> ## Documentation Index > Fetch the complete documentation index at: https://docs.stacyos.xyz/llms.txt > Use this file to discover all available pages before exploring further. # Week of 2026 05 15 # Week of May 15, 2026 Date: 2026-05-15 This week brings enterprise governance to general availability and ships a security fix-up pass before public launch. ## New features ### OIDC / SSO sign-in StacyVM now accepts OIDC Bearer tokens from Google Workspace, Okta, Azure AD, and Cloudflare Access. Configure your issuer, JWKS URL, audience, and clock-skew tolerance under `auth.oidc_*`. Both RS256 and ES256/384/512 signing algorithms are supported. See [Security and governance](/docs/security-governance). ### Role-based access control Three new roles join the existing `api` and `admin` keys: * `viewer` — read-only access. Cannot spawn, exec, or destroy sandboxes. * `operator` — full sandbox lifecycle (spawn, exec, files). * `tenant_admin` — administer a single tenant. OIDC groups map to roles through `auth.oidc_admin_groups`, `auth.oidc_operator_groups`, and `auth.oidc_viewer_groups`. ### Multi-tenancy Tenants, members, and per-tenant audit logs are now first-class. Every sandbox, admin audit log, and operation log carries a `tenant_id`, and list/get/exec/file/log routes enforce tenant boundaries for OIDC callers. Manage tenants through `/api/v1/admin/tenants` or the new **Tenants** page in the admin dashboard. See [Admin control plane](/docs/admin-control-plane). ### Policy controls Per-tenant allow/deny rules for `image`, `provider`, and `network` resources, with glob patterns and priority ordering. Policies are evaluated at spawn time. ### Centralized worker token issuer `POST /api/v1/admin/worker-tokens` mints short-lived signed worker tokens, so workers no longer need direct access to `auth.worker_signing_key`. Bootstrap a worker with `--bootstrap-admin-key` and it will fetch and refresh its own tokens. See [Worker RPC contract](/docs/worker-rpc-contract). ### High-availability event bus When `database.driver = postgres`, sandbox lifecycle events now propagate across control-plane replicas through a Postgres `LISTEN/NOTIFY` bridge. Each replica stamps events with an instance UUID so subscribers never receive duplicates. ### Postgres backup and rehearsal Two new commands for production operators: * `stacyvm db pg-backup ` — wraps `pg_dump` for cluster snapshots. * `stacyvm db pg-rehearse` — verifies schema state and required tables before upgrades. ### Worker RPC mTLS smoke test `scripts/smoke-remote-worker.sh --mtls` generates an ephemeral CA and runs the full remote-worker smoke over HTTPS with mutual TLS. See [Remote worker staging](/docs/remote-worker-staging). ### Runtime certification integration `scripts/certify-runtime.sh --stacyvm-bin` now auto-starts a local server, spawns a sandbox, execs a command, and tears it down — end-to-end proof in one command. ## Updates * `stacyvm config lint --production` validates OIDC issuer, JWKS URL, audience, and group-to-role mappings. * Worker heartbeats advertise `https://` URLs when `worker.rpc_tls.enabled = true`. ## Bug fixes ### Security * **RS256 JWT verification** — tokens from Google Workspace, Okta, Azure AD, and Cloudflare Access were being rejected because the verifier was not using SHA-256. They now validate correctly. * **Admin routes in OIDC-only mode** — admin endpoints were reachable by anonymous callers when only OIDC (no admin API key) was configured. Admin scope is now enforced whenever any auth is configured. * **Mixed OIDC + API key auth** — valid Bearer tokens were being rejected when an API key header was also expected. Mixed-mode requests now succeed. * **Policy enforcement on sandbox creation** — policies could be created but were never evaluated at spawn time. They are now enforced on `POST /api/v1/sandboxes`. * **Worker token issuer scope validation** — the admin token issuer now rejects non-`worker:` scopes with `400 Bad Request` instead of silently filtering them. ### Other * Policy enforcement middleware now buffers request bodies so downstream handlers can still decode them. * Durable event bridge no longer double-delivers events to local subscribers on the publishing replica. * `stacyvm config lint` markdown output renders portably across shells.