Platform
ScaiWave ScaiGrid ScaiCore ScaiBot ScaiDrive ScaiKey Models Tools & Services
Solutions
Organisations Developers Internet Service Providers Managed Service Providers AI-in-a-Box
Resources
Support Documentation Blog Downloads
Company
About Research Careers Investment Opportunities Contact
Log in

Incognito and restricted rooms

Most rooms are stored, searchable, and contribute to AI context. For sensitive conversations — incident response, hiring, legal, anything under embargo — you want the opposite.

Incognito rooms#

An incognito room (scope_kind=incognito) has different rules:

  • Not indexed. Every event carries do_not_index=True, so the message never reaches Weaviate. Search will never surface it.
  • Not summarised. Conversation summaries skip incognito rooms.
  • Not in future AI context. Even when the same AI joins another room and consults its memory plugin, incognito-room content is excluded from retrieval.
  • No training data export. The GDPR / training-data export jobs skip incognito rooms.
  • Auto-close on leave (optional). When configured, the room closes the moment the spawner leaves it, hard-deleting events rather than archiving.

Create one from the + New room dialog → Mode: Incognito, or with POST /v1/rooms and scope_kind=incognito.

What incognito doesn't do#

  • Not end-to-end encrypted. Messages are still stored on the server in plaintext (in sw_events). The server can see everything. Use a different tool if you need real cryptographic privacy.
  • No federation. Incognito rooms can't be federated — the protocol explicitly refuses.
  • No bridges. Same.
  • No export. The room-export bundle refuses incognito rooms on both ends.

Restricted rooms#

A restricted room is a normal room whose visibility is gated by a role. Set visibility=restricted and read_role_slugs=["incident-response"] at create time; only users in a group that holds the matching role can see it in the directory or be invited.

Use this for "this room exists but only on-call SREs can see it" — the room is fully indexable and searchable, just to a smaller audience.

Combining both#

scope_kind=incognito + visibility=restricted gives you a room that's only visible to a small group and doesn't bleed into search or AI context. This is the strongest available mode short of running the conversation outside the system entirely.

Audit#

Incognito rooms still log to the audit table — admin actions (create, close, kick) are recorded — but message bodies are not. A compliance team can see "Alice created an incognito room with Bob on Tuesday" without seeing what they said.

Where to go next#

  • API: Roomsscope_kind parameter.
  • Reference: Configuration — tenant-level overrides for incognito behaviour.
Updated 2026-05-17 13:10:02 View source (.md) rev 3