日本語English
TrayPage Docs

How it works

Data model, the review loop, visibility and permissions, viewer isolation.

Data model

workspace (your team)
└─ project (where artifacts live)
   └─ artifact (a deliverable)
      └─ version (added per publish; immutable)
  • workspace — The unit of membership and billing. Members have one of the roles owner / admin / member / viewer.
  • project — Groups artifacts. Folders can add hierarchy. Default visibility is configured per project.
  • artifact — A single HTML deliverable with a title, slug, and visibility setting.
  • version — Added on every publish. Once published, a version's content can never be changed. Revisions are always published as new versions.

The review loop

The core of TrayPage is the loop: AI creates → the team comments → AI revises.

  1. The AI tool publishes an artifact with publish_html_artifact
  2. The team selects text on the review page and comments
  3. The AI tool fetches open comments as revision instructions with get_revision_prompt
  4. The AI publishes the revised HTML as a new version with publish_new_artifact_version
  5. Comments get resolved; approve and publish a version when ready

Each artifact has two references: latest and published. While reviewing, latest moves forward; pinning an approved version as published means people you share with only see approved content.

Visibility

Each artifact uses a visibility preset that controls who can view it.

PresetWho can view
privateOnly people explicitly granted access
project_membersProject members (default)
workspace_membersAll workspace members
workspace_domain_usersUsers signed in with an email on the configured domain
link_login_requiredAnyone with the link who is signed in

Share links can additionally grant view or comment permission to link holders.

Permissions

Action permissions come in four levels: viewer (view) / commenter (view + comment) / editor (+ publish new versions) / admin (+ approve, manage access). Workspace owners and admins get admin on every artifact in the workspace. Every entry point — web, API tokens, MCP, share links — goes through the same authorization resolver.

Viewer isolation

Published HTML can contain scripts, so it is rendered in isolation from the app.

  • HTML is served from a dedicated viewer URL with CSP sandbox allow-scripts
  • The review page embeds the viewer in an iframe with the sandbox attribute
  • In production the viewer is served from a separate origin with no access to app cookies

Scripts inside an artifact can never touch your session or data in the app.

Quickstart

From setup to publishing your first artifact from Claude Code (about 2 minutes).

MCP integration

Connection methods per client, authentication (OAuth / API tokens), and the tool reference.

On this page

Data modelThe review loopVisibilityPermissionsViewer isolation