpenCodeOAuth) {
+            setCredentialKind("api_key");
+        }
+    }, [canUseOpenCodeOAuth, credentialKind]);
+
+    async function startOpenAiOauth() {
+        setOpenAiOauthBusy(true);
+        setOpenAiOauthError(null);
+        try {
+            const { response, payload } = await requestJson(
+                "/v1/llm-providers/openai-oauth/start",
+                { method: "POST", body: JSON.stringify({}) },
+                20000,
+            );
+            if (!response.ok) {
+                throw new Error(getErrorMessage(payload, `Failed to start OpenAI OAuth (${response.status}).`));
+            }
+            if (!payload || typeof payload !== "object") {
+                throw new Error("OpenAI OAuth response was empty.");
+            }
+            const data = payload as Record<string, unknown>;
+            if (
+                typeof data.verificationUrl !== "string" ||
+                typeof data.userCode !== "string" ||
+                typeof data.deviceAuthId !== "string" ||
+                typeof data.intervalMs !== "number"
+            ) {
+                throw new Error("OpenAI OAuth response was incomplete.");
+            }
+            setOpenAiOauthSession({
+                verificationUrl: data.verificationUrl,
+                userCode: data.userCode,
+                deviceAuthId: data.deviceAuthId,
+                intervalMs: data.intervalMs,
+            });
+            window.open(data.verificationUrl, "_blank", "noopener,noreferrer");
+        } catch (error) {
+            setOpenAiOauthError(error instanceof Error ? error.message : "Could not start OpenAI OAuth.");
+        } finally {
+            setOpenAiOauthBusy(false);
+        }
+    }
+
+    async function completeOpenAiOauth() {
+        if (!openAiOauthSession) {
+            setOpenAiOauthError("Start OpenAI OAuth first.");
+            return;
+        }
+        setOpenAiOauthBusy(true);
+        setOpenAiOauthError(null);
+        try {
+            const { response, payload } = await requestJson(
+                "/v1/llm-providers/openai-oauth/complete",
+                {
+                    method: "POST",
+                    body: JSON.stringify({
+                        deviceAuthId: openAiOauthSession.deviceAuthId,
+                        userCode: openAiOauthSession.userCode,
+                    }),
+                },
+                20000,
+            );
+            if (!response.ok) {
+                throw new Error(getErrorMessage(payload, response.status === 409 ? "OpenAI authorization is not complete yet." : `Failed to complete OpenAI OAuth (${response.status}).`));
+            }
+            if (!payload || typeof payload !== "object" || typeof (payload as Record<string, unknown>).opencodeAuth !== "string") {
+                throw new Error("OpenAI OAuth completion response was incomplete.");
+            }
+            setOpencodeAuth((payload as { opencodeAuth: string }).opencodeAuth);
+            setOpenAiOauthSession(null);
+        } catch (error) {
+            setOpenAiOauthError(error instanceof Error ? error.message : "Could not complete OpenAI OAuth.");
+        } finally {
+            setOpenAiOauthBusy(false);
+        }
+    }
+
     useEffect(() => {
         if (source !== "models_dev" || !orgId || !selectedProviderId) {
             setCatalogDetail(null);
@@ -286,6 +392,11 @@ export function LlmProviderEditorScreen({
             }
         }
 
+        if (credentialKind === "opencode_oauth" && !canUseOpenCodeOAuth) {
+            setSaveError("OpenCode OAuth credentials are only available for the OpenAI catalog provider.");
+            return;
+        }
+
         if (source === "custom" && !customConfigText.trim()) {
             setSaveError("Paste a custom provider config.");
             return;
@@ -297,6 +408,7 @@ export function LlmProviderEditorScreen({
             const body: Record<string, unknown> = {
                 name: providerName.trim(),
                 source,
+                credentialKind,
                 memberIds: [...new Set(selectedMemberIds)],
                 teamIds: [...new Set(selectedTeamIds)],
             };
@@ -308,10 +420,14 @@ export function LlmProviderEditorScreen({
                 body.customConfigText = customConfigText;
             }
 
-            if (apiKey.trim() || !provider) {
+            if (credentialKind === "api_key" && (apiKey.trim() || !provider || provider.credentialKind !== "api_key")) {
                 body.apiKey = apiKey.trim();
             }
 
+            if (credentialKind === "opencode_oauth" && (opencodeAuth.trim() || !provider || provider.credentialKind !== "opencode_oauth")) {
+                body.opencodeAuth = opencodeAuth.trim();
+            }
+
             const path = provider
                 ? `/v1/llm-providers/${encodeURIComponent(provider.id)}`
                 : `/v1/llm-providers`;
@@ -607,28 +723,118 @@ export function LlmProviderEditorScreen({
                             Credential
                         </h2>
                     </div>
-                    {provider?.hasApiKey ? (
+                    {provider?.hasCredential ? (
                         <span className="rounded-full bg-emerald-50 px-4 py-2 text-[13px] font-medium text-emerald-700">
                             Existing credential saved
                         </span>
                     ) : null}
                 </div>
 
-                <label className="grid gap-3">
-                    <span className="text-[14px] font-medium text-gray-700">
-                        API key / credential
-                    </span>
-                    <DenInput
-                        type="password"
-                        value={apiKey}
-                        onChange={(event) => setApiKey(event.target.value)}
-                        placeholder={
-                            provider?.hasApiKey
-                                ? "Leave blank to keep current credential"
-                                : "Paste the provider credential"
-                        }
+                <div className="mb-6 grid gap-3 md:grid-cols-2">
+                    <DenSelectableRow
+                        selected={credentialKind === "api_key"}
+                        title="API key"
+                        description="Store a provider API key and import it into teammates' workspaces."
+                        onClick={() => setCredentialKind("api_key")}
                     />
-                </label>
+                    <DenSelectableRow
+                        selected={credentialKind === "opencode_oauth"}
+                        title="OpenCode OAuth"
+                        description={canUseOpenCodeOAuth
+                            ? "Store the native OpenCode OAuth auth JSON for the OpenAI provider."
+                            : "Only available for the OpenAI catalog provider."}
+                        disabled={!canUseOpenCodeOAuth}
+                        onClick={() => {
+                            if (canUseOpenCodeOAuth) setCredentialKind("opencode_oauth");
+                        }}
+                    />
+                </div>
+
+                {credentialKind === "api_key" ? (
+                    <label className="grid gap-3">
+                        <span className="text-[14px] font-medium text-gray-700">
+                            API key / credential
+                        </span>
+                        <DenInput
+                            type="password"
+                            value={apiKey}
+                            onChange={(event) => setApiKey(event.target.value)}
+                            placeholder={
+                                provider?.credentialKind === "api_key" && provider.hasApiKey
+                                    ? "Leave blank to keep current credential"
+                                    : "Paste the provider credential"
+                            }
+                        />
+                    </label>
+                ) : (
+                    <div className="grid gap-4">
+                        <div className="rounded-[24px] border border-blue-100 bg-blue-50 p-5">
+                            <div className="flex flex-col gap-3 md:flex-row md:items-start md:justify-between">
+                                <div>
+                                    <p className="text-[14px] font-semibold text-blue-950">Connect OpenAI with OpenCode OAuth</p>
+                                    <p className="mt-2 text-[13px] leading-6 text-blue-800">
+                                        This uses the same ChatGPT Pro/Plus device flow as OpenCode, then stores the resulting OAuth auth JSON encrypted in Den.
+                                    </p>
+                                </div>
+                                <DenButton
+                                    variant="secondary"
+                                    loading={openAiOauthBusy && !openAiOauthSession}
+                                    onClick={() => void startOpenAiOauth()}
+                                >
+                                    Connect OpenAI
+                                </DenButton>
+                            </div>
+
+                            {openAiOauthSession ? (
+                                <div className="mt-5 rounded-[18px] bg-white p-4 ring-1 ring-inset ring-blue-100">
+                                    <p className="text-[13px] font-medium text-gray-800">Enter this code on OpenAI:</p>
+                                    <div className="mt-3 inline-flex rounded-xl bg-gray-950 px-4 py-2 font-mono text-[22px] font-semibold tracking-[0.18em] text-white">
+                                        {openAiOauthSession.userCode}
+                                    </div>
+                                    <div className="mt-4 flex flex-wrap gap-3">
+                                        <a
+                                            href={openAiOauthSession.verificationUrl}
+                                            target="_blank"
+                                            rel="noreferrer"
+                                            className="inline-flex items-center justify-center rounded-full bg-white px-4 py-2 text-[13px] font-medium text-gray-700 ring-1 ring-inset ring-gray-200 transition hover:bg-gray-50"
+                                        >
+                                            Open OpenAI page
+                                        </a>
+                                        <DenButton
+                                            loading={openAiOauthBusy}
+                                            onClick={() => void completeOpenAiOauth()}
+                                        >
+                                            I finished authorization
+                                        </DenButton>
+                                    </div>
+                                </div>
+                            ) : null}
+
+                            {openAiOauthError ? (
+                                <p className="mt-4 text-[13px] leading-6 text-red-700">{openAiOauthError}</p>
+                            ) : null}
+                        </div>
+
+                        <label className="grid gap-3">
+                            <span className="text-[14px] font-medium text-gray-700">
+                                OpenCode OAuth JSON
+                            </span>
+                            <DenTextarea
+                                value={opencodeAuth}
+                                onChange={(event) => setOpencodeAuth(event.target.value)}
+                                rows={8}
+                                placeholder={
+                                    provider?.credentialKind === "opencode_oauth" && provider.hasOpencodeAuth
+                                        ? "Leave blank to keep current OpenCode OAuth credential"
+                                        : '{ "type": "oauth", "access": "...", "refresh": "...", "expires": 0 }'
+                                }
+                            />
+                            <p className="text-[13px] leading-6 text-gray-500">
+                                You can connect above or paste the same auth shape OpenCode writes to auth.json for OAuth providers.
+                            </p>
+                        </label>
+                    </div>
+                )}
             </section>
 
             {source === "models_dev" ? (
diff --git a/ee/apps/den-web/app/(den)/dashboard/_components/llm-providers-screen.tsx b/ee/apps/den-web/app/(den)/dashboard/_components/llm-providers-screen.tsx
index b79821e7c5..46883035b5 100644
--- a/ee/apps/den-web/app/(den)/dashboard/_components/llm-providers-screen.tsx
+++ b/ee/apps/den-web/app/(den)/dashboard/_components/llm-providers-screen.tsx
@@ -182,9 +182,9 @@ export function LlmProvidersScreen() {
                 </div>
 
                 <div className="mt-5 flex flex-wrap gap-2">
-                  <span className={`inline-flex items-center gap-1 rounded-full px-3 py-1 text-[12px] font-medium ${provider.hasApiKey ? "bg-emerald-50 text-emerald-700" : "bg-amber-50 text-amber-700"}`}>
+                  <span className={`inline-flex items-center gap-1 rounded-full px-3 py-1 text-[12px] font-medium ${provider.hasCredential ? "bg-emerald-50 text-emerald-700" : "bg-amber-50 text-amber-700"}`}>
                     <KeyRound className="h-3.5 w-3.5" />
-                    {provider.hasApiKey ? "Credential saved" : "Credential missing"}
+                    {provider.hasCredential ? (provider.credentialKind === "opencode_oauth" ? "OpenCode OAuth" : "Credential saved") : "Credential missing"}
                   </span>
                   {envNames.slice(0, 2).map((envName) => (
                     <span key={envName} className="rounded-full bg-gray-100 px-3 py-1 text-[12px] font-medium text-gray-600">
diff --git a/ee/packages/den-db/drizzle/0021_llm_provider_opencode_oauth.sql b/ee/packages/den-db/drizzle/0021_llm_provider_opencode_oauth.sql
new file mode 100644
index 0000000000..96f71ae066
--- /dev/null
+++ b/ee/packages/den-db/drizzle/0021_llm_provider_opencode_oauth.sql
@@ -0,0 +1,3 @@
+ALTER TABLE `llm_provider`
+  ADD COLUMN `credential_kind` enum('api_key','opencode_oauth') NOT NULL DEFAULT 'api_key' AFTER `provider_config`,
+  ADD COLUMN `opencode_auth` text AFTER `api_key`;
diff --git a/ee/packages/den-db/drizzle/meta/0021_snapshot.json b/ee/packages/den-db/drizzle/meta/0021_snapshot.json
new file mode 100644
index 0000000000..8657530575
--- /dev/null
+++ b/ee/packages/den-db/drizzle/meta/0021_snapshot.json
@@ -0,0 +1,7314 @@
+{
+  "version": "5",
+  "dialect": "mysql",
+  "id": "1219ee08-ca60-4271-993e-dd301f212f4e",
+  "prevId": "d306e107-0d3e-4ff6-a2bc-6c0415265f6d",
+  "tables": {
+    "account": {
+      "name": "account",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "account_id": {
+          "name": "account_id",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "provider_id": {
+          "name": "provider_id",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "access_token": {
+          "name": "access_token",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "refresh_token": {
+          "name": "refresh_token",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "access_token_expires_at": {
+          "name": "access_token_expires_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "refresh_token_expires_at": {
+          "name": "refresh_token_expires_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "scope": {
+          "name": "scope",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "id_token": {
+          "name": "id_token",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "password": {
+          "name": "password",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "account_user_id": {
+          "name": "account_user_id",
+          "columns": [
+            "user_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "account_id": {
+          "name": "account_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "apikey": {
+      "name": "apikey",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "config_id": {
+          "name": "config_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'default'"
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "start": {
+          "name": "start",
+          "type": "varchar(32)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "prefix": {
+          "name": "prefix",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "key": {
+          "name": "key",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "reference_id": {
+          "name": "reference_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "refill_interval": {
+          "name": "refill_interval",
+          "type": "bigint",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "refill_amount": {
+          "name": "refill_amount",
+          "type": "int",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "last_refill_at": {
+          "name": "last_refill_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "enabled": {
+          "name": "enabled",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": true
+        },
+        "rate_limit_enabled": {
+          "name": "rate_limit_enabled",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": true
+        },
+        "rate_limit_time_window": {
+          "name": "rate_limit_time_window",
+          "type": "bigint",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "rate_limit_max": {
+          "name": "rate_limit_max",
+          "type": "int",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "request_count": {
+          "name": "request_count",
+          "type": "int",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false,
+          "default": 0
+        },
+        "remaining": {
+          "name": "remaining",
+          "type": "int",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "last_request": {
+          "name": "last_request",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        },
+        "permissions": {
+          "name": "permissions",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "metadata": {
+          "name": "metadata",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "apikey_config_id": {
+          "name": "apikey_config_id",
+          "columns": [
+            "config_id"
+          ],
+          "isUnique": false
+        },
+        "apikey_reference_id": {
+          "name": "apikey_reference_id",
+          "columns": [
+            "reference_id"
+          ],
+          "isUnique": false
+        },
+        "apikey_key": {
+          "name": "apikey_key",
+          "columns": [
+            "key"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "apikey_id": {
+          "name": "apikey_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "jwks": {
+      "name": "jwks",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "public_key": {
+          "name": "public_key",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "private_key": {
+          "name": "private_key",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "alg": {
+          "name": "alg",
+          "type": "varchar(32)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "crv": {
+          "name": "crv",
+          "type": "varchar(32)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "jwks_id": {
+          "name": "jwks_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "session": {
+      "name": "session",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "active_organization_id": {
+          "name": "active_organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "active_team_id": {
+          "name": "active_team_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "token": {
+          "name": "token",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "ip_address": {
+          "name": "ip_address",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "user_agent": {
+          "name": "user_agent",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "session_token": {
+          "name": "session_token",
+          "columns": [
+            "token"
+          ],
+          "isUnique": true
+        },
+        "session_user_id": {
+          "name": "session_user_id",
+          "columns": [
+            "user_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "session_id": {
+          "name": "session_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "user": {
+      "name": "user",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "email": {
+          "name": "email",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "email_verified": {
+          "name": "email_verified",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": false
+        },
+        "image": {
+          "name": "image",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "user_email": {
+          "name": "user_email",
+          "columns": [
+            "email"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "user_id": {
+          "name": "user_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "verification": {
+      "name": "verification",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "identifier": {
+          "name": "identifier",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "value": {
+          "name": "value",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "verification_identifier": {
+          "name": "verification_identifier",
+          "columns": [
+            "identifier"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "verification_id": {
+          "name": "verification_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "external_identity": {
+      "name": "external_identity",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "source": {
+          "name": "source",
+          "type": "varchar(32)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "scim_provider_id": {
+          "name": "scim_provider_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "sso_provider_id": {
+          "name": "sso_provider_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "remote_id": {
+          "name": "remote_id",
+          "type": "varchar(191)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "external_id": {
+          "name": "external_id",
+          "type": "varchar(191)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "user_name": {
+          "name": "user_name",
+          "type": "varchar(191)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "email": {
+          "name": "email",
+          "type": "varchar(191)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "display_name": {
+          "name": "display_name",
+          "type": "varchar(191)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "name_json": {
+          "name": "name_json",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "emails_json": {
+          "name": "emails_json",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "attributes_json": {
+          "name": "attributes_json",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "active": {
+          "name": "active",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": true
+        },
+        "last_scim_sync_at": {
+          "name": "last_scim_sync_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "last_sso_login_at": {
+          "name": "last_sso_login_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "external_identity_org_user": {
+          "name": "external_identity_org_user",
+          "columns": [
+            "organization_id",
+            "user_id"
+          ],
+          "isUnique": true
+        },
+        "external_identity_org_sso_remote": {
+          "name": "external_identity_org_sso_remote",
+          "columns": [
+            "organization_id",
+            "sso_provider_id",
+            "remote_id"
+          ],
+          "isUnique": true
+        },
+        "external_identity_org_scim_external": {
+          "name": "external_identity_org_scim_external",
+          "columns": [
+            "organization_id",
+            "scim_provider_id",
+            "external_id"
+          ],
+          "isUnique": true
+        },
+        "external_identity_org_email": {
+          "name": "external_identity_org_email",
+          "columns": [
+            "organization_id",
+            "email"
+          ],
+          "isUnique": false
+        },
+        "external_identity_sso_provider": {
+          "name": "external_identity_sso_provider",
+          "columns": [
+            "sso_provider_id"
+          ],
+          "isUnique": false
+        },
+        "external_identity_scim_provider": {
+          "name": "external_identity_scim_provider",
+          "columns": [
+            "scim_provider_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "external_identity_id": {
+          "name": "external_identity_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "oauthAccessToken": {
+      "name": "oauthAccessToken",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "token": {
+          "name": "token",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "client_id": {
+          "name": "client_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "session_id": {
+          "name": "session_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "reference_id": {
+          "name": "reference_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "refresh_id": {
+          "name": "refresh_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "scopes": {
+          "name": "scopes",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "oauth_access_token_client_id": {
+          "name": "oauth_access_token_client_id",
+          "columns": [
+            "client_id"
+          ],
+          "isUnique": false
+        },
+        "oauth_access_token_session_id": {
+          "name": "oauth_access_token_session_id",
+          "columns": [
+            "session_id"
+          ],
+          "isUnique": false
+        },
+        "oauth_access_token_user_id": {
+          "name": "oauth_access_token_user_id",
+          "columns": [
+            "user_id"
+          ],
+          "isUnique": false
+        },
+        "oauth_access_token_reference_id": {
+          "name": "oauth_access_token_reference_id",
+          "columns": [
+            "reference_id"
+          ],
+          "isUnique": false
+        },
+        "oauth_access_token_refresh_id": {
+          "name": "oauth_access_token_refresh_id",
+          "columns": [
+            "refresh_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "oauthAccessToken_id": {
+          "name": "oauthAccessToken_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "oauthClient": {
+      "name": "oauthClient",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "client_id": {
+          "name": "client_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "client_secret": {
+          "name": "client_secret",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "disabled": {
+          "name": "disabled",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false,
+          "default": false
+        },
+        "skip_consent": {
+          "name": "skip_consent",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "enable_end_session": {
+          "name": "enable_end_session",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "subject_type": {
+          "name": "subject_type",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "scopes": {
+          "name": "scopes",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "uri": {
+          "name": "uri",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "icon": {
+          "name": "icon",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "contacts": {
+          "name": "contacts",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "tos": {
+          "name": "tos",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "policy": {
+          "name": "policy",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "software_id": {
+          "name": "software_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "software_version": {
+          "name": "software_version",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "software_statement": {
+          "name": "software_statement",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "redirect_uris": {
+          "name": "redirect_uris",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "post_logout_redirect_uris": {
+          "name": "post_logout_redirect_uris",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "token_endpoint_auth_method": {
+          "name": "token_endpoint_auth_method",
+          "type": "varchar(128)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "grant_types": {
+          "name": "grant_types",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "response_types": {
+          "name": "response_types",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "public": {
+          "name": "public",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "type": {
+          "name": "type",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "require_pkce": {
+          "name": "require_pkce",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "reference_id": {
+          "name": "reference_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "metadata": {
+          "name": "metadata",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "oauth_client_client_id": {
+          "name": "oauth_client_client_id",
+          "columns": [
+            "client_id"
+          ],
+          "isUnique": true
+        },
+        "oauth_client_user_id": {
+          "name": "oauth_client_user_id",
+          "columns": [
+            "user_id"
+          ],
+          "isUnique": false
+        },
+        "oauth_client_reference_id": {
+          "name": "oauth_client_reference_id",
+          "columns": [
+            "reference_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "oauthClient_id": {
+          "name": "oauthClient_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "oauthConsent": {
+      "name": "oauthConsent",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "client_id": {
+          "name": "client_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "reference_id": {
+          "name": "reference_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "scopes": {
+          "name": "scopes",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "oauth_consent_client_id": {
+          "name": "oauth_consent_client_id",
+          "columns": [
+            "client_id"
+          ],
+          "isUnique": false
+        },
+        "oauth_consent_user_id": {
+          "name": "oauth_consent_user_id",
+          "columns": [
+            "user_id"
+          ],
+          "isUnique": false
+        },
+        "oauth_consent_reference_id": {
+          "name": "oauth_consent_reference_id",
+          "columns": [
+            "reference_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "oauthConsent_id": {
+          "name": "oauthConsent_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "oauthRefreshToken": {
+      "name": "oauthRefreshToken",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "token": {
+          "name": "token",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "client_id": {
+          "name": "client_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "session_id": {
+          "name": "session_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "reference_id": {
+          "name": "reference_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "revoked": {
+          "name": "revoked",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "auth_time": {
+          "name": "auth_time",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "scopes": {
+          "name": "scopes",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "oauth_refresh_token_client_id": {
+          "name": "oauth_refresh_token_client_id",
+          "columns": [
+            "client_id"
+          ],
+          "isUnique": false
+        },
+        "oauth_refresh_token_session_id": {
+          "name": "oauth_refresh_token_session_id",
+          "columns": [
+            "session_id"
+          ],
+          "isUnique": false
+        },
+        "oauth_refresh_token_user_id": {
+          "name": "oauth_refresh_token_user_id",
+          "columns": [
+            "user_id"
+          ],
+          "isUnique": false
+        },
+        "oauth_refresh_token_reference_id": {
+          "name": "oauth_refresh_token_reference_id",
+          "columns": [
+            "reference_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "oauthRefreshToken_id": {
+          "name": "oauthRefreshToken_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "scim_provider": {
+      "name": "scim_provider",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "provider_id": {
+          "name": "provider_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "scim_token": {
+          "name": "scim_token",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "scim_provider_provider_id": {
+          "name": "scim_provider_provider_id",
+          "columns": [
+            "provider_id"
+          ],
+          "isUnique": true
+        },
+        "scim_provider_organization_id": {
+          "name": "scim_provider_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "scim_provider_id": {
+          "name": "scim_provider_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "sso_connection": {
+      "name": "sso_connection",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "provider_id": {
+          "name": "provider_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "kind": {
+          "name": "kind",
+          "type": "varchar(16)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "issuer": {
+          "name": "issuer",
+          "type": "varchar(2048)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "domain": {
+          "name": "domain",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "varchar(32)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'enabled'"
+        },
+        "sign_in_path": {
+          "name": "sign_in_path",
+          "type": "varchar(2048)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "last_tested_at": {
+          "name": "last_tested_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "last_error": {
+          "name": "last_error",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "sso_connection_organization_id": {
+          "name": "sso_connection_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": true
+        },
+        "sso_connection_provider_id": {
+          "name": "sso_connection_provider_id",
+          "columns": [
+            "provider_id"
+          ],
+          "isUnique": true
+        },
+        "sso_connection_domain": {
+          "name": "sso_connection_domain",
+          "columns": [
+            "domain"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "sso_connection_id": {
+          "name": "sso_connection_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "sso_provider": {
+      "name": "sso_provider",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "issuer": {
+          "name": "issuer",
+          "type": "varchar(2048)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "domain": {
+          "name": "domain",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "oidc_config": {
+          "name": "oidc_config",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "saml_config": {
+          "name": "saml_config",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "provider_id": {
+          "name": "provider_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "domain_verified": {
+          "name": "domain_verified",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "sso_provider_provider_id": {
+          "name": "sso_provider_provider_id",
+          "columns": [
+            "provider_id"
+          ],
+          "isUnique": true
+        },
+        "sso_provider_domain": {
+          "name": "sso_provider_domain",
+          "columns": [
+            "domain"
+          ],
+          "isUnique": false
+        },
+        "sso_provider_organization_id": {
+          "name": "sso_provider_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "sso_provider_user_id": {
+          "name": "sso_provider_user_id",
+          "columns": [
+            "user_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "sso_provider_id": {
+          "name": "sso_provider_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "desktop_policy_member": {
+      "name": "desktop_policy_member",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "desktop_policy_id": {
+          "name": "desktop_policy_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_member_id": {
+          "name": "org_member_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "team_id": {
+          "name": "team_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "desktop_policy_member_organization_id": {
+          "name": "desktop_policy_member_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "desktop_policy_member_policy_id": {
+          "name": "desktop_policy_member_policy_id",
+          "columns": [
+            "desktop_policy_id"
+          ],
+          "isUnique": false
+        },
+        "desktop_policy_member_org_member_id": {
+          "name": "desktop_policy_member_org_member_id",
+          "columns": [
+            "org_member_id"
+          ],
+          "isUnique": false
+        },
+        "desktop_policy_member_team_id": {
+          "name": "desktop_policy_member_team_id",
+          "columns": [
+            "team_id"
+          ],
+          "isUnique": false
+        },
+        "desktop_policy_member_policy_org_member": {
+          "name": "desktop_policy_member_policy_org_member",
+          "columns": [
+            "desktop_policy_id",
+            "org_member_id"
+          ],
+          "isUnique": true
+        },
+        "desktop_policy_member_policy_team": {
+          "name": "desktop_policy_member_policy_team",
+          "columns": [
+            "desktop_policy_id",
+            "team_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "desktop_policy_member_id": {
+          "name": "desktop_policy_member_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "desktop_policy": {
+      "name": "desktop_policy",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "policy_name": {
+          "name": "policy_name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "is_default": {
+          "name": "is_default",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "is_enabled": {
+          "name": "is_enabled",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": true
+        },
+        "policy": {
+          "name": "policy",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(json_object())"
+        },
+        "created_by_org_member_id": {
+          "name": "created_by_org_member_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        },
+        "deleted_at": {
+          "name": "deleted_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "desktop_policy_organization_id": {
+          "name": "desktop_policy_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "desktop_policy_created_by_member_id": {
+          "name": "desktop_policy_created_by_member_id",
+          "columns": [
+            "created_by_org_member_id"
+          ],
+          "isUnique": false
+        },
+        "desktop_policy_is_enabled": {
+          "name": "desktop_policy_is_enabled",
+          "columns": [
+            "is_enabled"
+          ],
+          "isUnique": false
+        },
+        "desktop_policy_deleted_at": {
+          "name": "desktop_policy_deleted_at",
+          "columns": [
+            "deleted_at"
+          ],
+          "isUnique": false
+        },
+        "desktop_policy_org_default": {
+          "name": "desktop_policy_org_default",
+          "columns": [
+            "organization_id",
+            "is_default"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "desktop_policy_id": {
+          "name": "desktop_policy_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "inference_keys": {
+      "name": "inference_keys",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_membership_id": {
+          "name": "org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "key_hash": {
+          "name": "key_hash",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "key_prefix": {
+          "name": "key_prefix",
+          "type": "varchar(32)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "enum('active','revoked')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'active'"
+        },
+        "revoked_at": {
+          "name": "revoked_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "inference_keys_key_hash": {
+          "name": "inference_keys_key_hash",
+          "columns": [
+            "key_hash"
+          ],
+          "isUnique": true
+        },
+        "inference_keys_organization_id": {
+          "name": "inference_keys_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "inference_keys_org_membership_id": {
+          "name": "inference_keys_org_membership_id",
+          "columns": [
+            "org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "inference_keys_status": {
+          "name": "inference_keys_status",
+          "columns": [
+            "status"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "inference_keys_id": {
+          "name": "inference_keys_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "inference_org_limit_policies": {
+      "name": "inference_org_limit_policies",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "window_type": {
+          "name": "window_type",
+          "type": "enum('five_hour','weekly','monthly')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "reset_strategy": {
+          "name": "reset_strategy",
+          "type": "enum('anchored','activity_based')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "anchor_at": {
+          "name": "anchor_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "current_bucket_id": {
+          "name": "current_bucket_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "inference_org_limit_policies_organization_id": {
+          "name": "inference_org_limit_policies_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "inference_org_limit_policies_org_window_type": {
+          "name": "inference_org_limit_policies_org_window_type",
+          "columns": [
+            "organization_id",
+            "window_type"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "inference_org_limit_policies_id": {
+          "name": "inference_org_limit_policies_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "inference_org_upstream_provider_keys": {
+      "name": "inference_org_upstream_provider_keys",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "provider": {
+          "name": "provider",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'openrouter'"
+        },
+        "external_key_hash": {
+          "name": "external_key_hash",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "external_workspace_id": {
+          "name": "external_workspace_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "encrypted_api_key": {
+          "name": "encrypted_api_key",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "key_prefix": {
+          "name": "key_prefix",
+          "type": "varchar(32)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "enum('active','revoked')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'active'"
+        },
+        "revoked_at": {
+          "name": "revoked_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "inference_org_upstream_provider_keys_organization_id": {
+          "name": "inference_org_upstream_provider_keys_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "inference_org_upstream_provider_keys_external_key_hash": {
+          "name": "inference_org_upstream_provider_keys_external_key_hash",
+          "columns": [
+            "external_key_hash"
+          ],
+          "isUnique": false
+        },
+        "inference_org_upstream_provider_keys_org_provider": {
+          "name": "inference_org_upstream_provider_keys_org_provider",
+          "columns": [
+            "organization_id",
+            "provider"
+          ],
+          "isUnique": true
+        },
+        "inference_org_upstream_provider_keys_status": {
+          "name": "inference_org_upstream_provider_keys_status",
+          "columns": [
+            "status"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "inference_org_upstream_provider_keys_id": {
+          "name": "inference_org_upstream_provider_keys_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "inference_org_usage_buckets": {
+      "name": "inference_org_usage_buckets",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "policy_id": {
+          "name": "policy_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "window_start_at": {
+          "name": "window_start_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "window_end_at": {
+          "name": "window_end_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "limit_amount": {
+          "name": "limit_amount",
+          "type": "bigint",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "used_amount": {
+          "name": "used_amount",
+          "type": "bigint",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": 0
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "inference_org_usage_buckets_org_window": {
+          "name": "inference_org_usage_buckets_org_window",
+          "columns": [
+            "organization_id",
+            "window_start_at",
+            "window_end_at"
+          ],
+          "isUnique": false
+        },
+        "inference_org_usage_buckets_policy_id": {
+          "name": "inference_org_usage_buckets_policy_id",
+          "columns": [
+            "policy_id"
+          ],
+          "isUnique": false
+        },
+        "inference_org_usage_buckets_policy_window": {
+          "name": "inference_org_usage_buckets_policy_window",
+          "columns": [
+            "policy_id",
+            "window_start_at",
+            "window_end_at"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "inference_org_usage_buckets_id": {
+          "name": "inference_org_usage_buckets_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "inference_usage_ledger_bucket_charges": {
+      "name": "inference_usage_ledger_bucket_charges",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "ledger_entry_id": {
+          "name": "ledger_entry_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "bucket_id": {
+          "name": "bucket_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "amount": {
+          "name": "amount",
+          "type": "bigint",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "inference_usage_ledger_bucket_charges_bucket_id": {
+          "name": "inference_usage_ledger_bucket_charges_bucket_id",
+          "columns": [
+            "bucket_id"
+          ],
+          "isUnique": false
+        },
+        "inference_usage_ledger_bucket_charges_entry_bucket": {
+          "name": "inference_usage_ledger_bucket_charges_entry_bucket",
+          "columns": [
+            "ledger_entry_id",
+            "bucket_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "inference_usage_ledger_bucket_charges_id": {
+          "name": "inference_usage_ledger_bucket_charges_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "inference_usage_ledger_entries": {
+      "name": "inference_usage_ledger_entries",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_membership_id": {
+          "name": "org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "inference_key_id": {
+          "name": "inference_key_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "external_job_id": {
+          "name": "external_job_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "external_event_id": {
+          "name": "external_event_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "cost_amount": {
+          "name": "cost_amount",
+          "type": "bigint",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "event_type": {
+          "name": "event_type",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "occurred_at": {
+          "name": "occurred_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "inference_usage_ledger_entries_organization_id": {
+          "name": "inference_usage_ledger_entries_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "inference_usage_ledger_entries_org_membership_id": {
+          "name": "inference_usage_ledger_entries_org_membership_id",
+          "columns": [
+            "org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "inference_usage_ledger_entries_inference_key_id": {
+          "name": "inference_usage_ledger_entries_inference_key_id",
+          "columns": [
+            "inference_key_id"
+          ],
+          "isUnique": false
+        },
+        "inference_usage_ledger_entries_external_event_id": {
+          "name": "inference_usage_ledger_entries_external_event_id",
+          "columns": [
+            "external_event_id"
+          ],
+          "isUnique": true
+        },
+        "inference_usage_ledger_entries_job_event_type": {
+          "name": "inference_usage_ledger_entries_job_event_type",
+          "columns": [
+            "external_job_id",
+            "event_type"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "inference_usage_ledger_entries_id": {
+          "name": "inference_usage_ledger_entries_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "desktop_handoff_grant": {
+      "name": "desktop_handoff_grant",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "session_token": {
+          "name": "session_token",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "consumed_at": {
+          "name": "consumed_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "desktop_handoff_grant_user_id": {
+          "name": "desktop_handoff_grant_user_id",
+          "columns": [
+            "user_id"
+          ],
+          "isUnique": false
+        },
+        "desktop_handoff_grant_expires_at": {
+          "name": "desktop_handoff_grant_expires_at",
+          "columns": [
+            "expires_at"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "desktop_handoff_grant_id": {
+          "name": "desktop_handoff_grant_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "invitation": {
+      "name": "invitation",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "email": {
+          "name": "email",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "role": {
+          "name": "role",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "varchar(32)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'pending'"
+        },
+        "team_id": {
+          "name": "team_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "inviter_id": {
+          "name": "inviter_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_member_id": {
+          "name": "org_member_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "invite_token": {
+          "name": "invite_token",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "invitation_organization_id": {
+          "name": "invitation_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "invitation_email": {
+          "name": "invitation_email",
+          "columns": [
+            "email"
+          ],
+          "isUnique": false
+        },
+        "invitation_status": {
+          "name": "invitation_status",
+          "columns": [
+            "status"
+          ],
+          "isUnique": false
+        },
+        "invitation_team_id": {
+          "name": "invitation_team_id",
+          "columns": [
+            "team_id"
+          ],
+          "isUnique": false
+        },
+        "invitation_org_member_id": {
+          "name": "invitation_org_member_id",
+          "columns": [
+            "org_member_id"
+          ],
+          "isUnique": false
+        },
+        "invitation_invite_token": {
+          "name": "invitation_invite_token",
+          "columns": [
+            "invite_token"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "invitation_id": {
+          "name": "invitation_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "member": {
+      "name": "member",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "invite_id": {
+          "name": "invite_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "invited_by_org_member": {
+          "name": "invited_by_org_member",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "role": {
+          "name": "role",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'member'"
+        },
+        "joined_at": {
+          "name": "joined_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "removed_at": {
+          "name": "removed_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "removed_by_org_member": {
+          "name": "removed_by_org_member",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "member_organization_id": {
+          "name": "member_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "member_user_id": {
+          "name": "member_user_id",
+          "columns": [
+            "user_id"
+          ],
+          "isUnique": false
+        },
+        "member_invite_id": {
+          "name": "member_invite_id",
+          "columns": [
+            "invite_id"
+          ],
+          "isUnique": false
+        },
+        "member_invited_by_org_member": {
+          "name": "member_invited_by_org_member",
+          "columns": [
+            "invited_by_org_member"
+          ],
+          "isUnique": false
+        },
+        "member_removed_at": {
+          "name": "member_removed_at",
+          "columns": [
+            "removed_at"
+          ],
+          "isUnique": false
+        },
+        "member_removed_by_org_member": {
+          "name": "member_removed_by_org_member",
+          "columns": [
+            "removed_by_org_member"
+          ],
+          "isUnique": false
+        },
+        "member_organization_user": {
+          "name": "member_organization_user",
+          "columns": [
+            "organization_id",
+            "user_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "member_id": {
+          "name": "member_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "organization_role": {
+      "name": "organization_role",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "role": {
+          "name": "role",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "permission": {
+          "name": "permission",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "organization_role_organization_id": {
+          "name": "organization_role_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "organization_role_name": {
+          "name": "organization_role_name",
+          "columns": [
+            "organization_id",
+            "role"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "organization_role_id": {
+          "name": "organization_role_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "organization": {
+      "name": "organization",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "slug": {
+          "name": "slug",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "logo": {
+          "name": "logo",
+          "type": "varchar(2048)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "allowed_email_domains": {
+          "name": "allowed_email_domains",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "desktop_app_restrictions": {
+          "name": "desktop_app_restrictions",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(json_object())"
+        },
+        "metadata": {
+          "name": "metadata",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "organization_slug": {
+          "name": "organization_slug",
+          "columns": [
+            "slug"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "organization_id": {
+          "name": "organization_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "llm_provider_access": {
+      "name": "llm_provider_access",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "llm_provider_id": {
+          "name": "llm_provider_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_membership_id": {
+          "name": "org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "team_id": {
+          "name": "team_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "llm_provider_access_llm_provider_id": {
+          "name": "llm_provider_access_llm_provider_id",
+          "columns": [
+            "llm_provider_id"
+          ],
+          "isUnique": false
+        },
+        "llm_provider_access_org_membership_id": {
+          "name": "llm_provider_access_org_membership_id",
+          "columns": [
+            "org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "llm_provider_access_team_id": {
+          "name": "llm_provider_access_team_id",
+          "columns": [
+            "team_id"
+          ],
+          "isUnique": false
+        },
+        "llm_provider_access_provider_org_membership": {
+          "name": "llm_provider_access_provider_org_membership",
+          "columns": [
+            "llm_provider_id",
+            "org_membership_id"
+          ],
+          "isUnique": true
+        },
+        "llm_provider_access_provider_team": {
+          "name": "llm_provider_access_provider_team",
+          "columns": [
+            "llm_provider_id",
+            "team_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "llm_provider_access_id": {
+          "name": "llm_provider_access_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "llm_provider_model": {
+      "name": "llm_provider_model",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "llm_provider_id": {
+          "name": "llm_provider_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "model_id": {
+          "name": "model_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "model_config": {
+          "name": "model_config",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "llm_provider_model_llm_provider_id": {
+          "name": "llm_provider_model_llm_provider_id",
+          "columns": [
+            "llm_provider_id"
+          ],
+          "isUnique": false
+        },
+        "llm_provider_model_model_id": {
+          "name": "llm_provider_model_model_id",
+          "columns": [
+            "model_id"
+          ],
+          "isUnique": false
+        },
+        "llm_provider_model_provider_model": {
+          "name": "llm_provider_model_provider_model",
+          "columns": [
+            "llm_provider_id",
+            "model_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "llm_provider_model_id": {
+          "name": "llm_provider_model_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "llm_provider": {
+      "name": "llm_provider",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "source": {
+          "name": "source",
+          "type": "enum('models_dev','custom','openwork')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "provider_id": {
+          "name": "provider_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "provider_config": {
+          "name": "provider_config",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "credential_kind": {
+          "name": "credential_kind",
+          "type": "enum('api_key','opencode_oauth')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'api_key'"
+        },
+        "api_key": {
+          "name": "api_key",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "opencode_auth": {
+          "name": "opencode_auth",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "llm_provider_organization_id": {
+          "name": "llm_provider_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "llm_provider_created_by_org_membership_id": {
+          "name": "llm_provider_created_by_org_membership_id",
+          "columns": [
+            "created_by_org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "llm_provider_source": {
+          "name": "llm_provider_source",
+          "columns": [
+            "source"
+          ],
+          "isUnique": false
+        },
+        "llm_provider_provider_id": {
+          "name": "llm_provider_provider_id",
+          "columns": [
+            "provider_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "llm_provider_id": {
+          "name": "llm_provider_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "config_object_access_grant": {
+      "name": "config_object_access_grant",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "config_object_id": {
+          "name": "config_object_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_membership_id": {
+          "name": "org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "team_id": {
+          "name": "team_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "org_wide": {
+          "name": "org_wide",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": false
+        },
+        "role": {
+          "name": "role",
+          "type": "enum('viewer','editor','manager')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "removed_at": {
+          "name": "removed_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "config_object_access_grant_organization_id": {
+          "name": "config_object_access_grant_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "config_object_access_grant_config_object_id": {
+          "name": "config_object_access_grant_config_object_id",
+          "columns": [
+            "config_object_id"
+          ],
+          "isUnique": false
+        },
+        "config_object_access_grant_org_membership_id": {
+          "name": "config_object_access_grant_org_membership_id",
+          "columns": [
+            "org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "config_object_access_grant_team_id": {
+          "name": "config_object_access_grant_team_id",
+          "columns": [
+            "team_id"
+          ],
+          "isUnique": false
+        },
+        "config_object_access_grant_org_wide": {
+          "name": "config_object_access_grant_org_wide",
+          "columns": [
+            "org_wide"
+          ],
+          "isUnique": false
+        },
+        "config_object_access_grant_object_org_membership": {
+          "name": "config_object_access_grant_object_org_membership",
+          "columns": [
+            "config_object_id",
+            "org_membership_id"
+          ],
+          "isUnique": true
+        },
+        "config_object_access_grant_object_team": {
+          "name": "config_object_access_grant_object_team",
+          "columns": [
+            "config_object_id",
+            "team_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "config_object_access_grant_id": {
+          "name": "config_object_access_grant_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "config_object": {
+      "name": "config_object",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "object_type": {
+          "name": "object_type",
+          "type": "enum('skill','agent','command','tool','mcp','hook','context','custom')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "source_mode": {
+          "name": "source_mode",
+          "type": "enum('cloud','import','connector')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "title": {
+          "name": "title",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "description": {
+          "name": "description",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "search_text": {
+          "name": "search_text",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "current_file_name": {
+          "name": "current_file_name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "current_file_extension": {
+          "name": "current_file_extension",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "current_relative_path": {
+          "name": "current_relative_path",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "enum('active','inactive','deleted','archived','ingestion_error')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'active'"
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_instance_id": {
+          "name": "connector_instance_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        },
+        "deleted_at": {
+          "name": "deleted_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "config_object_organization_id": {
+          "name": "config_object_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "config_object_type": {
+          "name": "config_object_type",
+          "columns": [
+            "object_type"
+          ],
+          "isUnique": false
+        },
+        "config_object_source_mode": {
+          "name": "config_object_source_mode",
+          "columns": [
+            "source_mode"
+          ],
+          "isUnique": false
+        },
+        "config_object_status": {
+          "name": "config_object_status",
+          "columns": [
+            "status"
+          ],
+          "isUnique": false
+        },
+        "config_object_created_by_org_membership_id": {
+          "name": "config_object_created_by_org_membership_id",
+          "columns": [
+            "created_by_org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "config_object_connector_instance_id": {
+          "name": "config_object_connector_instance_id",
+          "columns": [
+            "connector_instance_id"
+          ],
+          "isUnique": false
+        },
+        "config_object_current_relative_path": {
+          "name": "config_object_current_relative_path",
+          "columns": [
+            "current_relative_path"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "config_object_id": {
+          "name": "config_object_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "config_object_version": {
+      "name": "config_object_version",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "config_object_id": {
+          "name": "config_object_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "normalized_payload_json": {
+          "name": "normalized_payload_json",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "raw_source_text": {
+          "name": "raw_source_text",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "schema_version": {
+          "name": "schema_version",
+          "type": "varchar(100)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_via": {
+          "name": "created_via",
+          "type": "enum('cloud','import','connector','system')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "connector_sync_event_id": {
+          "name": "connector_sync_event_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "source_revision_ref": {
+          "name": "source_revision_ref",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "is_deleted_version": {
+          "name": "is_deleted_version",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "config_object_version_organization_id": {
+          "name": "config_object_version_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "config_object_version_config_object_id": {
+          "name": "config_object_version_config_object_id",
+          "columns": [
+            "config_object_id"
+          ],
+          "isUnique": false
+        },
+        "config_object_version_created_by_org_membership_id": {
+          "name": "config_object_version_created_by_org_membership_id",
+          "columns": [
+            "created_by_org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "config_object_version_connector_sync_event_id": {
+          "name": "config_object_version_connector_sync_event_id",
+          "columns": [
+            "connector_sync_event_id"
+          ],
+          "isUnique": false
+        },
+        "config_object_version_source_revision_ref": {
+          "name": "config_object_version_source_revision_ref",
+          "columns": [
+            "source_revision_ref"
+          ],
+          "isUnique": false
+        },
+        "config_object_version_lookup_latest": {
+          "name": "config_object_version_lookup_latest",
+          "columns": [
+            "config_object_id",
+            "created_at",
+            "id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "config_object_version_id": {
+          "name": "config_object_version_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "connector_account": {
+      "name": "connector_account",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_type": {
+          "name": "connector_type",
+          "type": "enum('github')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "remote_id": {
+          "name": "remote_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "external_account_ref": {
+          "name": "external_account_ref",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "display_name": {
+          "name": "display_name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "enum('active','inactive','disconnected','error')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'active'"
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "metadata_json": {
+          "name": "metadata_json",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "connector_account_organization_id": {
+          "name": "connector_account_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "connector_account_created_by_org_membership_id": {
+          "name": "connector_account_created_by_org_membership_id",
+          "columns": [
+            "created_by_org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "connector_account_connector_type": {
+          "name": "connector_account_connector_type",
+          "columns": [
+            "connector_type"
+          ],
+          "isUnique": false
+        },
+        "connector_account_status": {
+          "name": "connector_account_status",
+          "columns": [
+            "status"
+          ],
+          "isUnique": false
+        },
+        "connector_account_org_type_remote_id": {
+          "name": "connector_account_org_type_remote_id",
+          "columns": [
+            "organization_id",
+            "connector_type",
+            "remote_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "connector_account_id": {
+          "name": "connector_account_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "connector_instance_access_grant": {
+      "name": "connector_instance_access_grant",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_instance_id": {
+          "name": "connector_instance_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_membership_id": {
+          "name": "org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "team_id": {
+          "name": "team_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "org_wide": {
+          "name": "org_wide",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": false
+        },
+        "role": {
+          "name": "role",
+          "type": "enum('viewer','editor','manager')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "removed_at": {
+          "name": "removed_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "connector_instance_access_grant_organization_id": {
+          "name": "connector_instance_access_grant_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "connector_instance_access_grant_instance_id": {
+          "name": "connector_instance_access_grant_instance_id",
+          "columns": [
+            "connector_instance_id"
+          ],
+          "isUnique": false
+        },
+        "connector_instance_access_grant_org_membership_id": {
+          "name": "connector_instance_access_grant_org_membership_id",
+          "columns": [
+            "org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "connector_instance_access_grant_team_id": {
+          "name": "connector_instance_access_grant_team_id",
+          "columns": [
+            "team_id"
+          ],
+          "isUnique": false
+        },
+        "connector_instance_access_grant_org_wide": {
+          "name": "connector_instance_access_grant_org_wide",
+          "columns": [
+            "org_wide"
+          ],
+          "isUnique": false
+        },
+        "connector_instance_access_grant_instance_org_membership": {
+          "name": "connector_instance_access_grant_instance_org_membership",
+          "columns": [
+            "connector_instance_id",
+            "org_membership_id"
+          ],
+          "isUnique": true
+        },
+        "connector_instance_access_grant_instance_team": {
+          "name": "connector_instance_access_grant_instance_team",
+          "columns": [
+            "connector_instance_id",
+            "team_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "connector_instance_access_grant_id": {
+          "name": "connector_instance_access_grant_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "connector_instance": {
+      "name": "connector_instance",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_account_id": {
+          "name": "connector_account_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_type": {
+          "name": "connector_type",
+          "type": "enum('github')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "remote_id": {
+          "name": "remote_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "enum('active','disabled','archived','error')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'active'"
+        },
+        "instance_config_json": {
+          "name": "instance_config_json",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "last_synced_at": {
+          "name": "last_synced_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "last_sync_status": {
+          "name": "last_sync_status",
+          "type": "enum('pending','queued','running','completed','failed','partial','ignored')",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "last_sync_cursor": {
+          "name": "last_sync_cursor",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "connector_instance_organization_id": {
+          "name": "connector_instance_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "connector_instance_connector_account_id": {
+          "name": "connector_instance_connector_account_id",
+          "columns": [
+            "connector_account_id"
+          ],
+          "isUnique": false
+        },
+        "connector_instance_created_by_org_membership_id": {
+          "name": "connector_instance_created_by_org_membership_id",
+          "columns": [
+            "created_by_org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "connector_instance_connector_type": {
+          "name": "connector_instance_connector_type",
+          "columns": [
+            "connector_type"
+          ],
+          "isUnique": false
+        },
+        "connector_instance_status": {
+          "name": "connector_instance_status",
+          "columns": [
+            "status"
+          ],
+          "isUnique": false
+        },
+        "connector_instance_org_name": {
+          "name": "connector_instance_org_name",
+          "columns": [
+            "organization_id",
+            "name"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "connector_instance_id": {
+          "name": "connector_instance_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "connector_mapping": {
+      "name": "connector_mapping",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_instance_id": {
+          "name": "connector_instance_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_target_id": {
+          "name": "connector_target_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_type": {
+          "name": "connector_type",
+          "type": "enum('github')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "remote_id": {
+          "name": "remote_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "mapping_kind": {
+          "name": "mapping_kind",
+          "type": "enum('path','api','custom')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "selector": {
+          "name": "selector",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "object_type": {
+          "name": "object_type",
+          "type": "enum('skill','agent','command','tool','mcp','hook','context','custom')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "plugin_id": {
+          "name": "plugin_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "auto_add_to_plugin": {
+          "name": "auto_add_to_plugin",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": false
+        },
+        "mapping_config_json": {
+          "name": "mapping_config_json",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "connector_mapping_organization_id": {
+          "name": "connector_mapping_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "connector_mapping_connector_instance_id": {
+          "name": "connector_mapping_connector_instance_id",
+          "columns": [
+            "connector_instance_id"
+          ],
+          "isUnique": false
+        },
+        "connector_mapping_connector_target_id": {
+          "name": "connector_mapping_connector_target_id",
+          "columns": [
+            "connector_target_id"
+          ],
+          "isUnique": false
+        },
+        "connector_mapping_object_type": {
+          "name": "connector_mapping_object_type",
+          "columns": [
+            "object_type"
+          ],
+          "isUnique": false
+        },
+        "connector_mapping_plugin_id": {
+          "name": "connector_mapping_plugin_id",
+          "columns": [
+            "plugin_id"
+          ],
+          "isUnique": false
+        },
+        "connector_mapping_target_selector_object_type": {
+          "name": "connector_mapping_target_selector_object_type",
+          "columns": [
+            "connector_target_id",
+            "selector",
+            "object_type"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "connector_mapping_id": {
+          "name": "connector_mapping_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "connector_source_binding": {
+      "name": "connector_source_binding",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "config_object_id": {
+          "name": "config_object_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_instance_id": {
+          "name": "connector_instance_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_target_id": {
+          "name": "connector_target_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_mapping_id": {
+          "name": "connector_mapping_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_type": {
+          "name": "connector_type",
+          "type": "enum('github')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "remote_id": {
+          "name": "remote_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "external_locator": {
+          "name": "external_locator",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "external_stable_ref": {
+          "name": "external_stable_ref",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "last_seen_source_revision_ref": {
+          "name": "last_seen_source_revision_ref",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "enum('active','inactive','deleted','archived','ingestion_error')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'active'"
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        },
+        "deleted_at": {
+          "name": "deleted_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "connector_source_binding_organization_id": {
+          "name": "connector_source_binding_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "connector_source_binding_config_object_id": {
+          "name": "connector_source_binding_config_object_id",
+          "columns": [
+            "config_object_id"
+          ],
+          "isUnique": false
+        },
+        "connector_source_binding_connector_instance_id": {
+          "name": "connector_source_binding_connector_instance_id",
+          "columns": [
+            "connector_instance_id"
+          ],
+          "isUnique": false
+        },
+        "connector_source_binding_connector_target_id": {
+          "name": "connector_source_binding_connector_target_id",
+          "columns": [
+            "connector_target_id"
+          ],
+          "isUnique": false
+        },
+        "connector_source_binding_connector_mapping_id": {
+          "name": "connector_source_binding_connector_mapping_id",
+          "columns": [
+            "connector_mapping_id"
+          ],
+          "isUnique": false
+        },
+        "connector_source_binding_external_locator": {
+          "name": "connector_source_binding_external_locator",
+          "columns": [
+            "external_locator"
+          ],
+          "isUnique": false
+        },
+        "connector_source_binding_config_object": {
+          "name": "connector_source_binding_config_object",
+          "columns": [
+            "config_object_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "connector_source_binding_id": {
+          "name": "connector_source_binding_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "connector_source_tombstone": {
+      "name": "connector_source_tombstone",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_instance_id": {
+          "name": "connector_instance_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_target_id": {
+          "name": "connector_target_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_mapping_id": {
+          "name": "connector_mapping_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_type": {
+          "name": "connector_type",
+          "type": "enum('github')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "remote_id": {
+          "name": "remote_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "external_locator": {
+          "name": "external_locator",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "former_config_object_id": {
+          "name": "former_config_object_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "deleted_in_sync_event_id": {
+          "name": "deleted_in_sync_event_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "deleted_source_revision_ref": {
+          "name": "deleted_source_revision_ref",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "connector_source_tombstone_organization_id": {
+          "name": "connector_source_tombstone_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "connector_source_tombstone_connector_instance_id": {
+          "name": "connector_source_tombstone_connector_instance_id",
+          "columns": [
+            "connector_instance_id"
+          ],
+          "isUnique": false
+        },
+        "connector_source_tombstone_connector_target_id": {
+          "name": "connector_source_tombstone_connector_target_id",
+          "columns": [
+            "connector_target_id"
+          ],
+          "isUnique": false
+        },
+        "connector_source_tombstone_connector_mapping_id": {
+          "name": "connector_source_tombstone_connector_mapping_id",
+          "columns": [
+            "connector_mapping_id"
+          ],
+          "isUnique": false
+        },
+        "connector_source_tombstone_external_locator": {
+          "name": "connector_source_tombstone_external_locator",
+          "columns": [
+            "external_locator"
+          ],
+          "isUnique": false
+        },
+        "connector_source_tombstone_former_config_object_id": {
+          "name": "connector_source_tombstone_former_config_object_id",
+          "columns": [
+            "former_config_object_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "connector_source_tombstone_id": {
+          "name": "connector_source_tombstone_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "connector_sync_event": {
+      "name": "connector_sync_event",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_instance_id": {
+          "name": "connector_instance_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_target_id": {
+          "name": "connector_target_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "connector_type": {
+          "name": "connector_type",
+          "type": "enum('github')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "remote_id": {
+          "name": "remote_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "event_type": {
+          "name": "event_type",
+          "type": "enum('push','installation','installation_repositories','repository','manual_resync')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "external_event_ref": {
+          "name": "external_event_ref",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "source_revision_ref": {
+          "name": "source_revision_ref",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "enum('pending','queued','running','completed','failed','partial','ignored')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'pending'"
+        },
+        "summary_json": {
+          "name": "summary_json",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "started_at": {
+          "name": "started_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "completed_at": {
+          "name": "completed_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "connector_sync_event_organization_id": {
+          "name": "connector_sync_event_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "connector_sync_event_connector_instance_id": {
+          "name": "connector_sync_event_connector_instance_id",
+          "columns": [
+            "connector_instance_id"
+          ],
+          "isUnique": false
+        },
+        "connector_sync_event_connector_target_id": {
+          "name": "connector_sync_event_connector_target_id",
+          "columns": [
+            "connector_target_id"
+          ],
+          "isUnique": false
+        },
+        "connector_sync_event_event_type": {
+          "name": "connector_sync_event_event_type",
+          "columns": [
+            "event_type"
+          ],
+          "isUnique": false
+        },
+        "connector_sync_event_status": {
+          "name": "connector_sync_event_status",
+          "columns": [
+            "status"
+          ],
+          "isUnique": false
+        },
+        "connector_sync_event_source_revision_ref": {
+          "name": "connector_sync_event_source_revision_ref",
+          "columns": [
+            "source_revision_ref"
+          ],
+          "isUnique": false
+        },
+        "connector_sync_event_external_event_ref": {
+          "name": "connector_sync_event_external_event_ref",
+          "columns": [
+            "external_event_ref"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "connector_sync_event_id": {
+          "name": "connector_sync_event_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "connector_target": {
+      "name": "connector_target",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_instance_id": {
+          "name": "connector_instance_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "connector_type": {
+          "name": "connector_type",
+          "type": "enum('github')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "remote_id": {
+          "name": "remote_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "target_kind": {
+          "name": "target_kind",
+          "type": "enum('repository_branch')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "external_target_ref": {
+          "name": "external_target_ref",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "target_config_json": {
+          "name": "target_config_json",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "connector_target_organization_id": {
+          "name": "connector_target_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "connector_target_connector_instance_id": {
+          "name": "connector_target_connector_instance_id",
+          "columns": [
+            "connector_instance_id"
+          ],
+          "isUnique": false
+        },
+        "connector_target_connector_type": {
+          "name": "connector_target_connector_type",
+          "columns": [
+            "connector_type"
+          ],
+          "isUnique": false
+        },
+        "connector_target_target_kind": {
+          "name": "connector_target_target_kind",
+          "columns": [
+            "target_kind"
+          ],
+          "isUnique": false
+        },
+        "connector_target_instance_remote_id": {
+          "name": "connector_target_instance_remote_id",
+          "columns": [
+            "connector_instance_id",
+            "remote_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "connector_target_id": {
+          "name": "connector_target_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "marketplace_access_grant": {
+      "name": "marketplace_access_grant",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "marketplace_id": {
+          "name": "marketplace_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_membership_id": {
+          "name": "org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "team_id": {
+          "name": "team_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "org_wide": {
+          "name": "org_wide",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": false
+        },
+        "role": {
+          "name": "role",
+          "type": "enum('viewer','editor','manager')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "removed_at": {
+          "name": "removed_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "marketplace_access_grant_organization_id": {
+          "name": "marketplace_access_grant_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "marketplace_access_grant_marketplace_id": {
+          "name": "marketplace_access_grant_marketplace_id",
+          "columns": [
+            "marketplace_id"
+          ],
+          "isUnique": false
+        },
+        "marketplace_access_grant_org_membership_id": {
+          "name": "marketplace_access_grant_org_membership_id",
+          "columns": [
+            "org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "marketplace_access_grant_team_id": {
+          "name": "marketplace_access_grant_team_id",
+          "columns": [
+            "team_id"
+          ],
+          "isUnique": false
+        },
+        "marketplace_access_grant_org_wide": {
+          "name": "marketplace_access_grant_org_wide",
+          "columns": [
+            "org_wide"
+          ],
+          "isUnique": false
+        },
+        "marketplace_access_grant_marketplace_org_membership": {
+          "name": "marketplace_access_grant_marketplace_org_membership",
+          "columns": [
+            "marketplace_id",
+            "org_membership_id"
+          ],
+          "isUnique": true
+        },
+        "marketplace_access_grant_marketplace_team": {
+          "name": "marketplace_access_grant_marketplace_team",
+          "columns": [
+            "marketplace_id",
+            "team_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "marketplace_access_grant_id": {
+          "name": "marketplace_access_grant_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "marketplace_plugin": {
+      "name": "marketplace_plugin",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "marketplace_id": {
+          "name": "marketplace_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "plugin_id": {
+          "name": "plugin_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "membership_source": {
+          "name": "membership_source",
+          "type": "enum('manual','connector','api','system')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'manual'"
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "removed_at": {
+          "name": "removed_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "marketplace_plugin_organization_id": {
+          "name": "marketplace_plugin_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "marketplace_plugin_marketplace_id": {
+          "name": "marketplace_plugin_marketplace_id",
+          "columns": [
+            "marketplace_id"
+          ],
+          "isUnique": false
+        },
+        "marketplace_plugin_plugin_id": {
+          "name": "marketplace_plugin_plugin_id",
+          "columns": [
+            "plugin_id"
+          ],
+          "isUnique": false
+        },
+        "marketplace_plugin_marketplace_plugin": {
+          "name": "marketplace_plugin_marketplace_plugin",
+          "columns": [
+            "marketplace_id",
+            "plugin_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "marketplace_plugin_id": {
+          "name": "marketplace_plugin_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "marketplace": {
+      "name": "marketplace",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "description": {
+          "name": "description",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "enum('active','inactive','deleted','archived')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'active'"
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        },
+        "deleted_at": {
+          "name": "deleted_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "marketplace_organization_id": {
+          "name": "marketplace_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "marketplace_created_by_org_membership_id": {
+          "name": "marketplace_created_by_org_membership_id",
+          "columns": [
+            "created_by_org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "marketplace_status": {
+          "name": "marketplace_status",
+          "columns": [
+            "status"
+          ],
+          "isUnique": false
+        },
+        "marketplace_name": {
+          "name": "marketplace_name",
+          "columns": [
+            "name"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "marketplace_id": {
+          "name": "marketplace_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "plugin_access_grant": {
+      "name": "plugin_access_grant",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "plugin_id": {
+          "name": "plugin_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_membership_id": {
+          "name": "org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "team_id": {
+          "name": "team_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "org_wide": {
+          "name": "org_wide",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": false
+        },
+        "role": {
+          "name": "role",
+          "type": "enum('viewer','editor','manager')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "removed_at": {
+          "name": "removed_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "plugin_access_grant_organization_id": {
+          "name": "plugin_access_grant_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "plugin_access_grant_plugin_id": {
+          "name": "plugin_access_grant_plugin_id",
+          "columns": [
+            "plugin_id"
+          ],
+          "isUnique": false
+        },
+        "plugin_access_grant_org_membership_id": {
+          "name": "plugin_access_grant_org_membership_id",
+          "columns": [
+            "org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "plugin_access_grant_team_id": {
+          "name": "plugin_access_grant_team_id",
+          "columns": [
+            "team_id"
+          ],
+          "isUnique": false
+        },
+        "plugin_access_grant_org_wide": {
+          "name": "plugin_access_grant_org_wide",
+          "columns": [
+            "org_wide"
+          ],
+          "isUnique": false
+        },
+        "plugin_access_grant_plugin_org_membership": {
+          "name": "plugin_access_grant_plugin_org_membership",
+          "columns": [
+            "plugin_id",
+            "org_membership_id"
+          ],
+          "isUnique": true
+        },
+        "plugin_access_grant_plugin_team": {
+          "name": "plugin_access_grant_plugin_team",
+          "columns": [
+            "plugin_id",
+            "team_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "plugin_access_grant_id": {
+          "name": "plugin_access_grant_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "plugin_config_object": {
+      "name": "plugin_config_object",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "plugin_id": {
+          "name": "plugin_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "config_object_id": {
+          "name": "config_object_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "membership_source": {
+          "name": "membership_source",
+          "type": "enum('manual','connector','api','system')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'manual'"
+        },
+        "connector_mapping_id": {
+          "name": "connector_mapping_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "removed_at": {
+          "name": "removed_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "plugin_config_object_organization_id": {
+          "name": "plugin_config_object_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "plugin_config_object_plugin_id": {
+          "name": "plugin_config_object_plugin_id",
+          "columns": [
+            "plugin_id"
+          ],
+          "isUnique": false
+        },
+        "plugin_config_object_config_object_id": {
+          "name": "plugin_config_object_config_object_id",
+          "columns": [
+            "config_object_id"
+          ],
+          "isUnique": false
+        },
+        "plugin_config_object_connector_mapping_id": {
+          "name": "plugin_config_object_connector_mapping_id",
+          "columns": [
+            "connector_mapping_id"
+          ],
+          "isUnique": false
+        },
+        "plugin_config_object_plugin_config_object": {
+          "name": "plugin_config_object_plugin_config_object",
+          "columns": [
+            "plugin_id",
+            "config_object_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "plugin_config_object_id": {
+          "name": "plugin_config_object_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "plugin": {
+      "name": "plugin",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "description": {
+          "name": "description",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "enum('active','inactive','deleted','archived')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'active'"
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        },
+        "deleted_at": {
+          "name": "deleted_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "plugin_organization_id": {
+          "name": "plugin_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "plugin_created_by_org_membership_id": {
+          "name": "plugin_created_by_org_membership_id",
+          "columns": [
+            "created_by_org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "plugin_status": {
+          "name": "plugin_status",
+          "columns": [
+            "status"
+          ],
+          "isUnique": false
+        },
+        "plugin_name": {
+          "name": "plugin_name",
+          "columns": [
+            "name"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "plugin_id": {
+          "name": "plugin_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "skill_hub_member": {
+      "name": "skill_hub_member",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "skill_hub_id": {
+          "name": "skill_hub_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_membership_id": {
+          "name": "org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "team_id": {
+          "name": "team_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "skill_hub_member_skill_hub_id": {
+          "name": "skill_hub_member_skill_hub_id",
+          "columns": [
+            "skill_hub_id"
+          ],
+          "isUnique": false
+        },
+        "skill_hub_member_org_membership_id": {
+          "name": "skill_hub_member_org_membership_id",
+          "columns": [
+            "org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "skill_hub_member_team_id": {
+          "name": "skill_hub_member_team_id",
+          "columns": [
+            "team_id"
+          ],
+          "isUnique": false
+        },
+        "skill_hub_member_hub_org_membership": {
+          "name": "skill_hub_member_hub_org_membership",
+          "columns": [
+            "skill_hub_id",
+            "org_membership_id"
+          ],
+          "isUnique": true
+        },
+        "skill_hub_member_hub_team": {
+          "name": "skill_hub_member_hub_team",
+          "columns": [
+            "skill_hub_id",
+            "team_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "skill_hub_member_id": {
+          "name": "skill_hub_member_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "skill_hub_skill": {
+      "name": "skill_hub_skill",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "skill_hub_id": {
+          "name": "skill_hub_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "skill_id": {
+          "name": "skill_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_membership_id": {
+          "name": "org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "skill_hub_skill_skill_hub_id": {
+          "name": "skill_hub_skill_skill_hub_id",
+          "columns": [
+            "skill_hub_id"
+          ],
+          "isUnique": false
+        },
+        "skill_hub_skill_skill_id": {
+          "name": "skill_hub_skill_skill_id",
+          "columns": [
+            "skill_id"
+          ],
+          "isUnique": false
+        },
+        "skill_hub_skill_hub_skill": {
+          "name": "skill_hub_skill_hub_skill",
+          "columns": [
+            "skill_hub_id",
+            "skill_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "skill_hub_skill_id": {
+          "name": "skill_hub_skill_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "skill_hub": {
+      "name": "skill_hub",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "description": {
+          "name": "description",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "skill_hub_organization_id": {
+          "name": "skill_hub_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "skill_hub_created_by_org_membership_id": {
+          "name": "skill_hub_created_by_org_membership_id",
+          "columns": [
+            "created_by_org_membership_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "skill_hub_id": {
+          "name": "skill_hub_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "skill": {
+      "name": "skill",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "title": {
+          "name": "title",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "description": {
+          "name": "description",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "skill_text": {
+          "name": "skill_text",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "shared": {
+          "name": "shared",
+          "type": "enum('org','public')",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "skill_organization_id": {
+          "name": "skill_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "skill_created_by_org_membership_id": {
+          "name": "skill_created_by_org_membership_id",
+          "columns": [
+            "created_by_org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "skill_shared": {
+          "name": "skill_shared",
+          "columns": [
+            "shared"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "skill_id": {
+          "name": "skill_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "org_subscriptions": {
+      "name": "org_subscriptions",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_by_org_membership_id": {
+          "name": "created_by_org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "type": {
+          "name": "type",
+          "type": "enum('inference','seat')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "enum('incomplete','incomplete_expired','trialing','active','past_due','canceled','unpaid','paused','expired')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "'incomplete'"
+        },
+        "stripe_customer_id": {
+          "name": "stripe_customer_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "stripe_subscription_id": {
+          "name": "stripe_subscription_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "stripe_price_id": {
+          "name": "stripe_price_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "stripe_subscription_item_id": {
+          "name": "stripe_subscription_item_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "quantity": {
+          "name": "quantity",
+          "type": "int",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": 0
+        },
+        "current_period_start": {
+          "name": "current_period_start",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "current_period_end": {
+          "name": "current_period_end",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "cancel_at_period_end": {
+          "name": "cancel_at_period_end",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": false
+        },
+        "canceled_at": {
+          "name": "canceled_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "ended_at": {
+          "name": "ended_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "last_event_id": {
+          "name": "last_event_id",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "org_subscriptions_organization_id": {
+          "name": "org_subscriptions_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "org_subscriptions_customer_id": {
+          "name": "org_subscriptions_customer_id",
+          "columns": [
+            "stripe_customer_id"
+          ],
+          "isUnique": false
+        },
+        "org_subscriptions_subscription_id": {
+          "name": "org_subscriptions_subscription_id",
+          "columns": [
+            "stripe_subscription_id"
+          ],
+          "isUnique": true
+        },
+        "org_subscriptions_org_type": {
+          "name": "org_subscriptions_org_type",
+          "columns": [
+            "organization_id",
+            "type"
+          ],
+          "isUnique": true
+        },
+        "org_subscriptions_status": {
+          "name": "org_subscriptions_status",
+          "columns": [
+            "status"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "org_subscriptions_id": {
+          "name": "org_subscriptions_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "team_member": {
+      "name": "team_member",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "team_id": {
+          "name": "team_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_membership_id": {
+          "name": "org_membership_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "team_member_team_id": {
+          "name": "team_member_team_id",
+          "columns": [
+            "team_id"
+          ],
+          "isUnique": false
+        },
+        "team_member_org_membership_id": {
+          "name": "team_member_org_membership_id",
+          "columns": [
+            "org_membership_id"
+          ],
+          "isUnique": false
+        },
+        "team_member_team_org_membership": {
+          "name": "team_member_team_org_membership",
+          "columns": [
+            "team_id",
+            "org_membership_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "team_member_id": {
+          "name": "team_member_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "team": {
+      "name": "team",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "team_organization_id": {
+          "name": "team_organization_id",
+          "columns": [
+            "organization_id"
+          ],
+          "isUnique": false
+        },
+        "team_organization_name": {
+          "name": "team_organization_name",
+          "columns": [
+            "organization_id",
+            "name"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "team_id": {
+          "name": "team_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "audit_event": {
+      "name": "audit_event",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_id": {
+          "name": "org_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "worker_id": {
+          "name": "worker_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "actor_user_id": {
+          "name": "actor_user_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "action": {
+          "name": "action",
+          "type": "varchar(128)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "payload": {
+          "name": "payload",
+          "type": "json",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "audit_event_org_id": {
+          "name": "audit_event_org_id",
+          "columns": [
+            "org_id"
+          ],
+          "isUnique": false
+        },
+        "audit_event_worker_id": {
+          "name": "audit_event_worker_id",
+          "columns": [
+            "worker_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "audit_event_id": {
+          "name": "audit_event_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "daytona_sandbox": {
+      "name": "daytona_sandbox",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "worker_id": {
+          "name": "worker_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "sandbox_id": {
+          "name": "sandbox_id",
+          "type": "varchar(128)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "workspace_volume_id": {
+          "name": "workspace_volume_id",
+          "type": "varchar(128)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "data_volume_id": {
+          "name": "data_volume_id",
+          "type": "varchar(128)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "signed_preview_url": {
+          "name": "signed_preview_url",
+          "type": "varchar(2048)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "signed_preview_url_expires_at": {
+          "name": "signed_preview_url_expires_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "region": {
+          "name": "region",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "daytona_sandbox_worker_id": {
+          "name": "daytona_sandbox_worker_id",
+          "columns": [
+            "worker_id"
+          ],
+          "isUnique": true
+        },
+        "daytona_sandbox_sandbox_id": {
+          "name": "daytona_sandbox_sandbox_id",
+          "columns": [
+            "sandbox_id"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "daytona_sandbox_id": {
+          "name": "daytona_sandbox_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "worker_bundle": {
+      "name": "worker_bundle",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "worker_id": {
+          "name": "worker_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "storage_url": {
+          "name": "storage_url",
+          "type": "varchar(2048)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "worker_bundle_worker_id": {
+          "name": "worker_bundle_worker_id",
+          "columns": [
+            "worker_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "worker_bundle_id": {
+          "name": "worker_bundle_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "worker_instance": {
+      "name": "worker_instance",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "worker_id": {
+          "name": "worker_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "provider": {
+          "name": "provider",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "region": {
+          "name": "region",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "url": {
+          "name": "url",
+          "type": "varchar(2048)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "enum('provisioning','healthy','failed','stopped')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "worker_instance_worker_id": {
+          "name": "worker_instance_worker_id",
+          "columns": [
+            "worker_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "worker_instance_id": {
+          "name": "worker_instance_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "worker": {
+      "name": "worker",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_id": {
+          "name": "org_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_by_user_id": {
+          "name": "created_by_user_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "name": {
+          "name": "name",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "description": {
+          "name": "description",
+          "type": "varchar(1024)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "destination": {
+          "name": "destination",
+          "type": "enum('local','cloud')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "status": {
+          "name": "status",
+          "type": "enum('provisioning','healthy','failed','stopped')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "image_version": {
+          "name": "image_version",
+          "type": "varchar(128)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "workspace_path": {
+          "name": "workspace_path",
+          "type": "varchar(1024)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "sandbox_backend": {
+          "name": "sandbox_backend",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "last_heartbeat_at": {
+          "name": "last_heartbeat_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "last_active_at": {
+          "name": "last_active_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "worker_org_id": {
+          "name": "worker_org_id",
+          "columns": [
+            "org_id"
+          ],
+          "isUnique": false
+        },
+        "worker_created_by_user_id": {
+          "name": "worker_created_by_user_id",
+          "columns": [
+            "created_by_user_id"
+          ],
+          "isUnique": false
+        },
+        "worker_status": {
+          "name": "worker_status",
+          "columns": [
+            "status"
+          ],
+          "isUnique": false
+        },
+        "worker_last_heartbeat_at": {
+          "name": "worker_last_heartbeat_at",
+          "columns": [
+            "last_heartbeat_at"
+          ],
+          "isUnique": false
+        },
+        "worker_last_active_at": {
+          "name": "worker_last_active_at",
+          "columns": [
+            "last_active_at"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "worker_id": {
+          "name": "worker_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "worker_token": {
+      "name": "worker_token",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "worker_id": {
+          "name": "worker_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "scope": {
+          "name": "scope",
+          "type": "enum('client','host','activity')",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "token": {
+          "name": "token",
+          "type": "varchar(128)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "revoked_at": {
+          "name": "revoked_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "worker_token_worker_id": {
+          "name": "worker_token_worker_id",
+          "columns": [
+            "worker_id"
+          ],
+          "isUnique": false
+        },
+        "worker_token_token": {
+          "name": "worker_token_token",
+          "columns": [
+            "token"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "worker_token_id": {
+          "name": "worker_token_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "admin_allowlist": {
+      "name": "admin_allowlist",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "email": {
+          "name": "email",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "note": {
+          "name": "note",
+          "type": "varchar(255)",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3)"
+        }
+      },
+      "indexes": {
+        "admin_allowlist_email": {
+          "name": "admin_allowlist_email",
+          "columns": [
+            "email"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "admin_allowlist_id": {
+          "name": "admin_allowlist_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "rate_limit": {
+      "name": "rate_limit",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "key": {
+          "name": "key",
+          "type": "varchar(512)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "count": {
+          "name": "count",
+          "type": "int",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": 0
+        },
+        "last_request": {
+          "name": "last_request",
+          "type": "bigint",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "rate_limit_key": {
+          "name": "rate_limit_key",
+          "columns": [
+            "key"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "rate_limit_id": {
+          "name": "rate_limit_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    },
+    "telemetry_event": {
+      "name": "telemetry_event",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "org_id": {
+          "name": "org_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "member_id": {
+          "name": "member_id",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "event_type": {
+          "name": "event_type",
+          "type": "varchar(64)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "event_timestamp": {
+          "name": "event_timestamp",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp(3)",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false,
+          "default": "(now())"
+        }
+      },
+      "indexes": {
+        "telemetry_event_org_id_type_ts": {
+          "name": "telemetry_event_org_id_type_ts",
+          "columns": [
+            "org_id",
+            "event_type",
+            "event_timestamp"
+          ],
+          "isUnique": false
+        },
+        "telemetry_event_org_id_member_id": {
+          "name": "telemetry_event_org_id_member_id",
+          "columns": [
+            "org_id",
+            "member_id"
+          ],
+          "isUnique": false
+        }
+      },
+      "foreignKeys": {},
+      "compositePrimaryKeys": {
+        "telemetry_event_id": {
+          "name": "telemetry_event_id",
+          "columns": [
+            "id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "checkConstraint": {}
+    }
+  },
+  "views": {},
+  "_meta": {
+    "schemas": {},
+    "tables": {},
+    "columns": {}
+  },
+  "internal": {
+    "tables": {},
+    "indexes": {}
+  }
+}
diff --git a/ee/packages/den-db/drizzle/meta/_journal.json b/ee/packages/den-db/drizzle/meta/_journal.json
index 5022ccf520..48466f4fcd 100644
--- a/ee/packages/den-db/drizzle/meta/_journal.json
+++ b/ee/packages/den-db/drizzle/meta/_journal.json
@@ -141,6 +141,13 @@
       "when": 1780426749385,
       "tag": "0020_breezy_siren",
       "breakpoints": true
+    },
+    {
+      "idx": 21,
+      "version": "5",
+      "when": 1777486400000,
+      "tag": "0021_llm_provider_opencode_oauth",
+      "breakpoints": true
     }
   ]
-}
\ No newline at end of file
+}
diff --git a/ee/packages/den-db/src/schema/sharables/llm-providers.ts b/ee/packages/den-db/src/schema/sharables/llm-providers.ts
index c4ded95170..25ad41480d 100644
--- a/ee/packages/den-db/src/schema/sharables/llm-providers.ts
+++ b/ee/packages/den-db/src/schema/sharables/llm-providers.ts
@@ -30,7 +30,11 @@ export const LlmProviderTable = mysqlTable(
     providerConfig: json("provider_config")
       .$type<Record<string, unknown>>()
       .notNull(),
+    credentialKind: mysqlEnum("credential_kind", ["api_key", "opencode_oauth"])
+      .notNull()
+      .default("api_key"),
     apiKey: encryptedTextColumn("api_key"),
+    opencodeAuth: encryptedTextColumn("opencode_auth"),
     createdAt: timestamp("created_at", { fsp: 3 }).notNull().defaultNow(),
     updatedAt: timestamp("updated_at", { fsp: 3 })
       .notNull()
diff --git a/packaging/docker/Dockerfile b/packaging/docker/Dockerfile
index 62df069914..7a87994523 100644
--- a/packaging/docker/Dockerfile
+++ b/packaging/docker/Dockerfile
@@ -1,6 +1,11 @@
 FROM node:22-bookworm-slim
 
-ARG OPENWORK_ORCHESTRATOR_VERSION=0.11.22
+ARG TARGETARCH
+ARG BUN_VERSION=1.3.8
+ARG BUN_DOWNLOAD_URL=
+ARG BUN_SHA256=
+
+WORKDIR /repo
 
 RUN apt-get update \
   && apt-get install -y --no-install-recommends \
@@ -9,9 +14,63 @@ RUN apt-get update \
     git \
     tar \
     unzip \
+  && npm install -g pnpm@11.4.0 \
+  && case "${TARGETARCH:-amd64}" in \
+    amd64) bun_artifact=bun-linux-x64.zip; bun_sha=0322b17f0722da76a64298aad498225aedcbf6df1008a1dee45e16ecb226a3f1 ;; \
+    arm64) bun_artifact=bun-linux-aarch64.zip; bun_sha=4e9deb6814a7ec7f68725ddd97d0d7b4065bcda9a850f69d497567e995a7fa33 ;; \
+    *) echo "Unsupported Bun TARGETARCH=${TARGETARCH}" >&2; exit 1 ;; \
+  esac \
+  && bun_url="${BUN_DOWNLOAD_URL:-https://github.com/oven-sh/bun/releases/download/bun-v${BUN_VERSION}/${bun_artifact}}" \
+  && bun_sha="${BUN_SHA256:-$bun_sha}" \
+  && curl -fsSLo "/tmp/${bun_artifact}" "$bun_url" \
+  && echo "$bun_sha  /tmp/${bun_artifact}" | sha256sum -c - \
+  && unzip -q "/tmp/${bun_artifact}" -d /tmp \
+  && install -m 0755 "/tmp/${bun_artifact%.zip}/bun" /usr/local/bin/bun \
+  && bun --version | grep -qx "$BUN_VERSION" \
+  && rm -rf "/tmp/${bun_artifact%.zip}" "/tmp/${bun_artifact}" \
   && rm -rf /var/lib/apt/lists/*
 
-RUN npm install -g "openwork-orchestrator@${OPENWORK_ORCHESTRATOR_VERSION}"
+COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./
+RUN mkdir -p \
+    apps/app \
+    apps/desktop \
+    apps/opencode-router \
+    apps/orchestrator \
+    apps/server \
+    apps/ui-demo \
+    ee/apps/den-api \
+    ee/apps/den-web \
+    ee/apps/den-worker-proxy \
+    ee/apps/inference \
+    ee/apps/landing \
+    ee/packages/den-db \
+    ee/packages/utils \
+    packages/email \
+    packages/handsfree \
+    packages/openwork-ui-mcp \
+    packages/types \
+    packages/ui
+COPY apps/app/package.json apps/app/package.json
+COPY apps/desktop/package.json apps/desktop/package.json
+COPY apps/opencode-router/package.json apps/opencode-router/package.json
+COPY apps/orchestrator/package.json apps/orchestrator/package.json
+COPY apps/server/package.json apps/server/package.json
+COPY apps/ui-demo/package.json apps/ui-demo/package.json
+COPY ee/apps/den-api/package.json ee/apps/den-api/package.json
+COPY ee/apps/den-web/package.json ee/apps/den-web/package.json
+COPY ee/apps/den-worker-proxy/package.json ee/apps/den-worker-proxy/package.json
+COPY ee/apps/inference/package.json ee/apps/inference/package.json
+COPY ee/apps/landing/package.json ee/apps/landing/package.json
+COPY ee/packages/den-db/package.json ee/packages/den-db/package.json
+COPY ee/packages/utils/package.json ee/packages/utils/package.json
+COPY packages/email/package.json packages/email/package.json
+COPY packages/handsfree/package.json packages/handsfree/package.json
+COPY packages/openwork-ui-mcp/package.json packages/openwork-ui-mcp/package.json
+COPY packages/types/package.json packages/types/package.json
+COPY packages/ui/package.json packages/ui/package.json
+RUN pnpm install --frozen-lockfile
+
+COPY . .
 
 # Persistent directories (mount volumes here on PaaS/SSH).
 ENV OPENWORK_DATA_DIR=/data/openwork-orchestrator
@@ -33,16 +92,8 @@ VOLUME ["/workspace", "/data"]
 # - OpenCode stays internal (127.0.0.1:4096)
 # - OpenWork server proxies OpenCode via localhost
 # - OpenCode Router disabled by default
-CMD [
-  "openwork",
-  "serve",
-  "--workspace", "/workspace",
-  "--remote-access",
-  "--openwork-port", "8787",
-  "--opencode-host", "127.0.0.1",
-  "--opencode-port", "4096",
-  "--connect-host", "127.0.0.1",
-  "--cors", "*",
-  "--approval", "manual",
-  "--no-opencode-router"
+CMD [ \
+  "sh", \
+  "-lc", \
+  "TOKEN_FILE=/data/openwork-worker.env; ENV_OPENWORK_TOKEN=\"${OPENWORK_TOKEN:-}\"; ENV_OPENWORK_HOST_TOKEN=\"${OPENWORK_HOST_TOKEN:-}\"; FILE_OPENWORK_TOKEN=; FILE_OPENWORK_HOST_TOKEN=; if [ -f \"$TOKEN_FILE\" ]; then . \"$TOKEN_FILE\"; FILE_OPENWORK_TOKEN=\"${OPENWORK_TOKEN:-}\"; FILE_OPENWORK_HOST_TOKEN=\"${OPENWORK_HOST_TOKEN:-}\"; fi; OPENWORK_TOKEN=\"${ENV_OPENWORK_TOKEN:-$FILE_OPENWORK_TOKEN}\"; OPENWORK_HOST_TOKEN=\"${ENV_OPENWORK_HOST_TOKEN:-$FILE_OPENWORK_HOST_TOKEN}\"; GENERATED_TOKEN=0; if [ -z \"$OPENWORK_TOKEN\" ]; then OPENWORK_TOKEN=owc_$(node -e \"console.log(require('crypto').randomBytes(32).toString('base64url'))\"); FILE_OPENWORK_TOKEN=\"$OPENWORK_TOKEN\"; GENERATED_TOKEN=1; fi; if [ -z \"$OPENWORK_HOST_TOKEN\" ]; then OPENWORK_HOST_TOKEN=owh_$(node -e \"console.log(require('crypto').randomBytes(32).toString('base64url'))\"); FILE_OPENWORK_HOST_TOKEN=\"$OPENWORK_HOST_TOKEN\"; GENERATED_TOKEN=1; fi; export OPENWORK_TOKEN OPENWORK_HOST_TOKEN; if [ \"$GENERATED_TOKEN\" = \"1\" ] || [ ! -f \"$TOKEN_FILE\" ]; then umask 077; { if [ -z \"$ENV_OPENWORK_TOKEN\" ]; then printf 'OPENWORK_TOKEN=%s\\n' \"$FILE_OPENWORK_TOKEN\"; fi; if [ -z \"$ENV_OPENWORK_HOST_TOKEN\" ]; then printf 'OPENWORK_HOST_TOKEN=%s\\n' \"$FILE_OPENWORK_HOST_TOKEN\"; fi; } > \"$TOKEN_FILE\"; fi; if [ -n \"$ENV_OPENWORK_TOKEN$ENV_OPENWORK_HOST_TOKEN\" ]; then echo \"OpenWork worker env-supplied tokens are active and were not persisted\"; else echo \"OpenWork worker fallback tokens are stored in $TOKEN_FILE\"; fi; OPENWORK_CORS_ORIGINS=\"${OPENWORK_CORS_ORIGINS:-*}\"; exec bun apps/orchestrator/src/cli.ts serve --workspace /workspace --remote-access --openwork-port \"${OPENWORK_PORT:-8787}\" --opencode-host 127.0.0.1 --opencode-port 4096 --connect-host \"${OPENWORK_CONNECT_HOST:-127.0.0.1}\" --cors \"$OPENWORK_CORS_ORIGINS\" --approval \"${OPENWORK_APPROVAL_MODE:-manual}\" --no-opencode-router" \
 ]
diff --git a/packaging/docker/Dockerfile.den b/packaging/docker/Dockerfile.den
index 733e0d546e..4bd4b801c5 100644
--- a/packaging/docker/Dockerfile.den
+++ b/packaging/docker/Dockerfile.den
@@ -5,8 +5,8 @@ RUN corepack enable
 WORKDIR /app
 
 COPY package.json pnpm-lock.yaml pnpm-workspace.yaml /app/
-COPY .npmrc /app/.npmrc
 COPY patches /app/patches
+COPY packages/email/package.json /app/packages/email/package.json
 COPY packages/types/package.json /app/packages/types/package.json
 COPY ee/packages/utils/package.json /app/ee/packages/utils/package.json
 COPY ee/packages/den-db/package.json /app/ee/packages/den-db/package.json
@@ -14,7 +14,9 @@ COPY ee/apps/den-api/package.json /app/ee/apps/den-api/package.json
 
 RUN pnpm install --frozen-lockfile
 
+COPY packages/email /app/packages/email
 COPY packages/types /app/packages/types
+COPY apps/desktop/package.json /app/apps/desktop/package.json
 COPY ee/packages/utils /app/ee/packages/utils
 COPY ee/packages/den-db /app/ee/packages/den-db
 COPY ee/apps/den-api /app/ee/apps/den-api
diff --git a/packaging/docker/Dockerfile.den-web b/packaging/docker/Dockerfile.den-web
index c9ff26e374..9aa1ef93d7 100644
--- a/packaging/docker/Dockerfile.den-web
+++ b/packaging/docker/Dockerfile.den-web
@@ -5,7 +5,6 @@ RUN corepack enable
 WORKDIR /app
 
 COPY package.json pnpm-lock.yaml pnpm-workspace.yaml /app/
-COPY .npmrc /app/.npmrc
 COPY patches /app/patches
 COPY packages/types/package.json /app/packages/types/package.json
 COPY packages/ui/package.json /app/packages/ui/package.json
diff --git a/packaging/docker/Dockerfile.den-worker-proxy b/packaging/docker/Dockerfile.den-worker-proxy
index 671312e70e..00a2e9fdea 100644
--- a/packaging/docker/Dockerfile.den-worker-proxy
+++ b/packaging/docker/Dockerfile.den-worker-proxy
@@ -5,7 +5,6 @@ RUN corepack enable
 WORKDIR /app
 
 COPY package.json pnpm-lock.yaml pnpm-workspace.yaml /app/
-COPY .npmrc /app/.npmrc
 COPY patches /app/patches
 COPY packages/types/package.json /app/packages/types/package.json
 COPY ee/packages/utils/package.json /app/ee/packages/utils/package.json
diff --git a/packaging/docker/ONPREM_DEN_STATIC_RUNBOOK.md b/packaging/docker/ONPREM_DEN_STATIC_RUNBOOK.md
new file mode 100644
index 0000000000..50ae6420b5
--- /dev/null
+++ b/packaging/docker/ONPREM_DEN_STATIC_RUNBOOK.md
@@ -0,0 +1,210 @@
+# On-prem Den static runbook
+
+Use this runbook to deploy Den on your own network when the worker runtimes already exist and Den should allocate them from a fixed pool.
+
+This runbook uses:
+
+- `packaging/docker/docker-compose.yml` for the worker runtime
+- `packaging/docker/docker-compose.den-static.yml` for the Den stack
+
+In `static` mode:
+
+- you start and manage the OpenWork worker runtimes yourself
+- Den allocates a free worker URL from `DEN_STATIC_WORKER_URLS`
+- Den verifies worker health and the configured token pair before marking a worker `healthy`
+- Den does not create Docker containers, worker VMs, or worker hosts for you
+
+The Den web URL is the normal browser-facing entrypoint. The Den API should remain internal to the Den host unless you intentionally expose it to another trusted client.
+The production static Compose file publishes only the Den web port by default; MySQL, the Den API, and the worker-proxy are reachable on the Compose network for dependent services but are not bound to host ports unless an operator adds an explicit override.
+
+Use HTTPS for the browser-facing Den web URL whenever possible. If you intentionally use HTTP on a private LAN, use that exact HTTP origin consistently for `DEN_WEB_ORIGIN`, `DEN_BETTER_AUTH_URL`, trusted origins, and any client configuration.
+
+## Prerequisites
+
+- One host for Den and one or more hosts for OpenWork workers. These can be separate machines or the same machine if your deployment model allows it.
+- Docker Engine with Compose v2 on the Den host and on every worker host.
+- The OpenWork repository checkout or a release artifact on each target host. Use the exact source checkout or artifact you intend to deploy.
+- A browser-facing Den web URL, for example `https://den.company.local`.
+- One stable URL per worker runtime, for example `http://worker-01.company.local:8787`.
+- A persistent workspace directory for each worker, mounted at `/workspace` inside the worker container.
+- A persistent data directory for each worker, mounted at `/data` inside the worker container.
+- One `OPENWORK_TOKEN` and one `OPENWORK_HOST_TOKEN` for each worker runtime.
+- One `DEN_BETTER_AUTH_SECRET` for Den.
+- One `DEN_DB_ENCRYPTION_KEY` for Den.
+- One `DEN_STATIC_WORKER_TOKEN_MAP_JSON` that maps each worker URL to its `clientToken` and `hostToken`.
+- Network reachability from:
+  - browsers to the Den web URL
+  - Den to every worker URL on port `8787`
+- A production email provider for normal sign-up, invitation, and verification flows.
+- `DEN_MYSQL_ROOT_PASSWORD` for the Den database container.
+
+All commands below assume the OpenWork repository root is available on the target host. Replace `/path/to/openwork` with the real path on your host.
+
+## Inputs To Collect
+
+Prepare these values before launching anything:
+
+- `DEN_WEB_ORIGIN`, for example `https://den.company.local`
+- One worker URL per runtime, for example `http://worker-01.company.local:8787`
+- One workspace path per worker
+- One data path per worker
+- `OPENWORK_TOKEN` per worker
+- `OPENWORK_HOST_TOKEN` per worker
+- `DEN_BETTER_AUTH_SECRET`
+- `DEN_DB_ENCRYPTION_KEY`
+- `DEN_MYSQL_ROOT_PASSWORD`
+- `DEN_STATIC_WORKER_URLS`, containing all worker URLs as a comma-separated list
+- `DEN_STATIC_WORKER_TOKEN_MAP_JSON`, containing the token pair for each worker URL
+
+The browser-facing Den web URL must match the value used for `DEN_BETTER_AUTH_URL`. If users open Den at `https://den.company.local`, then `DEN_BETTER_AUTH_URL` must be exactly `https://den.company.local`. If you intentionally use HTTP on a private LAN, then use that exact HTTP origin consistently.
+
+## Start One Worker
+
+Run this on the worker host from `packaging/docker`:
+
+```bash
+cd /path/to/openwork/packaging/docker
+export OPENWORK_HOST_PORT=8787
+export OPENWORK_CONNECT_HOST=worker-01.company.local
+export OPENWORK_WORKSPACE_DIR=/srv/openwork/worker-01/workspace
+export OPENWORK_DATA_DIR_HOST=/srv/openwork/worker-01/data
+export OPENWORK_TOKEN='<worker-01-client-token>'
+export OPENWORK_HOST_TOKEN='<worker-01-host-token>'
+docker compose -p openwork-worker-1 up --build -d
+docker compose -p openwork-worker-1 ps
+curl http://worker-01.company.local:8787/health
+curl -H "Authorization: Bearer $OPENWORK_TOKEN" http://worker-01.company.local:8787/workspaces
+curl -H "X-OpenWork-Host-Token: $OPENWORK_HOST_TOKEN" http://worker-01.company.local:8787/env/keys
+```
+
+Expected result:
+
+- the container is running
+- `curl` returns HTTP 200 JSON from the OpenWork server
+- `/workspaces` returns at least one selectable workspace for the configured client token
+- `/env/keys` returns HTTP 200 for the configured host token
+
+This worker URL is what Den will later use in `DEN_STATIC_WORKER_URLS`.
+
+## Start Additional Workers
+
+If you need more than one worker runtime, repeat the worker launch with:
+
+- a different Compose project name
+- a different worker URL or host port
+- a different workspace path
+- a different data path
+- a different `OPENWORK_TOKEN`
+- a different `OPENWORK_HOST_TOKEN`
+
+On separate hosts, you can keep the container port at `8787` on each host and vary only the hostname, for example:
+
+- `http://worker-01.company.local:8787`
+- `http://worker-02.company.local:8787`
+
+If multiple workers share one host, use a unique host port per worker and a unique Compose project per worker.
+
+## Start Den In Static Mode
+
+Run this on the Den host from the repository root.
+
+Export the variables and run `docker compose` in the same shell session.
+
+In Bash, export `DEN_STATIC_WORKER_TOKEN_MAP_JSON` as a single-quoted JSON string so it reaches the container unchanged.
+
+Keep these `DEN_*` exports in the current shell until you finish `docker compose ps`, `logs`, and the health checks below. If you open a new shell, re-export the same values before running follow-up Compose commands.
+
+```bash
+cd /path/to/openwork
+export DEN_WEB_ORIGIN=https://den.company.local
+export DEN_PROVISIONER_MODE=static
+export DEN_BETTER_AUTH_URL=$DEN_WEB_ORIGIN
+export DEN_BETTER_AUTH_TRUSTED_ORIGINS=$DEN_WEB_ORIGIN
+export DEN_CORS_ORIGINS=$DEN_WEB_ORIGIN
+export DEN_STATIC_WORKER_URLS=http://worker-01.company.local:8787,http://worker-02.company.local:8787
+export DEN_STATIC_WORKER_HEALTH_PATH=/health
+export DEN_STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS=10000
+# Optional: only needed if operators will use the admin static-attach fallback with LAN/private URLs.
+export DEN_STATIC_WORKER_ATTACH_ALLOW_PRIVATE=false
+export DEN_STATIC_WORKER_ATTACH_ALLOWED_HOSTS=
+export DEN_STATIC_WORKER_ATTACH_ALLOWED_CIDRS=
+export DEN_BETTER_AUTH_SECRET='<better-auth-secret>'
+export DEN_DB_ENCRYPTION_KEY='<db-encryption-key>'
+export DEN_MYSQL_ROOT_PASSWORD='<mysql-root-password>'
+# DATABASE_URL is separate from DEN_MYSQL_ROOT_PASSWORD so URL-special password characters can be percent-encoded.
+# Example for password p@ss:word: mysql://root:p%40ss%3Aword@mysql:3306/openwork_den
+export DEN_DATABASE_URL='mysql://root:<url-encoded-mysql-root-password>@mysql:3306/openwork_den'
+export DEN_EMAIL_FROM='OpenWork Den <den@example.com>'
+export DEN_STATIC_WORKER_TOKEN_MAP_JSON='{"http://worker-01.company.local:8787":{"clientToken":"<worker-01-client-token>","hostToken":"<worker-01-host-token>"},"http://worker-02.company.local:8787":{"clientToken":"<worker-02-client-token>","hostToken":"<worker-02-host-token>"}}'
+docker compose -p openwork-den-static -f packaging/docker/docker-compose.den-static.yml up --build -d
+docker compose -p openwork-den-static -f packaging/docker/docker-compose.den-static.yml ps
+```
+
+`DEN_STATIC_WORKER_URLS` is the pool of worker runtimes that Den can allocate.
+
+`DEN_STATIC_WORKER_TOKEN_MAP_JSON` must contain one entry for every worker URL that Den is allowed to attach as a shared worker.
+
+When worker containers receive `OPENWORK_TOKEN` and `OPENWORK_HOST_TOKEN` from environment variables or a secret manager, those supplied values remain runtime-only and are not persisted by the image. Only generated fallback token values are written to `/data/openwork-worker.env`, and that fallback should be used only for development or an operator-approved bootstrap.
+
+`DEN_STATIC_WORKER_ATTACH_ALLOW_PRIVATE=true` allows admin static-attach requests for LAN/private URLs. Prefer `DEN_STATIC_WORKER_ATTACH_ALLOWED_HOSTS` or `DEN_STATIC_WORKER_ATTACH_ALLOWED_CIDRS` when you only need to allow specific internal workers.
+
+## Verify Deployment
+
+Run these checks after the worker and Den are up:
+
+```bash
+curl http://worker-01.company.local:8787/health
+docker compose -p openwork-den-static -f packaging/docker/docker-compose.den-static.yml ps
+curl $DEN_WEB_ORIGIN/api/den/health
+```
+
+Expected result:
+
+- the worker health endpoint returns HTTP 200 JSON
+- the `den` and `web` services are `healthy` in `docker compose ps`
+- the Den web health endpoint returns HTTP 200 JSON
+
+At this point, the deployment is up.
+
+## First Use
+
+Open the Den web URL in a browser:
+
+- `https://<den-host>`
+
+Create the first account and complete email verification.
+
+Configure SMTP or Resend before the first real sign-up so the verification email is delivered normally.
+
+After the first account is verified, create the first organization.
+
+When the first organization is created in `static` mode and `DEN_STATIC_WORKER_URLS` is not empty, Den automatically attempts to create one default shared/static worker for that organization.
+
+Expected behavior:
+
+- Den picks the first free worker URL from `DEN_STATIC_WORKER_URLS`
+- Den calls `/health` on that worker URL
+- Den verifies the configured client token against `/workspaces` using `Authorization: Bearer <client-token>`
+- Den verifies the configured host token against `/env/keys` using `X-OpenWork-Host-Token: <host-token>`
+- Den marks the worker `healthy` only after the runtime contract succeeds
+
+You can also add another shared worker from the Den UI later. In `static` mode, the UI can allocate a free worker URL from the pre-provisioned pool, but it cannot create a new runtime worker.
+
+If you need more capacity than the remaining free URLs:
+
+1. start another runtime worker
+2. add its URL to `DEN_STATIC_WORKER_URLS`
+3. add its token pair to `DEN_STATIC_WORKER_TOKEN_MAP_JSON`
+4. restart Den
+
+## Minimal Troubleshooting
+
+- `Invalid origin` during sign-up or email verification:
+  - `DEN_BETTER_AUTH_URL`, `DEN_BETTER_AUTH_TRUSTED_ORIGINS`, and `DEN_CORS_ORIGINS` do not match the real browser-facing Den URL
+- worker stays `Starting` or becomes `failed`:
+  - run `curl http://<worker-host>:8787/health`
+  - inspect Den logs with `docker compose -p openwork-den-static -f packaging/docker/docker-compose.den-static.yml logs den`
+- `No available static worker URL remains`:
+  - every URL in `DEN_STATIC_WORKER_URLS` is already in use, so add another pre-running worker runtime and restart Den
+- `STATIC_WORKER_TOKEN_MAP_JSON must be valid JSON`:
+  - export it as a single-quoted JSON string in Bash
diff --git a/packaging/docker/README.md b/packaging/docker/README.md
index 52afe42c46..77e56e6e38 100644
--- a/packaging/docker/README.md
+++ b/packaging/docker/README.md
@@ -1,5 +1,7 @@
 # OpenWork Host (Docker)
 
+For production LAN/on-prem Den deployments, start with [`ONPREM_DEN_STATIC_RUNBOOK.md`](./ONPREM_DEN_STATIC_RUNBOOK.md). It covers Den `PROVISIONER_MODE=static`, operator-managed worker secrets, real OpenWork worker containers, multiple worker URLs, validation, cleanup, decommissioning, and troubleshooting.
+
 ## Den local stack (Docker)
 
 One command for the Den control plane, local MySQL, and the cloud web app.
@@ -62,8 +64,51 @@ Optional env vars (via `.env` or `export`):
 - `DEN_MCP_RESOURCE_URL` — API-facing MCP resource URL (defaults to `http://localhost:<DEN_API_PORT>/mcp`)
 - `DEN_BETTER_AUTH_TRUSTED_ORIGINS` — trusted origins for Better Auth (defaults to `DEN_CORS_ORIGINS`)
 - `DEN_CORS_ORIGINS` — trusted origins for Express CORS (defaults include hostname, localhost, `127.0.0.1`, `0.0.0.0`, and detected LAN IPv4)
-- `DEN_PROVISIONER_MODE` — `stub` or `render` (defaults to `stub`)
+- `DEN_PROVISIONER_MODE` — `stub`, `static`, `render`, or `daytona` (defaults to `stub`)
 - `DEN_WORKER_URL_TEMPLATE` — stub worker URL template with `{workerId}` placeholder
+- `DEN_STATIC_WORKER_URLS` — comma-separated LAN/local OpenWork worker URLs used when `DEN_PROVISIONER_MODE=static`; each URL is assigned to at most one active static worker instance
+- `DEN_STATIC_WORKER_TOKEN_MAP_JSON` — JSON map of each static worker URL to `{ "clientToken": "...", "hostToken": "..." }`; required in static mode so Den validates `/workspaces` and `/env/keys` before marking workers healthy
+- `DEN_STATIC_WORKER_HEALTH_PATH` — health path checked for static workers (defaults to `/health`)
+- `DEN_STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS` — static worker health timeout (defaults to `10000`)
+
+### On-prem/static worker mode
+
+Use static mode when Den is self-hosted on a LAN and workers are already running on local infrastructure. Den does not launch those workers; it assigns one configured URL that is not already used by an active static `worker_instance` to each cloud/shared worker request, checks the worker health endpoint, records a `worker_instance`, and marks the worker `healthy` only when the endpoint responds successfully.
+
+The real worker container path is the production container in this directory (`Dockerfile` + `docker-compose.yml`). The image builds the worker from the source checkout used as the Docker build context; use an approved checkout or release artifact for the version you intend to support.
+
+Run Den against a real LAN worker:
+
+```bash
+export DEN_PROVISIONER_MODE=static
+export DEN_STATIC_WORKER_URLS=http://192.168.1.50:8787
+export DEN_STATIC_WORKER_TOKEN_MAP_JSON='{"http://192.168.1.50:8787":{"clientToken":"<worker-client-token>","hostToken":"<worker-host-token>"}}'
+./packaging/docker/den-dev-up.sh
+```
+
+`DEN_STATIC_WORKER_TOKEN_MAP_JSON` is required for real LAN workers. The URL keys must exactly match `DEN_STATIC_WORKER_URLS` after trimming trailing slashes, and the values must contain the worker's client token for `/workspaces` plus host token for `/env/keys`. Without this map Den must fail the static reservation instead of marking an unreachable or unauthenticated worker healthy.
+
+If you need a non-production compose-only smoke test before wiring a real OpenWork runtime, start the bundled health-only worker simulation:
+
+```bash
+export DEN_PROVISIONER_MODE=static
+export DEN_STATIC_WORKER_URLS=http://static-worker-smoke:8787
+export DEN_STATIC_WORKER_TOKEN_MAP_JSON='{"http://static-worker-smoke:8787":{"clientToken":"static-smoke-client-token","hostToken":"static-smoke-host-token"}}'
+docker compose --profile static-worker-smoke -p openwork-den-static \
+  -f packaging/docker/docker-compose.den-dev.yml up --build
+```
+
+Validate the sample endpoint from the host:
+
+```bash
+curl http://127.0.0.1:${DEN_STATIC_WORKER_SMOKE_PORT:-8787}/health
+curl -H "Authorization: Bearer static-smoke-client-token" http://127.0.0.1:${DEN_STATIC_WORKER_SMOKE_PORT:-8787}/workspaces
+curl -H "X-OpenWork-Host-Token: static-smoke-host-token" http://127.0.0.1:${DEN_STATIC_WORKER_SMOKE_PORT:-8787}/env/keys
+```
+
+Then create a cloud/shared worker in the Den web UI. With a reachable static worker URL, the worker should move from `provisioning` to `healthy` and show a `static` instance. If `DEN_STATIC_WORKER_URLS` is empty or the health check fails, Den marks the worker `failed` and logs a clear provisioning error instead of leaving it stuck on `Starting`.
+
+The `static-worker-smoke` service is intentionally only a provisioning-contract simulation. It serves `/health`, `/workspaces`, and `/env/keys` with coherent smoke-test tokens so Den static provisioning validates token mapping, but it is not a production OpenWork runtime and will not satisfy session APIs.
 
 ### Faster inner-loop alternative
 
@@ -144,7 +189,7 @@ Useful overrides:
 
 ## Production container
 
-This is a minimal packaging template to run the OpenWork Host contract in a single container.
+This is a minimal packaging template to run the OpenWork Host contract in a single container. In Den static deployments, each instance of this container is a real worker URL for `DEN_STATIC_WORKER_URLS`.
 
 It runs:
 
@@ -163,22 +208,56 @@ Then open:
 
 - `http://127.0.0.1:8787/ui`
 
+For LAN use, set a stable host port and connect host before launch:
+
+```bash
+OPENWORK_HOST_PORT=8787 \
+OPENWORK_CONNECT_HOST=192.168.1.50 \
+OPENWORK_WORKSPACE_DIR=./workspace-worker-1 \
+OPENWORK_DATA_DIR_HOST=./data-worker-1 \
+docker compose -p openwork-worker-1 up --build -d
+```
+
+On Windows PowerShell:
+
+```powershell
+$env:OPENWORK_HOST_PORT = "8787"
+$env:OPENWORK_CONNECT_HOST = "192.168.1.50"
+$env:OPENWORK_WORKSPACE_DIR = "./workspace-worker-1"
+$env:OPENWORK_DATA_DIR_HOST = "./data-worker-1"
+docker compose -p openwork-worker-1 up --build -d
+```
+
+Validate the worker before adding it to Den:
+
+```bash
+curl http://192.168.1.50:8787/health
+```
+
+For production, set `OPENWORK_TOKEN` and `OPENWORK_HOST_TOKEN` from a secret manager or equivalent secure operator channel. Env/secret-manager supplied tokens take precedence over `/data/openwork-worker.env` and are not written back to disk by the container. If a token is unset, the image can generate a stable per-worker fallback token and persist only generated fallback values in `/data/openwork-worker.env`; use that fallback path only for development or an operator-approved bootstrap. Treat `/data/openwork-worker.env` as sensitive bearer-secret material.
+
 ### Config
 
-Recommended env vars:
+Required secret inputs for production secret management:
 
 - `OPENWORK_TOKEN` (client token)
 - `OPENWORK_HOST_TOKEN` (host/owner token)
+- `OPENWORK_CORS_ORIGINS` set to the exact Den/app browser origins that may call this worker. Do not use `*` with bearer or `X-OpenWork-Host-Token` traffic in production.
 
 Optional:
 
+- `OPENWORK_HOST_PORT=8787` (host port mapped to container port 8787)
+- `OPENWORK_CONNECT_HOST=<LAN IP or DNS name>` (host embedded in pairing/connect output)
+- `OPENWORK_WORKSPACE_DIR=./workspace-worker-1` (host workspace mount)
+- `OPENWORK_DATA_DIR_HOST=./data-worker-1` (host data mount)
 - `OPENWORK_APPROVAL_MODE=auto|manual`
 - `OPENWORK_APPROVAL_TIMEOUT_MS=30000`
+- `OPENWORK_CORS_ORIGINS=http://localhost:8787,http://127.0.0.1:8787` (local-safe default; override for production origins)
 
 Persistence:
 
 - Workspace is mounted at `/workspace`
-- Host data dir is mounted at `/data` (OpenCode caches + OpenWork server config/tokens)
+- Host data dir is mounted at `/data` (persistent sidecar and OpenWork server state, including fallback tokens when generated)
 
 ### Notes
 
diff --git a/packaging/docker/den-dev-up.sh b/packaging/docker/den-dev-up.sh
index ff95c7986a..01b4f7e93f 100755
--- a/packaging/docker/den-dev-up.sh
+++ b/packaging/docker/den-dev-up.sh
@@ -241,6 +241,11 @@ if ! DEN_API_PORT="$DEN_API_PORT" \
   DEN_BETTER_AUTH_TRUSTED_ORIGINS="$DEN_BETTER_AUTH_TRUSTED_ORIGINS" \
   DEN_PROVISIONER_MODE="$DEN_PROVISIONER_MODE" \
   DEN_WORKER_URL_TEMPLATE="$DEN_WORKER_URL_TEMPLATE" \
+  DEN_STATIC_WORKER_URLS="${DEN_STATIC_WORKER_URLS:-}" \
+  DEN_STATIC_WORKER_TOKEN_MAP_JSON="${DEN_STATIC_WORKER_TOKEN_MAP_JSON:-}" \
+  DEN_STATIC_WORKER_HEALTH_PATH="${DEN_STATIC_WORKER_HEALTH_PATH:-}" \
+  DEN_STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS="${DEN_STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS:-}" \
+  DEN_STATIC_WORKER_HEALTHCHECK_INTERVAL_MS="${DEN_STATIC_WORKER_HEALTHCHECK_INTERVAL_MS:-}" \
   DEN_DAYTONA_WORKER_PROXY_BASE_URL="$DEN_DAYTONA_WORKER_PROXY_BASE_URL" \
   DAYTONA_API_URL="${DAYTONA_API_URL:-}" \
   DAYTONA_API_KEY="${DAYTONA_API_KEY:-}" \
diff --git a/packaging/docker/docker-compose.den-dev.yml b/packaging/docker/docker-compose.den-dev.yml
index 9b0b89caeb..be7cf3cf4a 100644
--- a/packaging/docker/docker-compose.den-dev.yml
+++ b/packaging/docker/docker-compose.den-dev.yml
@@ -18,8 +18,21 @@
 #   DEN_BETTER_AUTH_URL     — browser-facing auth origin (default: http://<DEN_PUBLIC_HOST>:<DEN_WEB_PORT>)
 #   DEN_BETTER_AUTH_TRUSTED_ORIGINS — Better Auth trusted origins (defaults to DEN_CORS_ORIGINS)
 #   DEN_CORS_ORIGINS        — comma-separated trusted origins for Better Auth + CORS
-#   DEN_PROVISIONER_MODE    — stub, render, or daytona (default: stub)
+#   DEN_PROVISIONER_MODE    — stub, static, render, or daytona (default: stub)
 #   DEN_WORKER_URL_TEMPLATE — worker URL template used by stub provisioning
+#   DEN_STATIC_WORKER_URLS  — comma-separated LAN/OpenWork worker URLs for static mode
+#                           — each URL is assigned to at most one active worker_instance
+#                           — for the smoke-test service below, use http://static-worker-smoke:8787
+#   DEN_STATIC_WORKER_TOKEN_MAP_JSON
+#                           — JSON map of static worker URLs to {clientToken,hostToken}; required for static mode
+#   DEN_STATIC_WORKER_HEALTH_PATH / DEN_STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS
+#                           — optional static worker health-check overrides
+#   DEN_ENTRA_TENANT_ID / DEN_ENTRA_CLIENT_ID / DEN_ENTRA_CLIENT_SECRET
+#                           — optional Microsoft Entra ID SSO provider config
+#   DEN_ENTRA_AUTO_JOIN_ENABLED / DEN_ENTRA_AUTO_JOIN_ORG_ID
+#                           — optional SSO organization auto-join target
+#   DEN_ENTRA_ADMIN_GROUP_IDS / DEN_ENTRA_MEMBER_GROUP_IDS
+#                           — comma-separated Entra group object IDs mapped to roles
 #   DAYTONA_API_URL / DAYTONA_API_KEY / DAYTONA_TARGET / DAYTONA_SNAPSHOT
 #                           — optional Daytona passthrough vars when DEN_PROVISIONER_MODE=daytona
 #   POLAR_FEATURE_GATE_ENABLED / POLAR_API_BASE / POLAR_ACCESS_TOKEN
@@ -81,6 +94,26 @@ services:
       CORS_ORIGINS: ${DEN_CORS_ORIGINS:-http://localhost:3005,http://127.0.0.1:3005,http://0.0.0.0:3005,http://localhost:5173,http://127.0.0.1:5173,http://localhost:8788,http://127.0.0.1:8788}
       PROVISIONER_MODE: ${DEN_PROVISIONER_MODE:-stub}
       WORKER_URL_TEMPLATE: ${DEN_WORKER_URL_TEMPLATE:-}
+      STATIC_WORKER_URLS: ${DEN_STATIC_WORKER_URLS:-}
+      STATIC_WORKER_TOKEN_MAP_JSON: ${DEN_STATIC_WORKER_TOKEN_MAP_JSON:-}
+      STATIC_WORKER_HEALTH_PATH: ${DEN_STATIC_WORKER_HEALTH_PATH:-/health}
+      STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS: ${DEN_STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS:-10000}
+      STATIC_WORKER_HEALTHCHECK_INTERVAL_MS: ${DEN_STATIC_WORKER_HEALTHCHECK_INTERVAL_MS:-1000}
+      DEN_ENTRA_TENANT_ID: ${DEN_ENTRA_TENANT_ID:-}
+      DEN_ENTRA_CLIENT_ID: ${DEN_ENTRA_CLIENT_ID:-}
+      DEN_ENTRA_CLIENT_SECRET: ${DEN_ENTRA_CLIENT_SECRET:-}
+      DEN_ENTRA_AUTO_JOIN_ENABLED: ${DEN_ENTRA_AUTO_JOIN_ENABLED:-false}
+      DEN_ENTRA_AUTO_JOIN_ORG_ID: ${DEN_ENTRA_AUTO_JOIN_ORG_ID:-}
+      DEN_ENTRA_AUTO_JOIN_ORG_SLUG: ${DEN_ENTRA_AUTO_JOIN_ORG_SLUG:-}
+      DEN_ENTRA_ADMIN_GROUP_IDS: ${DEN_ENTRA_ADMIN_GROUP_IDS:-}
+      DEN_ENTRA_MEMBER_GROUP_IDS: ${DEN_ENTRA_MEMBER_GROUP_IDS:-}
+      EMAIL_FROM: ${DEN_EMAIL_FROM:-OpenWork Den <den@openwork.local>}
+      RESEND_API_KEY: ${DEN_RESEND_API_KEY:-}
+      SMTP_HOST: ${DEN_SMTP_HOST:-}
+      SMTP_PORT: ${DEN_SMTP_PORT:-}
+      SMTP_USER: ${DEN_SMTP_USER:-}
+      SMTP_PASS: ${DEN_SMTP_PASS:-}
+      SMTP_SECURE: ${DEN_SMTP_SECURE:-false}
       POLAR_FEATURE_GATE_ENABLED: ${POLAR_FEATURE_GATE_ENABLED:-false}
       POLAR_API_BASE: ${POLAR_API_BASE:-}
       POLAR_ACCESS_TOKEN: ${POLAR_ACCESS_TOKEN:-}
@@ -146,5 +179,55 @@ services:
       DEN_AUTH_ORIGIN: ${DEN_BETTER_AUTH_URL:-http://localhost:3005}
       NEXT_PUBLIC_OPENWORK_AUTH_CALLBACK_URL: ${DEN_BETTER_AUTH_URL:-http://localhost:3005}
 
+  static-worker-smoke:
+    <<: *shared
+    image: node:20-alpine
+    profiles: ["static-worker-smoke"]
+    command:
+      - node
+      - -e
+      - |
+        const clientToken = process.env.OPENWORK_TOKEN || 'static-smoke-client-token';
+        const hostToken = process.env.OPENWORK_HOST_TOKEN || 'static-smoke-host-token';
+        const json = (res, status, body) => {
+          res.writeHead(status, {'content-type':'application/json'});
+          res.end(JSON.stringify(body));
+        };
+        require('http').createServer((req,res)=>{
+          if (req.url === '/health') {
+            json(res, 200, {ok:true, mode:'static-worker-smoke'});
+            return;
+          }
+          if (req.url === '/workspaces') {
+            const bearer = (req.headers.authorization || '').replace(/^Bearer\s+/i, '').trim();
+            if (bearer !== clientToken) {
+              json(res, 401, {error:'invalid_client_token'});
+              return;
+            }
+            json(res, 200, {workspaces:[{id:'static-smoke-workspace', name:'Static Smoke Workspace', path:'/workspace'}]});
+            return;
+          }
+          if (req.url === '/env/keys') {
+            if ((req.headers['x-openwork-host-token'] || '').trim() !== hostToken) {
+              json(res, 401, {error:'invalid_host_token'});
+              return;
+            }
+            json(res, 200, {keys:[], source:'static-worker-smoke'});
+            return;
+          }
+          json(res, 404, {error:'not_found'});
+        }).listen(8787, '0.0.0.0')
+    environment:
+      OPENWORK_TOKEN: ${DEN_STATIC_WORKER_SMOKE_OPENWORK_TOKEN:-static-smoke-client-token}
+      OPENWORK_HOST_TOKEN: ${DEN_STATIC_WORKER_SMOKE_OPENWORK_HOST_TOKEN:-static-smoke-host-token}
+    ports:
+      - "${DEN_STATIC_WORKER_SMOKE_PORT:-8787}:8787"
+    healthcheck:
+      test: ["CMD", "node", "-e", "fetch('http://127.0.0.1:8787/health').then((res)=>process.exit(res.ok?0:1)).catch(()=>process.exit(1))"]
+      interval: 5s
+      timeout: 5s
+      retries: 30
+      start_period: 10s
+
 volumes:
   den-mysql-data:
diff --git a/packaging/docker/docker-compose.den-static.yml b/packaging/docker/docker-compose.den-static.yml
new file mode 100644
index 0000000000..1d903939cc
--- /dev/null
+++ b/packaging/docker/docker-compose.den-static.yml
@@ -0,0 +1,152 @@
+# docker-compose.den-static.yml — Den static deployment stack
+#
+# Use this file for self-hosted Den deployments where worker runtimes already
+# exist and Den should allocate them from a fixed pool.
+
+x-shared: &shared
+  restart: unless-stopped
+
+services:
+  mysql:
+    image: mysql:8.4
+    command:
+      - --performance_schema=OFF
+      - --innodb-buffer-pool-size=64M
+      - --innodb-log-buffer-size=8M
+      - --tmp-table-size=16M
+      - --max-heap-table-size=16M
+    environment:
+      MYSQL_ROOT_PASSWORD: ${DEN_MYSQL_ROOT_PASSWORD:?DEN_MYSQL_ROOT_PASSWORD is required}
+      MYSQL_DATABASE: openwork_den
+    healthcheck:
+      test: ["CMD-SHELL", "mysqladmin ping -h 127.0.0.1 -p$DEN_MYSQL_ROOT_PASSWORD --silent"]
+      interval: 5s
+      timeout: 5s
+      retries: 30
+      start_period: 10s
+    expose:
+      - "3306"
+    volumes:
+      - den-mysql-data:/var/lib/mysql
+
+  den:
+    <<: *shared
+    build:
+      context: ../../
+      dockerfile: packaging/docker/Dockerfile.den
+    depends_on:
+      mysql:
+        condition: service_healthy
+    expose:
+      - "8788"
+    healthcheck:
+      test: ["CMD", "node", "-e", "fetch('http://127.0.0.1:8788/health').then((res)=>process.exit(res.ok?0:1)).catch(()=>process.exit(1))"]
+      interval: 5s
+      timeout: 5s
+      retries: 30
+      start_period: 120s
+    environment:
+      CI: "true"
+      OPENWORK_DEV_MODE: ${OPENWORK_DEV_MODE:-0}
+      # Provide a complete URL so passwords with URL-special characters can be percent-encoded.
+      # Example: mysql://root:p%40ss%3Aword@mysql:3306/openwork_den
+      DATABASE_URL: ${DEN_DATABASE_URL:?DEN_DATABASE_URL is required; percent-encode URL-special password characters}
+      BETTER_AUTH_SECRET: ${DEN_BETTER_AUTH_SECRET:?DEN_BETTER_AUTH_SECRET is required}
+      DEN_DB_ENCRYPTION_KEY: ${DEN_DB_ENCRYPTION_KEY:?DEN_DB_ENCRYPTION_KEY is required}
+      BETTER_AUTH_URL: ${DEN_BETTER_AUTH_URL:?DEN_BETTER_AUTH_URL is required}
+      DEN_MCP_RESOURCE_URL: ${DEN_MCP_RESOURCE_URL:-}
+      DEN_BETTER_AUTH_TRUSTED_ORIGINS: ${DEN_BETTER_AUTH_TRUSTED_ORIGINS:?DEN_BETTER_AUTH_TRUSTED_ORIGINS is required}
+      PORT: "8788"
+      CORS_ORIGINS: ${DEN_CORS_ORIGINS:?DEN_CORS_ORIGINS is required}
+      PROVISIONER_MODE: ${DEN_PROVISIONER_MODE:?DEN_PROVISIONER_MODE is required}
+      WORKER_URL_TEMPLATE: ${DEN_WORKER_URL_TEMPLATE:-}
+      STATIC_WORKER_URLS: ${DEN_STATIC_WORKER_URLS:?DEN_STATIC_WORKER_URLS is required}
+      STATIC_WORKER_TOKEN_MAP_JSON: ${DEN_STATIC_WORKER_TOKEN_MAP_JSON:?DEN_STATIC_WORKER_TOKEN_MAP_JSON is required}
+      STATIC_WORKER_HEALTH_PATH: ${DEN_STATIC_WORKER_HEALTH_PATH:-/health}
+      STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS: ${DEN_STATIC_WORKER_HEALTHCHECK_TIMEOUT_MS:-10000}
+      STATIC_WORKER_HEALTHCHECK_INTERVAL_MS: ${DEN_STATIC_WORKER_HEALTHCHECK_INTERVAL_MS:-1000}
+      STATIC_WORKER_ATTACH_ALLOW_PRIVATE: ${DEN_STATIC_WORKER_ATTACH_ALLOW_PRIVATE:-false}
+      STATIC_WORKER_ATTACH_ALLOWED_HOSTS: ${DEN_STATIC_WORKER_ATTACH_ALLOWED_HOSTS:-}
+      STATIC_WORKER_ATTACH_ALLOWED_CIDRS: ${DEN_STATIC_WORKER_ATTACH_ALLOWED_CIDRS:-}
+      DEN_ENTRA_TENANT_ID: ${DEN_ENTRA_TENANT_ID:-}
+      DEN_ENTRA_CLIENT_ID: ${DEN_ENTRA_CLIENT_ID:-}
+      DEN_ENTRA_CLIENT_SECRET: ${DEN_ENTRA_CLIENT_SECRET:-}
+      DEN_ENTRA_AUTO_JOIN_ENABLED: ${DEN_ENTRA_AUTO_JOIN_ENABLED:-false}
+      DEN_ENTRA_AUTO_JOIN_ORG_ID: ${DEN_ENTRA_AUTO_JOIN_ORG_ID:-}
+      DEN_ENTRA_AUTO_JOIN_ORG_SLUG: ${DEN_ENTRA_AUTO_JOIN_ORG_SLUG:-}
+      DEN_ENTRA_ADMIN_GROUP_IDS: ${DEN_ENTRA_ADMIN_GROUP_IDS:-}
+      DEN_ENTRA_MEMBER_GROUP_IDS: ${DEN_ENTRA_MEMBER_GROUP_IDS:-}
+      EMAIL_FROM: ${DEN_EMAIL_FROM:?DEN_EMAIL_FROM is required}
+      RESEND_API_KEY: ${DEN_RESEND_API_KEY:-}
+      SMTP_HOST: ${DEN_SMTP_HOST:-}
+      SMTP_PORT: ${DEN_SMTP_PORT:-}
+      SMTP_USER: ${DEN_SMTP_USER:-}
+      SMTP_PASS: ${DEN_SMTP_PASS:-}
+      SMTP_SECURE: ${DEN_SMTP_SECURE:-false}
+      POLAR_FEATURE_GATE_ENABLED: ${POLAR_FEATURE_GATE_ENABLED:-false}
+      POLAR_API_BASE: ${POLAR_API_BASE:-}
+      POLAR_ACCESS_TOKEN: ${POLAR_ACCESS_TOKEN:-}
+      POLAR_PRODUCT_ID: ${POLAR_PRODUCT_ID:-}
+      POLAR_BENEFIT_ID: ${POLAR_BENEFIT_ID:-}
+      POLAR_SUCCESS_URL: ${POLAR_SUCCESS_URL:-}
+      POLAR_RETURN_URL: ${POLAR_RETURN_URL:-}
+      DAYTONA_API_URL: ${DAYTONA_API_URL:-}
+      DAYTONA_API_KEY: ${DAYTONA_API_KEY:-}
+      DAYTONA_TARGET: ${DAYTONA_TARGET:-}
+      DAYTONA_SNAPSHOT: ${DAYTONA_SNAPSHOT:-}
+      DAYTONA_WORKER_PROXY_BASE_URL: ${DEN_DAYTONA_WORKER_PROXY_BASE_URL:-http://localhost:8789}
+
+  worker-proxy:
+    <<: *shared
+    build:
+      context: ../../
+      dockerfile: packaging/docker/Dockerfile.den-worker-proxy
+    depends_on:
+      mysql:
+        condition: service_healthy
+    expose:
+      - "8789"
+    healthcheck:
+      test: ["CMD", "node", "-e", "fetch('http://127.0.0.1:8789/unknown').then((res)=>process.exit([404,502].includes(res.status)?0:1)).catch(()=>process.exit(1))"]
+      interval: 5s
+      timeout: 5s
+      retries: 30
+      start_period: 90s
+    environment:
+      CI: "true"
+      DATABASE_URL: mysql://root:${DEN_MYSQL_ROOT_PASSWORD}@mysql:3306/openwork_den
+      PORT: "8789"
+      OPENWORK_DAYTONA_ENV_PATH: ${OPENWORK_DAYTONA_ENV_PATH:-}
+      DAYTONA_API_URL: ${DAYTONA_API_URL:-}
+      DAYTONA_API_KEY: ${DAYTONA_API_KEY:-}
+      DAYTONA_TARGET: ${DAYTONA_TARGET:-}
+      DAYTONA_OPENWORK_PORT: ${DAYTONA_OPENWORK_PORT:-8787}
+      DAYTONA_SIGNED_PREVIEW_EXPIRES_SECONDS: ${DAYTONA_SIGNED_PREVIEW_EXPIRES_SECONDS:-86400}
+
+  web:
+    <<: *shared
+    build:
+      context: ../../
+      dockerfile: packaging/docker/Dockerfile.den-web
+    command: ["sh", "-lc", "npm run build && npm run start"]
+    depends_on:
+      den:
+        condition: service_healthy
+    ports:
+      - "${DEN_WEB_PORT:-3005}:3005"
+    healthcheck:
+      test: ["CMD", "node", "-e", "fetch('http://127.0.0.1:3005/api/den/health').then((res)=>process.exit(res.ok?0:1)).catch(()=>process.exit(1))"]
+      interval: 5s
+      timeout: 10s
+      retries: 30
+      start_period: 180s
+    environment:
+      CI: "true"
+      OPENWORK_DEV_MODE: ${OPENWORK_DEV_MODE:-0}
+      DEN_API_BASE: http://den:8788
+      DEN_AUTH_FALLBACK_BASE: http://den:8788
+      DEN_AUTH_ORIGIN: ${DEN_BETTER_AUTH_URL:?DEN_BETTER_AUTH_URL is required}
+      NEXT_PUBLIC_OPENWORK_AUTH_CALLBACK_URL: ${DEN_BETTER_AUTH_URL:?DEN_BETTER_AUTH_URL is required}
+
+volumes:
+  den-mysql-data:
diff --git a/packaging/docker/docker-compose.yml b/packaging/docker/docker-compose.yml
index 5e50de5fc2..6a4ff623f4 100644
--- a/packaging/docker/docker-compose.yml
+++ b/packaging/docker/docker-compose.yml
@@ -1,23 +1,34 @@
 services:
   openwork-host:
     build:
-      context: .
-      dockerfile: Dockerfile
-      args:
-        # Keep this in sync with apps/orchestrator/package.json if you want a pinned release.
-        OPENWORK_ORCHESTRATOR_VERSION: 0.11.22
+      context: ../../
+      dockerfile: packaging/docker/Dockerfile
     ports:
-      - "8787:8787"
+      - "${OPENWORK_HOST_PORT:-8787}:8787"
     environment:
-      # Set these explicitly for stable sharing.
-      # OPENWORK_TOKEN: "..."
-      # OPENWORK_HOST_TOKEN: "..."
+      # Optional. If unset, the image generates stable per-worker tokens in /data/openwork-worker.env.
+      OPENWORK_TOKEN: ${OPENWORK_TOKEN:-}
+      OPENWORK_HOST_TOKEN: ${OPENWORK_HOST_TOKEN:-}
+      # Set to the LAN IP/DNS name clients and Den should use for this worker.
+      OPENWORK_CONNECT_HOST: ${OPENWORK_CONNECT_HOST:-127.0.0.1}
       # Optional: OPENWORK_APPROVAL_MODE: "auto"
       # Optional: OPENWORK_APPROVAL_TIMEOUT_MS: "30000"
+      OPENWORK_APPROVAL_MODE: ${OPENWORK_APPROVAL_MODE:-manual}
+      OPENWORK_APPROVAL_TIMEOUT_MS: ${OPENWORK_APPROVAL_TIMEOUT_MS:-30000}
+      # Set this to the exact browser/app origins that may call this worker.
+      # Wildcard CORS with bearer/host-token headers is intentionally not the default.
+      OPENWORK_CORS_ORIGINS: "${OPENWORK_CORS_ORIGINS:-http://localhost:8787,http://127.0.0.1:8787}"
+      OPENWORK_PORT: 8787
       OPENWORK_DATA_DIR: /data/openwork-orchestrator
       OPENWORK_SIDECAR_DIR: /data/sidecars
     volumes:
       # Mount an existing project/workspace here.
-      - ./workspace:/workspace
+      - ${OPENWORK_WORKSPACE_DIR:-./workspace}:/workspace
       # Persistent host data (OpenCode caches, server config, tokens).
-      - ./data:/data
+      - ${OPENWORK_DATA_DIR_HOST:-./data}:/data
+    healthcheck:
+      test: ["CMD", "node", "-e", "fetch('http://127.0.0.1:8787/health').then((res)=>process.exit(res.ok?0:1)).catch(()=>process.exit(1))"]
+      interval: 10s
+      timeout: 5s
+      retries: 30
+      start_period: 60s
diff --git a/packaging/docker/microsandbox-entrypoint.sh b/packaging/docker/microsandbox-entrypoint.sh
index 40045d37a0..bec0f5a436 100755
--- a/packaging/docker/microsandbox-entrypoint.sh
+++ b/packaging/docker/microsandbox-entrypoint.sh
@@ -9,7 +9,7 @@ OPENWORK_OPENCODE_PORT="${OPENWORK_OPENCODE_PORT:-4096}"
 OPENWORK_TOKEN="${OPENWORK_TOKEN:-microsandbox-token}"
 OPENWORK_HOST_TOKEN="${OPENWORK_HOST_TOKEN:-microsandbox-host-token}"
 OPENWORK_APPROVAL_MODE="${OPENWORK_APPROVAL_MODE:-auto}"
-OPENWORK_CORS_ORIGINS="${OPENWORK_CORS_ORIGINS:-*}"
+OPENWORK_CORS_ORIGINS="${OPENWORK_CORS_ORIGINS:-http://localhost:$OPENWORK_PORT,http://127.0.0.1:$OPENWORK_PORT}"
 OPENWORK_CONNECT_HOST="${OPENWORK_CONNECT_HOST:-127.0.0.1}"
 HOME="${HOME:-/root}"
 USER="${USER:-root}"
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index c07bd0db85..ff03c04698 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -217,12 +217,18 @@ importers:
 
   apps/desktop:
     dependencies:
+      '@modelcontextprotocol/sdk':
+        specifier: ^1.29.0
+        version: 1.29.0(zod@4.3.6)
       '@opencode-ai/sdk':
         specifier: ^1.16.2
         version: 1.16.2
       better-sqlite3:
         specifier: ^11.10.0
         version: 11.10.0
+      chrome-devtools-mcp:
+        specifier: 0.17.0
+        version: 0.17.0
       drizzle-orm:
         specifier: ^0.45.1
         version: 0.45.1(@opentelemetry/api@1.9.0)(@planetscale/database@1.19.0)(@types/better-sqlite3@7.6.13)(better-sqlite3@11.10.0)(bun-types@1.3.6)(kysely@0.28.17)(mysql2@3.17.4)
@@ -480,6 +486,9 @@ importers:
       stripe:
         specifier: ^22.1.1
         version: 22.1.1(@types/node@20.12.12)
+      tsx:
+        specifier: ^4.15.7
+        version: 4.21.0
       zod:
         specifier: ^4.3.6
         version: 4.3.6
@@ -490,9 +499,6 @@ importers:
       '@types/node':
         specifier: ^20.11.30
         version: 20.12.12
-      tsx:
-        specifier: ^4.15.7
-        version: 4.21.0
       typescript:
         specifier: ^5.5.4
         version: 5.9.3
@@ -4957,6 +4963,11 @@ packages:
     resolution: {integrity: sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==}
     engines: {node: '>=18'}
 
+  chrome-devtools-mcp@0.17.0:
+    resolution: {integrity: sha512-vMi2zXq2ph2EG6amyyApcvuKJcEFj4cGK1XQVb6x8vQYHk8D9ZnSxdtFqD0cRnG7SbUOrg3GhjOZEJAD1dZWSQ==}
+    engines: {node: ^20.19.0 || ^22.12.0 || >=23}
+    hasBin: true
+
   chromium-pickle-js@0.2.0:
     resolution: {integrity: sha512-1R5Fho+jBq0DDydt+/vHWj5KJNJCKdARKOCwZUen84I5BreWoLqRLANH1U87eJy1tiASPtMnGqJJq0ZsLoRPOw==}
 
@@ -13734,6 +13745,8 @@ snapshots:
 
   chownr@3.0.0: {}
 
+  chrome-devtools-mcp@0.17.0: {}
+
   chromium-pickle-js@0.2.0: {}
 
   ci-info@3.9.0: {}