Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.second.so/llms.txt

Use this file to discover all available pages before exploring further.

Second is a governed workspace platform that lets every team ship purpose-built internal software — collaborative apps designed from the ground up for humans and AI agents to work together. Prompt an app, and Second generates a full internal interface — already deployed in your workspace, with a real-time database, permissions, and audit logs out of the box. Every app treats agents as first-class citizens: they read and write to the same live database as your team, get scoped tools to do real work, and collaborate alongside humans on the same UI.
Think of it as an internal, secure, and collaborative Lovable that runs on-prem — purpose-built for long-running, asynchronous work with AI agents.
The platform follows a zero-trust architecture for agents. No agent is granted implicit access to anything — every capability, data collection, and integration must be explicitly declared, scoped, and approved before an agent can act. For enterprise review, start with Enterprise Deployment and Security. It covers customer-owned auth and OAuth apps, agents.json approval, secret injection, tenant isolation, and auditability.
Need help with secure deployment, cost management, runtime setup, or production support? Contact sales@second.so.
Run it locally from source in minutes, then plug in an external auth provider when you’re ready to deploy.

Try it

npm --prefix apps/web install
npm --prefix apps/worker install
npm run dev
The dev script starts local infrastructure and writes the actual app URL to .second-dev.txt. Walk through onboarding, then type a prompt and click Build to see the agent work. For the full developer setup, see Quickstart.

What you get

CapabilityWhat it means
AI agent that builds appsType a prompt → agent writes code, runs commands, iterates
App agents with custom toolsApps trigger scoped AI agents that call external APIs (HubSpot, Slack, etc.) with secure secret injection
Draft/review governanceDraft edits, agent permissions, integrations, and published snapshots stay under admin/owner control
Audit logsOwners/admins can inspect workspace-scoped governance, agent, integration, and app-data changes without exposing secrets or payloads
Live data persistenceApps persist data in MongoDB via useCollection/useDoc — live updates via Change Streams
Async agent executionAgents run in the background and write results to the app’s database — even after the user closes their browser
Real-time streamingSee text, tool calls, and reasoning appear as they happen
Workspace-scoped dataEvery record belongs to exactly one workspace
Membership enforcementAPI access requires proven membership
Pluggable authLocal none mode for development, external mode for production
Local Claude authUses your existing claude login — no API key needed for local dev
Provider-agnostic designClaude today, extensible to other agent providers

How it works

Browser (useChat) → Next.js API → Worker (Claude Agent SDK) → streams back
  1. User types a prompt in the composer and clicks Build.
  2. An app and run are created in MongoDB.
  3. The browser navigates to the app page.
  4. useChat sends the prompt to the chat API route.
  5. The API route connects to the worker, which starts a Claude agent session.
  6. The worker streams raw SDK events back to Next.js.
  7. Next.js translates them into the AI SDK UIMessageStream protocol.
  8. The browser renders text, tool calls, and reasoning in real time.
  9. The agent edits a Vite + React + TypeScript workspace and calls done_building — the worker runs npm run build.
  10. The frontend fetches live workspace files through the web API (which proxies to the worker) and renders a sandboxed iframe preview.
  11. When the agent finishes, messages and source snapshots are persisted to MongoDB.
  12. Persisted source snapshots are used for recovery/rehydration after worker churn; live preview reads come from the worker filesystem.

Next steps

  • Quickstart — run locally and build your first app
  • Enterprise Deployment and Security — customer-owned auth, OAuth apps, app-scoped credentials, agents.json, and app-agent governance
  • Architecture — system overview with diagrams
  • App Governance — draft vs published snapshots, review flow, and governed agent config
  • Audit Logs — workspace audit schema, redaction, permissions, and event coverage
  • Agent System — worker, bridge, and provider abstraction
  • App Agents — how apps trigger AI agents with custom tools
  • App Data — live data persistence with MongoDB and Change Streams
  • Integrations — API secrets, custom HTTP tools, and mock data
  • Streaming — the two-hop streaming protocol in detail
  • Authentication — local vs external auth modes
  • Product Analytics — PostHog capture, anonymization, and opt-out behavior
  • Self-hosting — deploy to production
  • App Preview — artifact preview pipeline, build step, iframe rendering, and source file persistence
  • Contributing — help improve Second