Configuration

Aethyr is configured in layers—platform, organization, and individual agent. Most teams manage day-to-day settings in the Console; deployment-level options are set with your team during onboarding.

Platform

Deployment mode, connectivity, and which model providers are available.

Organization

Default model, base instructions, integrations, and feature toggles for your team.

Agent

Per-agent model, instructions, tool access, and execution limits.

Model Providers

Aethyr orchestrates multiple model providers and routes each request to the right one. You choose which providers are enabled for your deployment and which models agents use by default.

Supported providers

Anthropic (Claude), Google (Gemini), and local open models. Local models let a deployment run inference entirely on its own hardware with no external calls.

Model selection & behavior

  • • Set a default model per organization, and override it per agent.
  • • Tune generation behavior—temperature and maximum response length—at the organization or agent level.
  • • Lighter, faster models can be assigned to internal steps like routing and classification, separately from the model that drafts user-facing responses.

No-egress (air-gapped) mode

For sovereign and air-gapped deployments, a no-egress mode pins every request to local models so that no prompt or data ever leaves your infrastructure—regardless of any cloud credentials present.

Tools & Integrations

Agents reach external systems through MCP integrations. Integrations are registered per organization and isolated between tenants.

  • Register any MCP-compatible integration to your organization.
  • Scope tool access per agent with allow and deny lists, so each agent only sees the tools it should.
  • Authenticate securely— integration credentials are stored encrypted and never exposed to the agent.

See the MCP Tools guide for details.

Access & Org Settings

Each organization configures its own base instructions, feature toggles, and access policy. Access is governed by privilege-based access control (PBAC) with organization-level isolation.

  • • Organization-wide base instructions and custom guidance for agents.
  • • Feature toggles—for example, web search, tool use, and content filtering.
  • • Roles and privileges that determine what each user and agent can do.

Deployment & Environment

Deployment-level settings—connection details, provider credentials, deployment mode, and secrets—are supplied through environment configuration and a secrets manager, not stored in the application. These are set up with your team during onboarding and kept out of the Console UI.

Secrets are never committed to source control or embedded in deployment manifests. Connection strings and credentials live in your secrets manager. See the Deployment Guide for the self-host setup.