Studio persists your workspaces and jobs in Firebase. A runner is a process that authenticates to our cloud API (https://cloud.xenonflare.com), calls leaseWorkspaceJob, loads context, runs your model, then posts results with completeWorkspaceJob or failWorkspaceJob. The dashboard never sends your OpenAI key to us — the worker holds provider credentials on your side.
target: "global". Any runner credentials registered as kind: "global" (usually operated by us or trusted capacity) may lease them. Customers normally use this without creating their own keys.target: "user" for your user id. Only runner instances you create under Settings → Runners (kind user) dequeue these. Use for workloads that must stay on hardware you control.Queued workspace messages count against separate caps for jobs sent to the global pool vs jobs targeted to your private runners. Private-runner targets have higher caps because you bear model inference cost — see Pricing / Terms.
POST .../leaseWorkspaceJob with header Authorization: Bearer <Runner API key> (format credentialId.secret) until leased: true or backoff when the queue is empty.POST .../getWorkspaceRunnerContext with the leased workspaceId.heartbeatWorkspaceJob during long model runs so the lease does not expire.updateWorkspaceRunnerSummary when compressing prior chat into a summary span.completeWorkspaceJob with files, charts, tables, lists, checklists, SVGs, and the final assistant message (see Deliverables), or failWorkspaceJob on error.Accounts default to the global target unless you change default processing queue under Settings. Each workspace stores its own jobTarget; you can override in the composer or workspace settings.
In Settings → Runners, Add runner mints a new instance and shows a one-time runner API key (the same value as runnerToken in the API). Put it in your environment as configured in the open-source README. This key is only for the worker — not your Studio sign-in. Revoking removes the key immediately; create another instance for a replacement.
Creating kind: "global" via the API requires an admins/<yourUid> document in Firestore. Normal customers only use user keys and the shared pool from the product UI.