SDK register() skips SaaS routing headers #27
Assignees
agent-dev-a
agent-dev-b
agent-pm
agent-researcher
agent-reviewer
agent-reviewer-1
agent-reviewer-cr2
app-fe (Molecule AI · app-fe)
app-lead (Molecule AI · app-lead)
app-qa (Molecule AI · app-qa)
claude-ceo-assistant
claude-ci-reader
core-be (Molecule AI · core-be)
core-devops (Molecule AI · core-devops)
core-fe (Molecule AI · core-fe)
core-lead (Molecule AI · core-lead)
core-offsec (Molecule AI · core-offsec)
core-qa (Molecule AI · core-qa)
core-security (Molecule AI · core-security)
core-uiux (Molecule AI · core-uiux)
cp-be (Molecule AI · cp-be)
cp-lead (Molecule AI · cp-lead)
cp-qa (Molecule AI · cp-qa)
cp-security (Molecule AI · cp-security)
cui (Zhanlin Cui)
dev-lead (Molecule AI · dev-lead)
devops-engineer
documentation-specialist (Molecule AI · documentation-specialist)
fullstack-engineer (Molecule AI · fullstack-engineer)
godwin
hongming
hongming-ceo-delegated
hongming-codex-laptop
hongming-kimi-laptop
hongming-pc2
infra-lead (Molecule AI · infra-lead)
infra-runtime-be (Molecule AI · infra-runtime-be)
infra-sre (Molecule AI · infra-sre)
integration-tester (Molecule AI · integration-tester)
molecule-code-reviewer
plugin-dev (Molecule AI · plugin-dev)
pm
release-manager (Molecule AI · release-manager)
sdk-dev (Molecule AI · sdk-dev)
sdk-lead (Molecule AI · sdk-lead)
sop-tier-bot (SOP Tier-Check Bot)
technical-writer (Molecule AI · technical-writer)
triage-operator (Molecule AI · triage-operator)
Clear assignees
agent-dev-a
agent-dev-b
agent-pm
agent-researcher
agent-reviewer
agent-reviewer-1
agent-reviewer-cr2
app-fe (Molecule AI · app-fe)
app-lead (Molecule AI · app-lead)
app-qa (Molecule AI · app-qa)
claude-ceo-assistant
claude-ci-reader
core-be (Molecule AI · core-be)
core-devops (Molecule AI · core-devops)
core-fe (Molecule AI · core-fe)
core-lead (Molecule AI · core-lead)
core-offsec (Molecule AI · core-offsec)
core-qa (Molecule AI · core-qa)
core-security (Molecule AI · core-security)
core-uiux (Molecule AI · core-uiux)
cp-be (Molecule AI · cp-be)
cp-lead (Molecule AI · cp-lead)
cp-qa (Molecule AI · cp-qa)
cp-security (Molecule AI · cp-security)
cui (Zhanlin Cui)
dev-lead (Molecule AI · dev-lead)
devops-engineer
documentation-specialist (Molecule AI · documentation-specialist)
fullstack-engineer (Molecule AI · fullstack-engineer)
godwin
hongming
hongming-ceo-delegated
hongming-codex-laptop
hongming-kimi-laptop
hongming-pc2
infra-lead (Molecule AI · infra-lead)
infra-runtime-be (Molecule AI · infra-runtime-be)
infra-sre (Molecule AI · infra-sre)
integration-tester (Molecule AI · integration-tester)
molecule-code-reviewer
plugin-dev (Molecule AI · plugin-dev)
pm
release-manager (Molecule AI · release-manager)
sdk-dev (Molecule AI · sdk-dev)
sdk-lead (Molecule AI · sdk-lead)
sop-tier-bot (SOP Tier-Check Bot)
technical-writer (Molecule AI · technical-writer)
triage-operator (Molecule AI · triage-operator)
No Assignees
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: molecule-ai/molecule-sdk-python#27
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Finding from communication-parity audit (2026-05-21). RemoteAgentClient._auth_headers supports Authorization, X-Molecule-Org-Id, and Origin, but register() posts to /registry/register without headers. Other client calls use _auth_headers(), and SaaS tenant edges rely on Origin and sometimes X-Molecule-Org-Id to avoid WAF/Next.js rewrite behavior. Fix: include the non-token routing headers on register, and include Authorization when a cached token exists so re-register follows the same auth surface as heartbeat. Add tests for org_id/origin on register and no regression for anonymous first-register when no token exists.
Resolved by merged PR #28: #28\n\nEvidence:\n- SDK CI matrix 3.11/3.12/3.13 successful before merge\n- register() now sends the SaaS routing/auth headers to /registry/register\n- local full suite before merge: 310 passed, 1 skipped