Access Claude Code, DeepAgents, Codex, and OpenCode through the browser. Switch harnesses and models on any repo in seconds — no local setup, no configuration, no wasted time.
No single harness, model, or runtime wins every task. IDfunction Agent is built on four axes of optionality — so the right choice is always a switch away, and the work survives the swap.
Claude Code excels at code edits and long-context refactors. DeepAgents shines at structured tool-using planning. Codex is fast for surface tweaks. Switch per task; state carries across the session.
Frontier Claude for hard architecture work, Haiku for boilerplate, GPT for one-shot generation, open-source via OpenRouter for high-volume runs. Choose the cost curve per project, not per platform.
Every workspace runs in a MicroSandbox-managed microVM with KVM isolation. No host filesystem access, isolated network, configurable CPU and memory. The agent can break things — just not your things.
Roles, model access, harness allowlists, audit retention, and billing scoped to your organization. Invite a team, set the policy, ship.
IDfunction Agent separates the tooling from the output. The AI Harness is the cloud workspace where you talk to the agent. The PIAM Product is the per-customer system that ships to the customer's environment.
Each harness streams its own raw events; our canonical session layer normalises them into a typed, ordered transcript — keyed to your workspace, independent of which harness or model produced it. Replay it. Fork it. Audit it. Migrate it.
For regulated customers asking "what did your agent do for us last quarter?", a canonical transcript is the only defensible answer.
Every production session becomes a labeled test case. Re-run against a new model, diff outcomes, gate promotions.
Pause an agent at turn N, fork with a different tool result, see what happens. The killer feature for debugging failure modes.
For support: "agent did X for customer Y, replay from event 23 with verbose logging." Reproducibility from the audit trail.
External tools — Slack, ticketing, dashboards — read agent state without reaching into a specific harness or runtime.
When you add a fourth harness or swap one out, your session investments survive. The canonical layer is forward-compatible.
Same session, two models, run side by side. A pattern only practical when the session is independent of the runtime.
Workspace-scoped memory survives session boundaries and harness swaps — long-context grounding that travels with the project.
Orchestrator + worker sub-agents writing into one session, with explicit ordering. Structured collaboration instead of ad-hoc sub-process trees.
Most platforms ship harnesses with a fixed personality. We don't. Pin system prompts, scope tool allowlists, set token and iteration ceilings, route to the right model, control approval gates — independently for each workspace, for each harness. Standardise per customer; experiment per branch.
Pin a custom system prompt per harness, per workspace. Append a customer-specific preamble without modifying the underlying CLI.
Whitelist exactly which tools the harness can call — file read, shell, web fetch, package install. Deny by default for regulated workspaces.
Pick the model per harness per workspace. Frontier Claude for hard work, Haiku for the cheap path — and an override for client-billed projects.
Require human approval for shell commands, deploys, or destructive ops. Cap iterations, token spend, and runtime per session.
Inject workspace-scoped environment variables into the sandbox. Credentials live in the AES-256 vault; the harness sees them via the runtime.
A guided pipeline that compresses a fortnight of manual setup into an afternoon of conversation.
A workspace built around the way developers actually work — chat, files, git, shell — with sandbox isolation, multi-harness session continuity, and team-aware controls wired in.
Switch from Claude Code to DeepAgents mid-task. Your session, tool history, and pending state carry over. No conversation loss, no context rebuild.
Each workspace runs in its own MicroSandbox microVM. Hardware isolation, no host filesystem access, configurable CPU and memory.
Switch between Anthropic, OpenAI, Google, and OpenRouter per project. Per-workspace overrides for client-billed work.
Pause at any event, fork with a different model, prompt, or tool response. Run the branches side by side and compare outcomes.
Replay any session from event N with new verbose logging — for support, debugging, or regression testing against a newer model.
Invite your team, scope models and harnesses by role, aggregate billing, enforce policies. Built for shared workspaces from day one.
Page refresh, tab close, network blip — the runtime stays alive for 5 minutes. Reconnect and the hello frame restores state and history.
Multi-stage builds, health checks, reverse proxy. Semver-tagged in GHCR, exportable as .tar.gz for air-gapped deployments.
Real-time chat with streaming. A file tree with git-native workflow. Live agent state. Harness and model switching. Built for the way teams actually ship.
Three-state git tracking — Unsaved, Unpublished, Published — on every file.
Each workspace has its own GitHub repository under your org.
Live state machine — Thinking · Executing · Waiting · Idle.
Switch between Claude Code, DeepAgents, and Codex. Canonical session carries over.
Every tool execution named, scoped, and timed inline. Shell, edits, git, deploy.
Streamed prompts; input gates on agent state; multi-choice overlay for selectors.
Agentic coding is a team sport. IDfunction Agent gives organizations shared workspaces, role-based access, aggregated audit, and a single billing surface — so you can onboard your team to agents on the harnesses they actually want to use.
Workspaces, repos, and sessions belong to your organization — not individual users. Bring your whole team into one shared surface.
Admin, Developer, Viewer. Scope harness allowlists, model access, and workspace permissions per role.
One organization key set, used by every member. AES-256-GCM encrypted; rotate from a single page.
Every session — across members, harnesses, and models — rolled up into one org-level audit trail and one bill.
Require approval gates for production deploys. Block specific tools or models per workspace. Apply org-wide retention.
Invite teammates by email; they pick up the harness, the sandbox, the canonical session — already wired for agentic coding.
| Member | Role | Harness access | Last session |
|---|---|---|---|
| DUDominik Ulrich | Admin | All · 3 | 2 min ago |
| MSMira Schenk | Developer | CC · DA | 14 min ago |
| JKJamil Kanaan | Developer | CC · Codex | 1 h ago |
| RPRina Petrović | Viewer | Read-only | Yesterday |
| TSTheo Sondergaard | Developer | DA only | 3 days ago |
Designed for environments where access control isn't optional and audit trails aren't negotiable. Every credential is encrypted, every action is logged, every workspace runs in its own VM.
Each workspace runs in a hardware-isolated MicroSandbox VM. No host filesystem access, isolated network.
Every API key and credential encrypted at rest with authenticated encryption. Same key in frontend and runtime.
NextAuth v5 with Azure AD, Okta, and custom identity providers. JWT sessions stored in Redis.
Canonical session is the audit trail. Structured logs for every workspace and agent action, with end-to-end correlation IDs.
Per-user rate limiting via Redis. Path-traversal protection and shell-injection blocking by default.
Open the workspace, invite your teammates, pick a harness. Every session, every harness, every model — one canonical record.