Summary
For enterprise users who want to strictly restrict AI usage to approved models (e.g., self-hosted or managed internal endpoints), the opencode provider (OpenCode Zen) is forcefully re-enabled on every launch and cannot be disabled through the UI.
To Reproduce
- Remove "OpenCode Zen" from the AI Providers list.
- Restart the application or start a new chat.
- OpenCode Zen reappears in the provider list.
Expected behavior
Users should be able to permanently disable the OpenCode Zen provider locally so that only configured providers are used.
Actual behavior
The app forcefully re-enables it on boot. Looking at the source code (desktop-app-restrictions.ts), this is gated by the blockZenModel restriction. However, this is treated as a cloud-only organization policy and defaults to false for local usage. There is no UI toggle to turn it off locally.
This is a serious problem for companies that want to run OpenWork in a completely self-hosted, air-gapped, or strictly compliant environment where data cannot be sent to unauthorized third-party models. Not being able to disable Zen locally defeats the purpose of bring-your-own-model for enterprise security.
Workaround: Manually spoofing the cloud config cache via DevTools: localStorage.setItem('openwork.den.desktopConfig:https://app.openworklabs.com::', JSON.stringify({ blockZenModel: true })) works, but a proper UI toggle or opencode.jsonc setting is needed for local deployments.
Summary
For enterprise users who want to strictly restrict AI usage to approved models (e.g., self-hosted or managed internal endpoints), the
opencodeprovider (OpenCode Zen) is forcefully re-enabled on every launch and cannot be disabled through the UI.To Reproduce
Expected behavior
Users should be able to permanently disable the OpenCode Zen provider locally so that only configured providers are used.
Actual behavior
The app forcefully re-enables it on boot. Looking at the source code (
desktop-app-restrictions.ts), this is gated by theblockZenModelrestriction. However, this is treated as a cloud-only organization policy and defaults tofalsefor local usage. There is no UI toggle to turn it off locally.This is a serious problem for companies that want to run OpenWork in a completely self-hosted, air-gapped, or strictly compliant environment where data cannot be sent to unauthorized third-party models. Not being able to disable Zen locally defeats the purpose of bring-your-own-model for enterprise security.
Workaround: Manually spoofing the cloud config cache via DevTools:
localStorage.setItem('openwork.den.desktopConfig:https://app.openworklabs.com::', JSON.stringify({ blockZenModel: true }))works, but a proper UI toggle oropencode.jsoncsetting is needed for local deployments.