Skip to main content

Beta Limitations

Mandaitor is in public beta. We want you to know exactly what is production-ready, what is not, and where the rough edges are. This page is the single source of truth for those boundaries — if you rely on a feature that is not listed here as stable, treat it as best-effort.

Stability Tiers

TierWhat it means
StableProduction-ready. Breaking changes only with a 90-day deprecation window.
BetaFeature-complete but may change based on feedback. 30-day deprecation window.
PreviewExperimental. Can change or be removed at any time.

API Surface

Stable

  • POST /verify — mandate verification with reason codes and constraints.
  • POST /mandates, GET /mandates/{id}, GET /mandates — mandate CRUD.
  • POST /mandates/{id}/suspend, /reactivate, /revoke — lifecycle.
  • GET /mandates/{id}/events, GET /events/{id} — audit log reads.
  • POST /onboarding/request — public onboarding intake.
  • API key authentication via x-api-key header.
  • Signed Webhook Delivery — Webhooks are delivered via SQS with HMAC-SHA256 signatures (X-Mandaitor-Signature) and SSRF protection.
  • Consent UX — Human-in-the-loop approval workflows for mandates (/consents).

Beta

  • GET /mandates/{id}/evidence-pack — court-ready evidence export. Schema may gain fields but will not break existing ones.
  • POST /verify?pom=sd-jwt-vc — Proof-of-Mandate Verifiable Credential issuance.
  • Agent Identity Registry — Persistent agent identity with DID and key rotation (/agents).
  • Marketplace — Community-contributed taxonomy definitions and mandate templates (/marketplace).
  • MCP Authorization Server — Tool-access boundary enforcement (/mcp) with mcp-runtime-trace/v2 runtime evidence.
  • Runtime Assurance Loop — Validated Core → Ops → Trust Data → Dashboard evidence publication for MCP authorization events.
  • Tenant Access Management — Tenant-scoped role assignments for canonical subject IDs, including TENANT_ROLE_ASSIGNED and TENANT_ROLE_REVOKED audit events.
  • Tenant Audit/SIEM Export — Tenant-scoped audit exports for SIEM ingestion, guarded by events:export RBAC and cursor-based pagination.
  • Admin dashboard at dashboard.mandaitor.io. UI may evolve rapidly.

Preview

  • Verifiable Intent (VI) Credential — Compatibility layer for Mastercard/Google VI spec (/mandates/{id}/vi-credential).
  • Drift Monitor — Ontology-based semantic analysis for drift detection (/drift). Drift remains advisory and does not change authorization decisions.
  • EUDI Wallet session APIs (/eudi/*).
  • SCIM provisioning endpoints (/scim/v2/*).
  • DID document resolution (/.well-known/did.json).
  • Trust signal endpoint (/trust-signals).

Operational Limits

  • Region: All data resides in eusc-de-east-1 (AWS European Sovereign Cloud). Cross-region replication is not yet available.
  • Throughput: See Rate Limiting. Beta accounts are capped at 10 req/s sustained, 20 req/s burst, 100k requests/month.
  • Retention: The Horizon 0 GA readiness policy now defines machine-readable defaults: audit events, evidence packs, and tenant operational records are retained for 2,555 days, while deletion and export requests target 30 days.
  • SLA: Beta operation remains best-effort, with a monitored 99.5% service objective. The Horizon 0 closeout policy marks the GA SLA posture as publication-ready for eligible GA plans, but beta accounts are not yet backed by a formal support agreement.

What Is Not Yet Supported

  • Multi-region failover.
  • Customer-supplied encryption key import beyond Mandaitor-managed customer-managed KMS keys.
  • On-prem / self-hosted deployment.
  • GDPR Article 20 automated data export (manual export on request).

Known Rough Edges

  • Evidence pack export returns JSON only. A PDF renderer is available in the dashboard via browser print.
  • Verify Playground API key is stored in sessionStorage and does not persist across browser tabs.
  • Compliance dashboard verification badges may briefly show asserted immediately after a claim is added, before the next weekly generator run reclassifies it.
  • Runtime Assurance publication depends on the generated trust-data.json artifact. If live trust data is unavailable, the dashboard uses documented fallback data so reviewers can still inspect the expected cockpit layout.

Reporting Issues

  • Security: security@mandaitor.io (PGP key on the Trust Page).
  • Bugs: GitHub issues.
  • Questions: support@mandaitor.io for direct beta support and onboarding help.

Going to General Availability

We will announce GA with:

  1. A 30-day notice on this page and the dashboard.
  2. An explicit changelog of every breaking change between beta and GA.
  3. A published SLA that applies to eligible GA plans and references the Horizon 0 closeout posture.
  4. A data residency attestation backed by the machine-readable GA readiness policy and generated trust data.

Until then, please treat Mandaitor as beta software: production-safe for pilot workloads, but not yet backed by a formal support agreement. Customer-managed KMS at rest, tenant audit/SIEM export, retention defaults, and data-residency posture are now documented as Horizon 0 GA-readiness commitments rather than deferred GA work.