Secure Satellite Registration Now Live

Previously, any satellite could register with our backend without authorization - essentially allowing unauthorized access to your organization's AI tools. This update introduces a secure token-based pairing system that puts you in complete control of which satellites can connect to your DeployStack instance.

How it works now: Administrators generate unique registration tokens through the DeployStack dashboard, similar to how you'd create API keys for other services. These tokens are then used during satellite deployment to securely pair the satellite with your backend. Once paired, satellites receive permanent API keys and store them locally, so they only need the registration token during the initial setup. Think of it like pairing a new device with your WiFi network - you enter the password once, and it remembers the connection.

What this means for existing satellites: Your current satellites continue working exactly as before with no interruption. However, any new satellites you deploy will require a registration token from your admin dashboard. This gives you visibility into every satellite in your infrastructure and prevents unauthorized satellites from accessing your AI tools. You can generate tokens for global satellites (managed by DeployStack) or team-specific satellites (deployed in your own infrastructure), and you can revoke unused tokens if needed.

The security upgrade: We've implemented cryptographically signed JWT tokens that expire automatically and can only be used once. Every satellite pairing attempt is logged for audit purposes, and we've added comprehensive German error messages to guide operators through any issues. This change represents our commitment to enterprise-grade security while maintaining the simplicity that makes DeployStack easy to use - you still just add a URL to VS Code, but now that URL is backed by properly authenticated infrastructure.