Beta Limitations
Mandaitor is in public beta. We want you to know exactly what is production-ready, what is not, and where the rough edges are. This page is the single source of truth for those boundaries — if you rely on a feature that is not listed here as stable, treat it as best-effort.
Stability Tiers
| Tier | What it means |
|---|---|
| Stable | Production-ready. Breaking changes only with a 90-day deprecation window. |
| Beta | Feature-complete but may change based on feedback. 30-day deprecation window. |
| Preview | Experimental. Can change or be removed at any time. |
API Surface
Stable
POST /verify— mandate verification with reason codes and constraints.POST /mandates,GET /mandates/{id},GET /mandates— mandate CRUD.POST /mandates/{id}/suspend,/reactivate,/revoke— lifecycle.GET /mandates/{id}/events,GET /events/{id}— audit log reads.POST /onboarding/request— public onboarding intake.- API key authentication via
x-api-keyheader. - Signed Webhook Delivery — Webhooks are delivered via SQS with HMAC-SHA256 signatures (
X-Mandaitor-Signature) and SSRF protection. - Consent UX — Human-in-the-loop approval workflows for mandates (
/consents).
Beta
GET /mandates/{id}/evidence-pack— court-ready evidence export. Schema may gain fields but will not break existing ones.POST /verify?pom=sd-jwt-vc— Proof-of-Mandate Verifiable Credential issuance.- Agent Identity Registry — Persistent agent identity with DID and key rotation (
/agents). - Marketplace — Community-contributed taxonomy definitions and mandate templates (
/marketplace). - MCP Authorization Server — Tool-access boundary enforcement (
/mcp) withmcp-runtime-trace/v2runtime evidence. - Runtime Assurance Loop — Validated Core → Ops → Trust Data → Dashboard evidence publication for MCP authorization events.
- Tenant Access Management — Tenant-scoped role assignments for canonical subject IDs, including
TENANT_ROLE_ASSIGNEDandTENANT_ROLE_REVOKEDaudit events. - Tenant Audit/SIEM Export — Tenant-scoped audit exports for SIEM ingestion, guarded by
events:exportRBAC and cursor-based pagination. - Admin dashboard at
dashboard.mandaitor.io. UI may evolve rapidly.
Preview
- Verifiable Intent (VI) Credential — Compatibility layer for Mastercard/Google VI spec (
/mandates/{id}/vi-credential). - Drift Monitor — Ontology-based semantic analysis for drift detection (
/drift). Drift remains advisory and does not change authorization decisions. - EUDI Wallet session APIs (
/eudi/*). - SCIM provisioning endpoints (
/scim/v2/*). - DID document resolution (
/.well-known/did.json). - Trust signal endpoint (
/trust-signals).
Operational Limits
- Region: All data resides in
eusc-de-east-1(AWS European Sovereign Cloud). Cross-region replication is not yet available. - Throughput: See Rate Limiting. Beta accounts are capped at 10 req/s sustained, 20 req/s burst, 100k requests/month.
- Retention: The Horizon 0 GA readiness policy now defines machine-readable defaults: audit events, evidence packs, and tenant operational records are retained for 2,555 days, while deletion and export requests target 30 days.
- SLA: Beta operation remains best-effort, with a monitored 99.5% service objective. The Horizon 0 closeout policy marks the GA SLA posture as publication-ready for eligible GA plans, but beta accounts are not yet backed by a formal support agreement.
What Is Not Yet Supported
- Multi-region failover.
- Customer-supplied encryption key import beyond Mandaitor-managed customer-managed KMS keys.
- On-prem / self-hosted deployment.
- GDPR Article 20 automated data export (manual export on request).
Known Rough Edges
- Evidence pack export returns JSON only. A PDF renderer is available in the dashboard via browser print.
- Verify Playground API key is stored in
sessionStorageand does not persist across browser tabs. - Compliance dashboard verification badges may briefly show
assertedimmediately after a claim is added, before the next weekly generator run reclassifies it. - Runtime Assurance publication depends on the generated
trust-data.jsonartifact. If live trust data is unavailable, the dashboard uses documented fallback data so reviewers can still inspect the expected cockpit layout.
Reporting Issues
- Security:
security@mandaitor.io(PGP key on the Trust Page). - Bugs: GitHub issues.
- Questions:
support@mandaitor.iofor direct beta support and onboarding help.
Going to General Availability
We will announce GA with:
- A 30-day notice on this page and the dashboard.
- An explicit changelog of every breaking change between beta and GA.
- A published SLA that applies to eligible GA plans and references the Horizon 0 closeout posture.
- A data residency attestation backed by the machine-readable GA readiness policy and generated trust data.
Until then, please treat Mandaitor as beta software: production-safe for pilot workloads, but not yet backed by a formal support agreement. Customer-managed KMS at rest, tenant audit/SIEM export, retention defaults, and data-residency posture are now documented as Horizon 0 GA-readiness commitments rather than deferred GA work.