Quotaflow
llms.txtOpenAPIDashboard
Serverless & Agents

Routing policy

Quotaflow routing has two separate decisions:

  1. Attribution: who the work belongs to.
  2. Execution: whether the request stays local or falls back to a Quotaflow team route.

The organization/payer must be accurate. The project can start as Unknown Project and be cleaned up later.

Resolver order

The MVP local connector resolves context in this order:

  1. Session override: qf use personal or a temporary company hint from qf use <workspace>
  2. Local repo binding: repo_fingerprint -> workspace/project
  3. Git remote pattern
  4. Local directory pattern
  5. Personal/default

Only confirmed repo bindings enable team fallback. Session overrides and suggested matches are labels, not billing authority.

Planned policy extensions such as .quotaflow/context.json and company-managed device defaults should stay disabled until they can fail closed with tests.

Safe defaults

If the connector cannot decide:

This prevents accidental team charges.

Fallback eligibility

Automatic team fallback can happen only when all of these are true:

The connector does not fallback for:

Headers and credentials

The fallback policy helper strips personal provider credentials from headers and JSON bodies before building a cloud fallback request. Quotaflow cloud should receive only the Quotaflow relay token and minimum routing context.

The current qfd proxy surface is still an MVP skeleton. Until your dashboard policy explicitly enables cloud fallback for a device/project, treat qf run as a context launcher and local audit helper, not as a global proxy for every provider request.

Dashboard policy

Use the dashboard to manage:

For usage concepts, see Personal vs Team usage.