On this page

Managed connectors for sandbox agents

MIOSA agents should build inside MIOSA sandboxes or computers. The local CLI or MCP client should orchestrate the work; the sandbox/computer should be where the agent writes files, installs packages, runs commands, previews apps, and produces artifacts.

Managed connectors give those in-VM agents tools without asking every client to bring vendor credentials.

Default flow

Create a sandbox with enough time for active agent work:

miosa sandbox create 
  --template nextjs 
  --auto-start 
  --publish-port 3000 
  --wait 
  --timeout 1h 
  --json

Attach Refero Design Research:

miosa sandbox connectors attach <sandbox-id> refero/design-research 
  --env REFERO_MCP_TOKEN 
  --json

Run the agent inside /workspace:

miosa sandbox prompt <sandbox-id> 
  --provider claude 
  --connector refero/design-research 
  --preflight 
  --cwd /workspace 
  --json 
  -- "Research product references, build the page, run tests, and leave files in /workspace"

For direct tool use, the same sandbox can be edited with file and command commands:

miosa sandbox write-file <sandbox-id> /workspace/app/page.jsx ./page.jsx --json
miosa sandbox exec <sandbox-id> --cwd /workspace --json -- npm run build
miosa sandbox wait <sandbox-id> --port 3000 --timeout 180 --json

How the token works

The sandbox receives a brokered placeholder:

REFERO_MCP_TOKEN=miosa-tok-...

The real provider token stays encrypted in MIOSA-controlled infrastructure. The egress proxy swaps the placeholder only for the provider endpoint it belongs to, for Refero:

https://api.refero.design/mcp

That means:

  • clients do not paste the Refero token,
  • the token is not shown by miosa connectors list,
  • miosa connectors token refero/design-research does not return the token,
  • sandbox code can still use normal environment-variable based MCP config.

MCP config inside the sandbox

Use the brokered env var in the agent’s MCP configuration:

[mcp_servers.refero]
enabled = true
url = "https://api.refero.design/mcp"

[mcp_servers.refero.http_headers]
Authorization = "Bearer ${REFERO_MCP_TOKEN}"

Tenant-provided connectors

When MIOSA does not provide a connector, tenants can still bring their own:

printf '%s' "$ANTHROPIC_API_KEY" 
  | miosa connectors create anthropic 
      --name workspace-claude 
      --stdin 
      --json

miosa sandbox connectors attach <sandbox-id> anthropic/workspace-claude 
  --env ANTHROPIC_API_KEY 
  --json

Which runtime should I use?

Sandbox

Agent coding, generated files, tests, package installs, live preview, and publish prep.
Computer

Persistent desktop or VM workflows, browser/GUI tasks, SSH, and long-running operator sessions.
Docker Deploy

Durable app containers on a workspace appliance host after the sandbox-built app is ready.

Was this helpful?