Fluxgate Docs
Dashboard

RBAC (Role-Based Access Control)

Define custom roles with granular permissions, assign users, and scope API keys to specific capabilities.

What is RBAC?

RBAC lets you control who can do what on your platform. Create roles (admin, developer, viewer), define what each role can access, and assign users to roles.

Create a Role

Create Rolebash
curl -X POST http://localhost:8000/api/v1/rbac/roles \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -d '{
    "name": "developer",
    "description": "Can create and manage agents, tools, and runs",
    "permissions": [
      "agents:read", "agents:create", "agents:update",
      "tools:read", "tools:create",
      "runs:read", "runs:create",
      "memory:read", "memory:write"
    ]
  }'

Assign Users to Roles

Assign Rolebash
curl -X POST http://localhost:8000/api/v1/rbac/assignments \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -d '{ "user_id": "USER_ID", "role_id": "developer" }'

API Key Scoping

Scope API keys to specific roles so different keys have different permissions:

Create Scoped API Keybash
curl -X POST http://localhost:8000/api/v1/rbac/api-keys \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -d '{ "name": "ci-cd-key", "role": "developer", "expires_in_days": 30 }'

Default Roles

ACP ships with default roles: admin (full access), developer (create/manage agents), and viewer (read-only). Customize these or create new roles as needed.

Previous
Secrets
Next
Governance