Access Control
11 min read
Archestra uses a role-based access control (RBAC) system to manage user permissions within organizations. This system provides both predefined roles for common use cases and the flexibility to create custom roles with specific permission combinations.
Permissions in Archestra are defined using a resource:action format, where:
- Resource: The type of object or feature being accessed (e.g.,
agent,tool,organization) - Action: The operation being performed (
create,read,update,delete,admin)
For example, the permission agent:create allows creating new automation agents, mcpGateway:create allows creating MCP gateways, llmProxy:create allows creating LLM proxies, and organization:read allows viewing organization information.
Predefined Roles
The following roles are built into Archestra and cannot be modified or deleted:
| Role | Description | Granted Permissions |
|---|---|---|
| admin | Full administrative access to all organization resources | organization:readorganization:updateorganization:deletemember:createmember:updatemember:deleteinvitation:createinvitation:cancelteam:createteam:readteam:updateteam:deleteteam:adminac:createac:readac:updateac:deleteagent:createagent:readagent:updateagent:deleteagent:team-adminagent:adminmcpGateway:createmcpGateway:readmcpGateway:updatemcpGateway:deletemcpGateway:team-adminmcpGateway:adminllmProxy:createllmProxy:readllmProxy:updatellmProxy:deletellmProxy:team-adminllmProxy:admintool:createtool:readtool:updatetool:deletepolicy:createpolicy:readpolicy:updatepolicy:deletedualLlmConfig:createdualLlmConfig:readdualLlmConfig:updatedualLlmConfig:deletedualLlmResult:createdualLlmResult:readdualLlmResult:updatedualLlmResult:deleteinteraction:createinteraction:readinteraction:updateinteraction:deleteidentityProvider:createidentityProvider:readidentityProvider:updateidentityProvider:deleteinternalMcpCatalog:createinternalMcpCatalog:readinternalMcpCatalog:updateinternalMcpCatalog:deletemcpServer:createmcpServer:readmcpServer:updatemcpServer:deletemcpServer:adminmcpServerInstallationRequest:createmcpServerInstallationRequest:readmcpServerInstallationRequest:updatemcpServerInstallationRequest:deletemcpServerInstallationRequest:adminmcpToolCall:readconversation:createconversation:readconversation:updateconversation:deletelimit:createlimit:readlimit:updatelimit:deletellmModels:createllmModels:readllmModels:updatellmModels:deletechatSettings:createchatSettings:readchatSettings:updatechatSettings:delete |
| editor | Power user with full CRUD access to most resources but no admin privileges | agent:createagent:readagent:updateagent:deleteagent:team-adminmcpGateway:createmcpGateway:readmcpGateway:updatemcpGateway:deletemcpGateway:team-adminllmProxy:createllmProxy:readllmProxy:updatellmProxy:deletellmProxy:team-admintool:createtool:readtool:updatetool:deletepolicy:createpolicy:readpolicy:updatepolicy:deleteinteraction:createinteraction:readinteraction:updateinteraction:deletedualLlmConfig:readdualLlmResult:readinternalMcpCatalog:createinternalMcpCatalog:readinternalMcpCatalog:updateinternalMcpCatalog:deletemcpServer:createmcpServer:readmcpServer:updatemcpServer:deletemcpServerInstallationRequest:createmcpServerInstallationRequest:readmcpServerInstallationRequest:updatemcpServerInstallationRequest:deleteorganization:readteam:readmcpToolCall:readconversation:createconversation:readconversation:updateconversation:deletelimit:createlimit:readlimit:updatelimit:deletellmModels:createllmModels:readllmModels:updatellmModels:deletechatSettings:createchatSettings:readchatSettings:updatechatSettings:delete |
| member | Standard user with limited access to organization resources | agent:createagent:readagent:updateagent:deletemcpGateway:createmcpGateway:readmcpGateway:updatemcpGateway:deletellmProxy:createllmProxy:readllmProxy:updatellmProxy:deletetool:createtool:readtool:updatetool:deletepolicy:readinteraction:createinteraction:readinteraction:updateinteraction:deletedualLlmConfig:readdualLlmResult:readinternalMcpCatalog:readmcpServer:createmcpServer:readmcpServer:deletemcpServerInstallationRequest:createmcpServerInstallationRequest:readmcpServerInstallationRequest:updateorganization:readteam:readmcpToolCall:readconversation:createconversation:readconversation:updateconversation:deletelimit:readllmModels:readchatSettings:read |
Custom Roles
Organization administrators can create custom roles by selecting specific permission combinations. Custom roles allow fine-grained access control tailored to your organization's needs.
Permission Requirements
- Role Creation: Only users with
organization:updatepermission can create custom roles - Permission Granting: You can only grant permissions that you already possess
- Role Limits: Up to 50 custom roles per organization
Available Permissions
The following table lists all available permissions that can be assigned to custom roles:
| Permission | Description |
|---|---|
ac:create | Create new RBAC roles |
ac:read | View and list RBAC roles |
ac:update | Modify existing RBAC roles |
ac:delete | Remove existing RBAC roles |
agent:create | Create new automation agents with prompts and configurations |
agent:read | View and list automation agents with prompts and configurations |
agent:update | Modify existing automation agents with prompts and configurations |
agent:delete | Remove existing automation agents with prompts and configurations |
agent:team-admin | Team-level administrative control over the resource automation agents with prompts and configurations |
agent:admin | Administrative control over automation agents with prompts and configurations |
chatSettings:create | Create new chat feature configuration and settings |
chatSettings:read | View and list chat feature configuration and settings |
chatSettings:update | Modify existing chat feature configuration and settings |
chatSettings:delete | Remove existing chat feature configuration and settings |
conversation:create | Create new chat conversations with automation experts |
conversation:read | View and list chat conversations with automation experts |
conversation:update | Modify existing chat conversations with automation experts |
conversation:delete | Remove existing chat conversations with automation experts |
dualLlmConfig:create | Create new dual llm security configuration settings |
dualLlmConfig:read | View and list dual llm security configuration settings |
dualLlmConfig:update | Modify existing dual llm security configuration settings |
dualLlmConfig:delete | Remove existing dual llm security configuration settings |
dualLlmResult:create | Create new results from dual llm security validation |
dualLlmResult:read | View and list results from dual llm security validation |
dualLlmResult:update | Modify existing results from dual llm security validation |
dualLlmResult:delete | Remove existing results from dual llm security validation |
identityProvider:create | Create new identity providers for authentication |
identityProvider:read | View and list identity providers for authentication |
identityProvider:update | Modify existing identity providers for authentication |
identityProvider:delete | Remove existing identity providers for authentication |
interaction:create | Create new conversation history and agent interactions |
interaction:read | View and list conversation history and agent interactions |
interaction:update | Modify existing conversation history and agent interactions |
interaction:delete | Remove existing conversation history and agent interactions |
internalMcpCatalog:create | Create new internal mcp server catalog management |
internalMcpCatalog:read | View and list internal mcp server catalog management |
internalMcpCatalog:update | Modify existing internal mcp server catalog management |
internalMcpCatalog:delete | Remove existing internal mcp server catalog management |
invitation:create | Create new member invitations and onboarding |
invitation:cancel | Cancel member invitations and onboarding |
limit:create | Create new usage limits and quotas |
limit:read | View and list usage limits and quotas |
limit:update | Modify existing usage limits and quotas |
limit:delete | Remove existing usage limits and quotas |
llmModels:create | Create new llm models and pricing configuration |
llmModels:read | View and list llm models and pricing configuration |
llmModels:update | Modify existing llm models and pricing configuration |
llmModels:delete | Remove existing llm models and pricing configuration |
llmProxy:create | Create new llm proxies for security, observability, and cost management |
llmProxy:read | View and list llm proxies for security, observability, and cost management |
llmProxy:update | Modify existing llm proxies for security, observability, and cost management |
llmProxy:delete | Remove existing llm proxies for security, observability, and cost management |
llmProxy:team-admin | Team-level administrative control over the resource llm proxies for security, observability, and cost management |
llmProxy:admin | Administrative control over llm proxies for security, observability, and cost management |
mcpGateway:create | Create new mcp gateways that provide unified mcp endpoints for tools |
mcpGateway:read | View and list mcp gateways that provide unified mcp endpoints for tools |
mcpGateway:update | Modify existing mcp gateways that provide unified mcp endpoints for tools |
mcpGateway:delete | Remove existing mcp gateways that provide unified mcp endpoints for tools |
mcpGateway:team-admin | Team-level administrative control over the resource mcp gateways that provide unified mcp endpoints for tools |
mcpGateway:admin | Administrative control over mcp gateways that provide unified mcp endpoints for tools |
mcpServer:create | Create new mcp servers for tool integration |
mcpServer:read | View and list mcp servers for tool integration |
mcpServer:update | Modify existing mcp servers for tool integration |
mcpServer:delete | Remove existing mcp servers for tool integration |
mcpServer:admin | Administrative control over mcp servers for tool integration |
mcpServerInstallationRequest:create | Create new requests for new mcp server installations |
mcpServerInstallationRequest:read | View and list requests for new mcp server installations |
mcpServerInstallationRequest:update | Modify existing requests for new mcp server installations |
mcpServerInstallationRequest:delete | Remove existing requests for new mcp server installations |
mcpServerInstallationRequest:admin | Administrative control over requests for new mcp server installations |
mcpToolCall:read | View and list tool execution logs and results |
member:create | Create new organization members and their roles |
member:update | Modify existing organization members and their roles |
member:delete | Remove existing organization members and their roles |
organization:read | View and list organization settings |
organization:update | Modify existing organization settings |
organization:delete | Remove existing organization settings |
policy:create | Create new tool invocation and trusted data policies for security |
policy:read | View and list tool invocation and trusted data policies for security |
policy:update | Modify existing tool invocation and trusted data policies for security |
policy:delete | Remove existing tool invocation and trusted data policies for security |
team:create | Create new teams for organizing members and access control |
team:read | View and list teams for organizing members and access control |
team:update | Modify existing teams for organizing members and access control |
team:delete | Remove existing teams for organizing members and access control |
team:admin | Administrative control over teams for organizing members and access control |
tool:create | Create new individual tools that can be assigned to agents |
tool:read | View and list individual tools that can be assigned to agents |
tool:update | Modify existing individual tools that can be assigned to agents |
tool:delete | Remove existing individual tools that can be assigned to agents |
Best Practices
Principle of Least Privilege
Grant users only the minimum permissions necessary for their role. Start with the member role and add specific permissions as needed.
Team-Based Organization
Combine roles with team-based access control for fine-grained resource access:
- Create teams for different groups (e.g., "Data Scientists", "Developers")
- Assign agents and MCP servers to specific teams
- Add members to teams based on their role and responsibilities
Default Team
New members are automatically added to the "Default Team" when they accept an invitation. This ensures all users have immediate access to Archestra resources assigned to this team.
Team Access Control Rules
For Agents (MCP Gateways, LLM Proxies, Automation Agents):
- Team members can only see agents assigned to teams they belong to
- Exception: Users with
agent:adminpermission can see all agents - Exception: Agents with no team assignment are visible to all organization members
For MCP Servers:
- Team members can only access MCP servers assigned to teams they belong to
- Exception: Users with
mcpServer:adminpermission can access all MCP servers - Exception: MCP servers with no team assignment are accessible to all organization members
Associated Artifacts:
Team-based access extends to related resources like interaction logs, policies, and tool assignments. Members can only view these artifacts for agents and MCP servers they have access to.
Regular Review
Periodically review custom roles and member assignments to ensure they align with current organizational needs and security requirements.
Role Naming
Use clear, descriptive names for custom roles that indicate their purpose (e.g., "Agent-Manager", "Read-Only-Analyst", "Tool-Developer").