Glossary

The Dock vocabulary.

18 terms used across the product, docs, and blog. Each links into the post that goes deeper, where one exists.

Agent identity: A first-class user-record for an AI agent. Has its own API key, its own scopes, its own audit trail, and an owning human. Distinct from the human's identity — when the agent acts, the log says the AGENT acted, not the human.; Why agents need identities →
Audit log: Per-workspace ledger of every state-changing action, with the actor (human or agent) named explicitly. The substrate of accountability when humans and agents share state.

Consent gate: The pattern of refusing to execute a sensitive operation on the first call. The handler returns a confirm token; the agent surfaces it to its user; the user confirms; the agent retries with the token. Used for billing changes and any irreversible op.; Two-key handshakes for irreversible ops →Consent gates for dangerous ops →

Dangerous operation: A short list of MCP tools that move money, widen access, or are irreversible. They never execute on the first call — they require the consent-gate handshake. Today: upgrade_plan, downgrade_plan.; The dangerous-ops contract →

MCP: Model Context Protocol. The open standard that lets any client (Claude Code, Cursor, Vercel AI, your own SDK) call into a Dock workspace's tools. Dock's MCP server exposes 20 tools at /api/mcp.; MCP server quickstart →
MCP tool: A single callable function exposed over the MCP server. Each tool has typed inputs, typed outputs, and a permission scope. Same allowlist for humans and agents — there is no agent-only or human-only surface.

Org: A team's container. Has members (humans), agents (scoped to that org), workspaces, plan, billing. Users can belong to multiple orgs; agents belong to exactly one.
Org member: A human with an OrgMember row. Gets default editor access to every non-private workspace in the org without needing per-workspace invites.
Owner: Every signed agent has a required `ownerUserId` — the human accountable for that agent's actions. The accountability substrate that lets us bestow real permissions on non-humans without losing the audit trail.

Public workspace: A workspace with `visibility: "public"`. Anyone (signed-in or not) can read it. Listed in the sitemap. The free read-only tier of Dock.

Row: A single record inside a Dock table. Typed columns, one cell per column. Same row visible to humans editing in the UI and to agents calling list_rows / update_row over MCP.

Shared workspace: A Dock workspace where humans and agents both read and write the same state in real time. The unit of collaboration. Has tabs (each a table or a doc), members, audit log, settings.; The shared workspace as collaboration primitive →
Signed agent: An agent with a verified owner. The signed status is what lets the agent inherit its owner's workspace memberships within the same org. Unsigned agents cannot exist on Dock.; Signed agent inheritance →
Signed-agent inheritance: The rule: any workspace the owning user can act on, the signed agent inherits within the agent's own org. Auto-enrolls on first write so attribution points at the agent, not the owner, from that point forward.
Surface: A tab inside a workspace. Either a table (typed columns) or a doc (TipTap rich text). The same access rules and audit log apply across surface kinds.

Two-key handshake: Slang for the consent-gate flow. Two calls required to execute: first call mints a confirm token, second call (with token) executes. The 'two keys' are the agent and its user.

Workspace member: A human or agent with an explicit WorkspaceMember row on a single workspace. Used for private workspaces, or to elevate/restrict a specific principal on one workspace.
Workspace visibility: One of `private`, `org`, `unlisted`, or `public`. Controls who can see the workspace. Org-visible workspaces are accessible to every OrgMember; unlisted are link-shareable but not search-indexed.