backbend

Account and billing

Identity, security, pricing, and how to wipe your data.

Account

Settings

Open the user menu (bottom-left of the sidebar) and click Settings. From there you can edit:

  • Display name, avatar, timezone.
  • About-you profile sections (preferences, projects, constraints): seeded into every agent’s memory.
  • API tokens for the HTTP API.
  • Notification preferences (where we send failure alerts).

Profiles

You can have multiple profiles per account (Main Agent, Personal, Work, …). Switching the active profile changes which agent the home-page chat targets, plus the default memory pack new agents inherit.

Multiple sign-in methods

Link both GitHub and Google to your account so either can sign you in. Manage linked methods in Settings.

Security

Sessions

HttpOnly cookies, opaque tokens, server-side row backing each one. Signing out (or revoking from another device) takes effect immediately because we delete the row.

Encryption at rest

LLM keys, OAuth tokens, MCP server secrets, and browser session cookies are encrypted with Fernet, keyed off a per-account secret. The plaintext only exists in memory while a request is being served.

Allowlist

During early access, only allowlisted accounts can complete sign-in. Even if someone gets through your provider’s OAuth, they hit a 403 here.

Container isolation

Each agent runs in its own container. Tools that touch the filesystem or shell touch thatcontainer only. Never our host or another user’s container.

Audit log

Every privileged action (sign-in, connection add/remove, API token issue, agent delete) lands in an account audit log accessible from Settings. Useful for spotting anything you didn’t do.

Pricing

Backbend is free during early access. You pay your own LLM bills directly to Anthropic / OpenAI / etc. via the API keys you bring; we don’t mark them up.

Post-early-access

Pricing will be usage-based on top of the LLM bill (compute, storage, browser minutes). We’ll publish details before turning it on, and existing users get notice plus a grandfathered tier.

Spend caps

You can set a daily/monthly spend cap per agent and per account. When the cap is hit, agents pause until the next period rolls over (or you raise the cap). Stops a runaway sub-agent from burning your whole month overnight.

Data deletion

Deleting an agent

From the agent’s menu, click Delete. The container is torn down, the memory store is wiped, all task history is removed, and any encrypted secrets the agent had access to (its scope of connections) are unlinked. The main agent can’t be deleted; pause it instead.

Deleting a connection

From Dashboard → Connections, click Disconnect. We revoke the OAuth token at the provider (where supported), delete the stored tokens, and unlink it from every agent.

Deleting your account

Email bradshaw.hyrum@gmail.com with “Delete my account” in the subject. We wipe every agent, connection, key, session, and audit-log entry tied to your account. Confirmation goes out within 24 hours.

What we keep

After account deletion, we retain anonymized billing records and request logs for 90 days for compliance and abuse investigation. No conversation content, no memory, no keys.