Interested in an on-premise deployment or AI transformation? Calculate your AI costs. Call/text 📞 (571) 293-0242
Back to Updates

Week of April 17-24, 2026

ibl.ai EngineeringApril 24, 2026
Application

External service proxy foundation, multi-server deployment topology, OIDC rate limiting, AI memory categories, and comprehensive agent configuration skills.

Frontend

API Changes

  • Memory Status API: Added getMemsearchStatus query for /api/ai-mentor/orgs/{org}/users/{user_id}/memsearch-status/ endpoint with student and admin access, enabling user Profile memory tab visibility gating via memsearch-status instead of memsearch-config
  • Data Reports API: Enhanced analytics report generation with configurable date picker and obvious regeneration buttons that appear post-download via enriched API responses
  • Buy Flow API: Implemented complete buy page with /buy/[id] route and product purchase API integration supporting platform authentication flows

UI Components

  • Skills Profile SDK: Migrated skills profile components and course content sub-tabs to common SDK components with comprehensive test coverage (95%+ line coverage across flagged files)
  • Course Content Framework: Added full course content layout system including course access guard, content loading states, tab page navigation, outline drawer, and timed exam components with EdX iframe integration
  • Memory Management UI: Implemented ManageCategoriesModal for add/rename/delete memory categories, wired via new "Categories" button in memory tab with anonymous/embed mode gating
  • Audit Log Analytics: Added audit log statistics component with Command UI for filtering and data visualization in mentor analytics

Data Model

  • Pagination Component: New ibl-pagination component with comprehensive test suite for data navigation
  • Memory Categories: CRUD operations for memory categories with real-time conversational assessment producing structured GradeResult objects

Backend

API Changes

  • External Service Proxy: Phase 1 foundation with config-driven proxy models for services, endpoints, credential policy, request execution, and async jobs under /api/ai-proxy/ gateway namespace with default ElevenLabs and HeyGen configurations
  • Global Memory Filtering: Added session_id filtering and case-insensitive content search to user global memory list endpoint via standardized UserGlobalMemoryFilterSet with start_date/end_date filtering and UserGlobalMemory.source_session index
  • Chat History Transformers: Pluggable system for provider/model-specific message normalization with GPT-5 family transformer that strips Responses-API ephemeral kwargs and flattens annotated content blocks to prevent 400 "missing index" errors

Data Model

  • External Proxy Models: Complete data model with ExternalService, ExternalEndpoint, ExternalCredentialPolicy, ExternalRequest, and ExternalJob entities supporting service registry resolution, credential resolution, and runtime orchestration
  • Audit Logging: Enhanced audit log infrastructure with ReportTask.created_at field distinguishing request time from Celery pickup time, retry_selected_reports admin action for bulk failed report retry
  • Monetization Integration: Configurable on_successful_payment redirect URLs on paywall configs with checkout redirect enrichment including platform_key, subscription_id, and email query params

Security Capabilities

  • OIDC Token Rate Limiting: Two-layer throttle system on /openid/token with per-IP DoS cap (default 200/min) and per-(ip,client_id) failure-only counter (default 10/min) reading client_id from form body or HTTP Basic auth
  • Magic Link Security: CSPRNG-based 6-digit verification codes via secrets.choice() with per-token failed-attempt lockout using failed_code_attempts field and configurable MAGIC_LINK_MAX_FAILED_CODE_ATTEMPTS
  • Authentication Hardening: Per-account login throttling on OAuth token endpoint to prevent credential stuffing with configurable ACCOUNT_LOGIN_THROTTLE_RATE (default 5/min) and 429 response when budget exhausted

Infrastructure

  • Chat History Middleware: Graph agent ChatHistoryMiddleware packs intermediate tool-calling AI messages and tool results into final AIMessage's additional_kwargs["intermediate_messages"] with session detail endpoints exposing additional_kwargs and tool_calls
  • Client Context RAG: Enhanced vector similarity search with client_context metadata integration for improved retrieval relevance in multimodal runners, call agents, and quiz customizer

Infrastructure

Deployment

  • Multi-Server Topology: New deployment architecture option with VPC containing 4 subnet tiers, NAT gateways, N app EC2 instances, 1 services EC2, optional RDS MySQL/PostgreSQL, Redis ElastiCache, and EFS shared storage supporting 2-10 app servers
  • Placeholder Key Protection: Automated IBL_FERNET_KEY rotation in service-update to prevent LMS crash-loops when placeholder keys are detected, with secure key generation and backups directory creation

Security Capabilities

  • Content Security Policy: Report-Only baseline implementation with default-src, script-src, style-src, img-src, font-src, connect-src, object-src, and base-uri directives across LMS/CMS/MFE/Notes nginx configurations, flag-gated via IBL_REVERSE_PROXY.ENABLE_CSP_BASELINE_REPORT_ONLY
  • CORS Configuration: Environment-configurable CORS policy for Data Manager with CORS_ALLOW_ALL_ORIGINS, CORS_ALLOWED_ORIGINS, and CORS_ALLOWED_ORIGIN_REGEXES replacing hardcoded allow-all pattern
  • OAuth Provider Consolidation: Absorbed 58 OAuth settings into managed ibl-edx-base-oauth-sso-backend plugin with 49 new defaults under IBL_EDX.IBL_EDX_BASE_OAUTH_SSO_BACKEND namespace

Infrastructure

  • Progress Tab Configuration: Configurable ENABLE_PROGRESS_TAB_STUDIO_LINK via MFE_CONFIG for deployment-specific Studio link visibility control replacing CSS-based hiding
  • Redis TLS Support: Complete Redis TLS connection support with ssl_cert_reqs=CERT_REQUIRED for Celery broker/result backend URLs and Django cache CONNECTION_POOL_KWARGS

Vibe

Skill Framework

  • Agent Configuration Skills: Comprehensive skill set for agent management including iblai-agent-access, iblai-agent-api, iblai-agent-datasets, iblai-agent-disclaimers, iblai-agent-embed, iblai-agent-history, iblai-agent-llm, iblai-agent-memory, iblai-agent-prompts, iblai-agent-safety, iblai-agent-search, iblai-agent-settings, and iblai-agent-tools
  • UI Component Skills: Navigation skills including iblai-navbar for platform navigation with real page integration, iblai-profile with complete metadata and media upload API information, and iblai-marketing-landing for product presentation

Documentation

Developer Guides

  • External Service Proxy: Complete documentation with ElevenLabs and HeyGen integration examples, error handling patterns, and implementation guidance for service proxy system — https://ibl.ai/docs/platform/external-service-proxy/
  • RBAC System: Comprehensive developer guide explaining role-based access control mechanics with all endpoints for permission management, global roles configuration, and team sharing patterns — https://ibl.ai/docs/platform/rbac/
  • Notification System: Detailed application-level notification system documentation covering event handling, delivery mechanisms, and integration patterns — https://ibl.ai/docs/platform/notifications/

API Documentation

Next →Week of April 10 – 17, 2026