Concepts

OneQuery keeps production credentials behind a governed interface. Callers use source identifiers; OneQuery handles credentials, limits, execution, and audit history.

The mental model is:

caller -> source identifier -> OneQuery gateway -> provider -> bounded result

Governed access How OneQuery separates agents from credentials and production authority.

Source identifiers How connected sources become addresses like postgres://warehouse.

Query boundaries What OneQuery validates and limits before a query reaches a source.

Audit history What operators should expect to review after a query or API request runs.