Skip to main content
Security and observability settings control PII detection, API exposure, file upload policies, cross-channel session behavior, and the production approval policy that gates deployments.

PII Protection

The PII Protection page configures PII detection patterns, redaction strategies, and consumer access controls for this project. Navigation: ProjectSettingsPII Protection Global Settings
Credential, secret, and high-risk token scrubbing stays active for logs, traces, session history, and normal API responses even when you disable configurable PII detection.

Built-in Patterns

Built-in patterns use pre-configured, optimized detection logic. You can adjust redaction, per-consumer access, and enabled state for each pattern. Only disable high-risk patterns if you have a documented reason and understand the compliance impact. Click Configure next to any pattern to adjust its redaction strategy, consumer access rules, and enabled state.

Custom Patterns

Click Add Pattern to define organization-specific PII detection rules. The Create PII Pattern dialog includes the following sections: Basics Detection Redaction Strategy When you select Predefined Label, configure the Redaction Label field to customize the replacement text. Consumer Access
LLM consumers can’t receive original plaintext. The system stores a saved LLM override of Original as Tokenized, and an Original default adds an explicit LLM Tokenized override.
Live Test Enter sample text in the Sample Text field to test pattern detection before saving. The test runs the regex pattern and validator expression against the input and shows matches with the configured redaction applied.

Public API Access

The Public API Access page configures which APIs end-users can access when authenticating through their organization’s identity provider (Azure AD, Okta, Google). Navigation: ProjectSettingsPublic API Access

Query API

Toggle the Query API to allow authenticated end-users to query agents through the public API endpoint. When you enable it, the following configuration fields appear: Session and Rate Limits

Attachments

The Attachment Settings page configures file upload behavior for this project. Navigation: ProjectSettingsAttachments General Upload Limits Default allowed file types include image/jpeg, image/png, image/gif, image/webp, application/pdf, text/markdown, text/plain, text/csv, application/json, application/msword, application/vnd.openxmlformats-officedocument.wordprocessingml.document, application/vnd.ms-excel, application/vnd.openxmlformats-officedocument.spreadsheetml.sheet, audio/mpeg, audio/wav, audio/webm, video/mp4, and video/webm. To add a custom MIME type, enter it in the Add MIME type field and click the add button. To remove an allowed type, click the × next to it. Processing Info Click Save Changes to apply.

Omnichannel

The Omnichannel page configures cross-channel session continuity. Navigation: ProjectSettingsOmnichannel Omnichannel settings allow users who start a conversation on one channel to continue it on another without losing context. Conversation Recall Allowed channels Lists all supported channels (web, voice, sms, whatsapp, email, slack, teams) with toggles for cross-channel recall participation. Identity Requirements Consent Live Transcript Sync Configure real-time transcript synchronization settings for cross-channel sessions. Click Save Settings to apply changes.
If you see a “Failed to save settings” error, verify that your role has write permissions for project settings.

Governance

The Governance page sets the production approval policy for this project. The policy controls how strictly the platform gates production deployments, so a stricter level requires more sign-off before an agent version can ship. Navigation: ProjectSettingsGovernance Production approval policy The page shows whether the policy is Inherited (default) or set explicitly for the project, along with the Effective level currently in force and its source (for example, Standard from the platform default). To set an explicit policy, drag the Approval strictness slider to a level, then click Save policy. When you select a level, the page shows that level’s sign-off requirements below the slider. Saving an explicit policy overrides the inherited platform default.