This page covers long-term memory: memory that persists across conversations. For short-term memory (conversation history and scratch files within a single session), see the context engineering guide. Short-term memory is managed automatically as part of the agent’s state.

How memory works
- Point the agent at memory files. Pass file paths to
memory=when creating the agent. You can also pass skills viaskills=for procedural memory (reusable instructions that tell the agent how to perform a task). A backend controls where files are stored and who can access them. - Agent reads memory. The agent can load memory files into the system prompt at startup, or read them on demand during the conversation. For example, skills use on-demand loading: the agent reads only skill descriptions at startup, then reads the full skill file only when it matches a task. This keeps context lean until a capability is needed.
- Agent updates memory (optional). When the agent learns new information, it can use its built-in
edit_filetool to update memory files. Updates can happen during the conversation (the default) or in the background between conversations via background consolidation. Changes are persisted and available in the next conversation. Not all memory is writable: developer-defined skills and organization policies are typically read-only. See read-only vs writable memory for details.
Scoped memory
Agent memory can be scoped so the same memory files are accessible to everyone using the agent or memory files can be individual to each user.Agent-scoped memory
Give the agent its own persistent identity that evolves over time. Agent-scoped memory is shared across all users, so the agent builds up its own persona, accumulated knowledge, and learned preferences through every conversation. As it interacts with users, it develops expertise, refines its approach, and remembers what works. It can also learn and update skills when it has write access. The key is the backend namespace: setting it to(assistant_id,) means every conversation for this agent reads and writes to the same memory file.
Accessing
rt.server_info requires deepagents>=0.5.0. On older versions, read the assistant ID from get_config()["metadata"]["assistant_id"] instead.Full example: seed memory and invoke
Full example: seed memory and invoke
Populate the store with initial memories, then invoke the agent across two threads to see it remember and update what it learns.
User-scoped memory
Give each user their own memory file. The agent remembers preferences, context, and history per user while core agent instructions stay fixed. Users can also have per-user skills if stored in a user-scoped backend. The namespace uses(user_id,) so each user gets an isolated copy of the memory file. User A’s preferences never leak into User B’s conversations.
Full example: isolated memory across users
Full example: isolated memory across users
Seed per-user memories and invoke the agent as two different users. Each user sees only their own preferences.
Advanced usage
On top of the basic configuration options for memory paths and scope, you can also configure more advanced parameters for memory:Episodic memory
Episodic memory stores records of past experiences: what happened, in what order, and what the outcome was. Unlike semantic memory (facts and preferences stored in files likeAGENTS.md), episodic memory preserves the full conversational context so the agent can recall how a problem was solved, not just what was learned from it.
Deep Agents already use checkpointers which is the mechanism that supports episodic memory: every conversation is persisted as a checkpointed thread.
To make past conversations searchable, wrap thread search in a tool. The user_id is pulled from the runtime context rather than passed as a parameter:
Organization-level memory
Organization-level memory follows the same pattern as user-scoped memory, but with an organization-wide namespace instead of a per-user one. Use it for policies or knowledge that should apply across all users and agents in an organization. Organization memory is typically read-only to prevent prompt injection via shared state. See read-only vs writable memory for details.Background consolidation
By default, the agent writes memories during the conversation (hot path). An alternative is to process memories between conversations as a background task, sometimes called sleep time compute. A separate deep agent reviews recent conversations, extracts key facts, and merges them with existing memories.
For most applications, the hot path is sufficient. Add background consolidation when you need to reduce latency or improve memory quality across many conversations.
The recommended pattern is to deploy a consolidation agent alongside your main agent — a deep agent that reads recent conversation history, extracts key facts, and merges them into the memory store — and trigger it on a cron schedule. Pick a cadence that reflects how often your users actually interact with the agent: a chat product with steady daily traffic might consolidate every few hours, while a tool used a handful of times per week only needs to run nightly or weekly. Consolidating much more often than users converse just burns tokens on no-op runs.
Consolidation agent
The consolidation agent reads recent conversation history and merges key facts into the memory store. Register it alongside your main agent inlanggraph.json:
consolidation_agent.py
langgraph.json
Cron
A cron job runs the consolidation agent on a fixed schedule. The agent searches recent conversations and synthesizes them into memory. Match the schedule to your usage patterns so consolidation runs roughly track real activity. Schedule the consolidation agent with a cron job:All cron schedules are interpreted in UTC. See cron jobs for details on managing and deleting cron jobs.
Read-only vs writable memory
By default, the agent can both read and write memory files. For shared state like organization policies or compliance rules, you may want to make memory read-only so the agent can reference it but not modify it. This prevents prompt injection via shared memory and ensures that only your application code controls what’s in the file.
Security considerations: If one user can write to memory that another user reads, a malicious user could inject instructions into shared state. To mitigate this:
- Default to user scope
(user_id)unless you have a specific reason to share - Use read-only memory for shared policies (populate via application code, not the agent)
- Add human-in-the-loop validation before the agent writes to shared memory. Use an interrupt to require human approval for writes to sensitive paths.
Concurrent writes
Multiple threads can write to memory in parallel, but concurrent writes to the same file can cause last-write-wins conflicts. For user-scoped memory this is rare since users typically have one active conversation at a time. For agent-scoped or organization-scoped memory, consider using background consolidation to serialize writes, or structure memory as separate files per topic to reduce contention. In practice, if a write fails due to a conflict, the LLM is usually smart enough to retry or recover gracefully, so a single lost write is not catastrophic.Multiple agents in the same deployment
To give each agent its own memory in a shared deployment, addassistant_id to the namespace:
assistant_id alone if you only need per-agent isolation without per-user scoping.
Connect these docs to Claude, VSCode, and more via MCP for real-time answers.

