Egress SDK reference

Side-by-side reference for every egress security method across all five MIOSA SDKs. Use this as a lookup table - for conceptual background, see the individual feature pages.

Secrets

secrets.set - Store a secret

secrets.list - List secrets on a sandbox

Returns metadata only. The value field is never returned.

secrets.rotate - Update a secret’s value

The placeholder token is unchanged. All sandboxes using this secret pick up the new value on their next request.

secrets.delete - Remove a secret

Removes the binding. The sandbox’s env var is unset on the next exec.

Connect Accounts (OAuth)

secrets.connect - Initiate an OAuth flow

secrets.reauthorize - Re-run an OAuth flow for an existing connection

Use when a token was revoked or scopes changed.

Network Allowlist

network.allow - Add a host to the allowlist

network.deny - Explicitly block a host

Deny rules win over allow rules.

network.lockdown and network.observe

network.suggestions - Hosts observed in a time window

network.pending - Blocked hosts since lockdown

network.get_policy - Inspect current mode and rules

Audit Log

audit.list - Query audit events

audit.tail - Live stream of audit events

Blocks and yields events as they arrive over a WebSocket.

audit.export - Export as CSV or JSON

Tenant-level methods

Some operations apply across your entire tenant rather than a single sandbox. These use client rather than sandbox.

client.secrets.set - Scope a secret at tenant or workspace level

client.audit.list - Tenant-wide audit query

Same parameters as sandbox.audit.list plus optional external_user_id / external_workspace_id filter.

See also

• Secrets - Quickstart
• Connect Accounts
• Network Allowlist
• Audit Log
• Security troubleshooting