--- title: "Week of May 15–22, 2026" slug: "platform-update-2026-05-22" date: "2026-05-22" tag: "Application" summary: "Agent task scheduling, privacy controls, Advanced Chat SDK, CRM identity API, TTS endpoints, LLM-as-Judge, security and dependency hardening, and LiveKit tool integration." author: "ibl.ai Engineering" --- ## Frontend - **AgentTasksTab for periodic agent management** — comprehensive CRUD interface for scheduling agent tasks with date/time/cron repeat configurations, log-details modal, and status badges (Completed/Failed/Running/Scheduled/Disabled) via new `useGetPeriodicAgentsQuery` and `useCreatePeriodicAgentMutation` hooks - **AgentPrivacyTab component** — master toggle with action dropdown (redact/mask/block), block-message textarea for block action, entity-type chips for PII detection, and output-filter toggle, persisted via `useEditMentorJsonMutation` to the `/settings/` endpoint - **Advanced Chat SDK integration** — full agent surface (message stream, canvas, file attach, voice, prompt gallery) rendered directly in Next.js host apps via in-process Chat component with ServiceWorkerProvider wrapping and Redux slice integration - **Initial prompt auto-injection** — new boolean `agent_autoplay` configuration with autoplay icon on course content pages for automatic TTS playback of agent responses ### Data Model - **Privacy router types and constants** — `PrivacyAction`, `PrivacyEntityType`, `MentorPrivacySettings` schemas with `SUGGESTED_PRIVACY_ENTITIES` and `DEFAULT_PRIVACY_RESPONSE` configurations - **Periodic agents API slice** — `useGetPeriodicAgentLogsListQuery` and `useDeletePeriodicAgentMutation` for task lifecycle management with cron parsing utilities - **Monetization owner logic updates** — refined `enable_monetization` flag enforcement with management tab descriptions for paywall configuration ### Security - **Dependency updates** — refreshed npm and Rust dependencies to current patched releases as part of routine maintenance - **Node.js 20 LTS upgrade** — theme build infrastructure moved from EOL Node 16 to active LTS, with dependency overrides aligned to patched releases ## Backend - **CRM Identity slice v1.0.0** — new `/api/crm/` namespace with Person and Organization CRUD endpoints, `POST /api/crm/persons/{id}/invite/` for platform invitations, `POST /api/crm/persons/{id}/link-user/` for manual User binding, and `POST /api/crm/persons/merge/` for duplicate consolidation - **Text-to-speech endpoint** — `GET /api/ai-mentor/orgs/{org}/users/{user_id}/chat-messages/{chat_message_id}/tts/` returns MP3 audio synthesized from message text using the mentor's configured TTS provider (OpenAI/Google) - **Evaluation system enhancements** — dataset items include `trace_input`/`trace_output` via `?include_trace=true`; experiment detail carries `input`/`expected_output`/`actual_output`/`trace_id`/`error`/`scores` in unified responses - **LLM-as-Judge endpoints** — `GET /evaluations/datasets/{ds}/runs/{run}/evaluate/` for per-run status and `GET /evaluations/judges/` for tenant-wide judge monitoring with full lifecycle tracking via `EvaluationTaskRecord` table ### Data Model - **RBAC action catalog** — `GET /api/core/rbac/actions/tree/` hierarchical action tree for autocomplete UIs and `GET /api/core/rbac/actions/definitions/` flat action dictionary with descriptions and assignable resources - **Platform monetization separation** — new `Platform.enable_monetization` boolean distinct from `show_paywall` for Stripe Connect merchant capability with owner change audit logging via `data["owner_change_log"]` JSONField - **Notification template taxonomy** — Content/Audience/Action metadata dimensions stored as prefixed tags with admin filters for template catalog organization - **Voice provider configuration** — `Mentor.voice_provider` field (OpenAI/Google) with read/write access on mentor settings endpoints for TTS and LiveKit call integration ### Security - **Integration credential access control** — sensitivity-aware serializers that mask sensitive credential fields and scope access by role - **Backend security review** — routine hardening across data-access and endpoint authorization paths, with added input validation and Docker base-image package updates to current patched releases ## Infrastructure - **LiveKit agent tool integration** — call agents receive mentor's configured Langchain tools via `CallAgentToolFetcher` with `BaseTool.ainvoke` async execution and `ToolError` translation - **Managed claw cost reconciliation** — `ReconciliationService` fetches usage via WebSocket RPC alongside ClickHouse data for complete billing reconciliation with source breakdown metadata - **Langfuse direct database access** — performance optimization using `managed=False` reflection models eliminating per-row HTTP fan-out for experiment detail queries - **Tenant platform launcher** — `ibl_tenant_platform` ansible role creates Platform + admin User + UserPlatformLink via `run_launch_steps` when `PLATFORM_NAME` set, with generated admin password surfaced through `IBLAI_FIXTURE_OUTPUT` pipeline - **Single-server safety defaults** — 100GB minimum volume floor with Pydantic validation, 32GB memory warnings suggesting 64GB instances, and `IBL_SPA.MENTOR.STRIPE_ENABLED=false` defaults - **Microsoft SSO completeness** — `microsoft_sso_config` patches `IBL_SPA.AUTH.EXTERNAL_IDP_LOGOUT_URL` and `IBL_DIRECT_SSO_URL` with tenant ID fallback and Auth/Mentor SPA restarts - **SPA wait budget optimization** — increased from 150s to 450s (7.5 min) for cold-start pnpm install completion preventing false-negative provision failures ### API Changes - **DM field encryption documentation** — comprehensive operator guide for `IBL_DM.FIELD_ENCRYPTION_KEY` provisioning, Fernet dual-write pattern, and data-loss-aware key rotation runbook - **Langfuse project ID propagation** — `IBL_DM.LANGFUSE_PROJECT_ID` config key with default `ibl_ai` injected into all DM containers for project identification - **Course metadata flags** — `agent_content_mode`, `course_content_mode`, and `agent_autoplay` added to `COURSE_METADATA_KEYS` allowlist and public API exposure ## Documentation - **Agent chat integration skill** — comprehensive documentation for rendering the SDK's in-process Chat component with peer dependency setup, ServiceWorkerProvider wrapping, Redux slice integration, and full props reference - **Agent privacy skill** — PII detection and filtering documentation with redact/mask/block action configurations and UI workflow examples - **Monetization skill implementation** — complete skill covering Stripe Connect onboarding, paywall configuration, pricing management, and admin interface workflows - **Skill infrastructure improvements** — updated agent chat skill with known-issues solutions; removed deprecated iblai-chat skill in favor of direct SDK integration ## REST API Changelog ### New Endpoints - `GET /api/ai-mentor/orgs/{org}/users/{user_id}/chat-messages/{chat_message_id}/tts/` — Text-to-speech synthesis for stored chat messages using mentor's configured voice provider - `GET /api/ai-mentor/orgs/{org}/users/{user_id}/evaluations/judges/` — LLM-as-Judge endpoint for tenant-wide evaluation monitoring