RBAC

RBACData

Access control information for resources.

type RBACData {
  type: String!       # "public" | "private" | "users" | "roles"
  users: [RBACUser!]
  roles: [RBACRole!]
}

type RBACUser {
  id: ID!
  rights: String!     # "read" | "write"
}

type RBACRole {
  id: ID!
  rights: String!     # "read" | "write"
}

RBACInput

Input type for setting RBAC permissions.

input RBACInput {
  users: [RBACUserInput!]
  roles: [RBACRoleInput!]
}

input RBACUserInput {
  id: ID!
  rights: String!     # "read" | "write"
}

input RBACRoleInput {
  id: ID!
  rights: String!     # "read" | "write"
}

RBAC Modes

Public Mode

Resource is accessible to all authenticated users:

{
  RBAC: {
    type: "public"
  }
}

Private Mode

Resource is only accessible to creator:

{
  RBAC: {
    type: "private"
  }
}

User-Based Access

Grant specific users access:

mutation {
  agentsCreateOne(
    input: {
      name: "Private Agent"
      RBAC: {
        users: [
          { id: "user-123", rights: "write" }
          { id: "user-456", rights: "read" }
        ]
      }
    }
  ) {
    item {
      id
      RBAC {
        type
        users {
          id
          rights
        }
      }
    }
  }
}

Role-Based Access

Grant role-based access:

mutation {
  agentsUpdateOneById(
    id: "agent-123"
    input: {
      RBAC: {
        roles: [
          { id: "developer", rights: "write" }
          { id: "viewer", rights: "read" }
        ]
      }
    }
  ) {
    item {
      id
      RBAC {
        roles {
          id
          rights
        }
      }
    }
  }
}

Permission Rights

read - Can view the resource
write - Can view and modify the resource

RBAC Hierarchy

super_admin - Full access to all resources
Role permissions - Access based on user’s role
Resource RBAC - Specific resource-level permissions
Creator - Special access for resource creator

User Management

Users and roles

Agent Types

Agent access control

Session Types

Session access control

Back to Overview

View all core types

Getting started

Core classes

Frontend

GraphQL API

Core Types

RBACData

RBACInput

RBAC Modes

Public Mode

Private Mode

User-Based Access

Role-Based Access

Permission Rights

RBAC Hierarchy

User Management

Agent Types

Session Types

Back to Overview

Getting started

Core classes

Frontend

GraphQL API

Core Types

​RBACData

​RBACInput

​RBAC Modes

​Public Mode

​Private Mode

​User-Based Access

​Role-Based Access

​Permission Rights

​RBAC Hierarchy

​Related Types

User Management

Agent Types

Session Types

Back to Overview

RBACData

RBACInput

RBAC Modes

Public Mode

Private Mode

User-Based Access

Role-Based Access

Permission Rights

RBAC Hierarchy

Related Types