MemoryRouterMemoryRouter

Security & data isolation

User isolation, vault scoping, provider flow, deletion, export, key rotation, and compliance posture.

Security & data isolation

Enterprise teams usually ask one question first: can User A retrieve User B's memory?

The answer is no when you use the standard per-user Memory Key model. Retrieval is scoped to the vault identified by the Memory Key on the request.

Authorization: Bearer mk_user_a → searches Vault A
Authorization: Bearer mk_user_b → searches Vault B

Vault scoping

One Memory Key points to one vault. Requests authenticated with that key retrieve and store memory inside that vault only.

For multi-user apps, create a separate Memory Key for each user or customer boundary you need to isolate.

Provider flow

MemoryRouter receives the user's request, retrieves relevant memory from that user's vault, calls the selected model provider, and stores useful new context.

Provider keys can be stored in the dashboard or passed through per request. In BYOK pass-through mode, your provider key is used to call the model provider and X-Memory-Key identifies the user vault.

What goes to model providers

The model provider receives the prompt content needed to answer the request, including relevant memory context retrieved for that user. Other users' vaults are not searched for that request.

Key rotation and revocation

Memory Keys should be treated as credentials. If a key is exposed, rotate or revoke it and update your stored user_id → memory_key mapping.

Enterprise key provisioning, rotation, and revocation can be managed through dashboard or agreed admin workflows. Confirm the API contract before production automation.

Deletion

On account deletion, stop using the key, revoke it, and delete or clear the vault under your retention policy. CLI and dashboard deletion paths exist today. Enterprise deletion automation should be confirmed during implementation.

Export

If your product provides data export, include user memory in your export process. MemoryRouter supports direct memory search and JSONL upload today. Confirm enterprise export requirements before launch.

Data residency and compliance posture

Current public positioning states:

  • SOC 2 Type II is in progress, with Q3 2026 target language on the enterprise site.
  • DPAs are available on request.
  • Custom data residency is available on the Enterprise tier.

Do not represent SOC 2 as complete unless MemoryRouter provides the completed report.

  • Use one Memory Key per end user or per isolated customer boundary.
  • Never reuse a user key across unrelated customers.
  • Keep your internal user_id → memory_key mapping private.
  • Rotate keys on suspected exposure.
  • Wire deletion and export into your existing account lifecycle.

Product patterns

Memory patterns for companions, coaches, tutors, support agents, sales assistants, and internal copilots.

Cost model

How MemoryRouter usage-based memory maps to multi-user app economics.

On this page

Security & data isolationVault scopingProvider flowWhat goes to model providersKey rotation and revocationDeletionExportData residency and compliance postureRecommended production rules