Documentation Index Fetch the complete documentation index at: https://agno-v2-rbac-doc-update.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
AgentOS validates JWT scopes against required permissions for each endpoint. Control who can access and run your agents, teams, and workflows.
Quick Start Enable RBAC when initializing AgentOS:
from agno.agent import Agent from agno.db.postgres import PostgresDb from agno.models.openai import OpenAIResponses from agno.os import AgentOS db = PostgresDb( db_url = "postgresql+psycopg://ai:ai@localhost:5532/ai" ) agent = Agent( id = "my-agent" , model = OpenAIResponses( id = "gpt-5.2" ), db = db, ) agent_os = AgentOS( id = "my-agent-os" , agents = [agent], authorization = True , ) app = agent_os.get_app()
Generate a Verification Key authorization=True only tells AgentOS to enforce JWT auth. To verify tokens, AgentOS also needs a public key. Generate one from the control plane and wire it in.
Toggle JWT authorization
Enable JWT authorization when connecting a new AgentOS, or later from the OS Settings page.
Copy the public key
A modal appears with the public key for your AgentOS.
Set the verification key
Set the JWT_VERIFICATION_KEY environment variable to your public key in your .env file or export it directly in your terminal: export JWT_VERIFICATION_KEY = "your-public-key"
Or, if you manage keys via a JWKS file, point AgentOS at it instead: export JWT_JWKS_FILE = "/path/to/jwks.json"
Authorization is now active for your AgentOS.
RBAC uses a hierarchical scope format:
Format Example Description resource:actionagents:readAccess all resources of a type resource:<id>:actionagents:my-agent:runAccess a specific resource resource:*:actionagents:*:readWildcard (equivalent to global) agent_os:admin- Full access to all endpoints
Complete Scope Reference Organization Scopes Organization scopes are enforced at the control plane and do not map to AgentOS endpoints.
Scope Description os:readView AgentOS instances in the organization os:writeCreate and update AgentOS instances os:deleteDelete AgentOS instances org:readView organization details and members org:writeUpdate organization settings and manage members org:deleteDelete the organization billing:readView billing details and invoices billing:writeUpdate billing settings and payment methods
Admin Scopes Scope Description agent_os:adminFull admin access to all AgentOS endpoints
AgentOS config Scopes Scope Description config:readView system configuration and available models config:writeAdministrative writes such as database migrations
Registry Scopes Scope Description registry:readView the code-defined registry (tools, models, databases)
Component Scopes Scope Description components:readList and view components and their configs components:writeCreate and update components and configs components:deleteDelete components and configs
Agent Scopes Scope Description agents:readList and view all agents agents:writeCreate and update agents agents:deleteDelete agents agents:runRun any agent agents:<agent-id>:readView a specific agent agents:<agent-id>:runRun a specific agent
Team Scopes Scope Description teams:readList and view all teams teams:writeCreate and update teams teams:deleteDelete teams teams:runRun any team teams:<team-id>:readView a specific team teams:<team-id>:runRun a specific team
Workflow Scopes Scope Description workflows:readList and view all workflows workflows:writeCreate and update workflows workflows:deleteDelete workflows workflows:runRun any workflow workflows:<workflow-id>:readView a specific workflow workflows:<workflow-id>:runRun a specific workflow
Session Scopes Scope Description sessions:readView all sessions and session data sessions:writeCreate, update, and rename sessions sessions:deleteDelete sessions
Memory Scopes Scope Description memories:readView memories and memory topics memories:writeCreate, update, and optimize memories memories:deleteDelete memories
Knowledge Scopes Scope Description knowledge:readView and search knowledge content knowledge:writeAdd and update knowledge content knowledge:deleteDelete knowledge content
Metrics Scopes Scope Description metrics:readView metrics metrics:writeRefresh metrics
Evaluation Scopes Scope Description evals:readView evaluation runs evals:writeCreate and update evaluation runs evals:deleteDelete evaluation runs
Trace Scopes Scope Description traces:readView traces and trace sessions
Schedule Scopes Scope Description schedules:readList and view schedules and schedule runs schedules:writeCreate, update, enable, disable, and trigger schedules schedules:deleteDelete schedules
Approval Scopes Scope Description approvals:readList and view approval requests approvals:writeResolve approval requests approvals:deleteDelete approval requests
Default Scope Mappings AgentOS automatically maps endpoints to required scopes.
System
Registry
Agents
Teams
Workflows
Sessions
Memories
Knowledge
Metrics
Evals
Traces
Schedules
Approvals
Components
Endpoint Required Scope GET /configconfig:readGET /modelsconfig:readPOST /databases/all/migrateconfig:writePOST /databases/*/migrateconfig:write
Endpoint Required Scope GET /registryregistry:read
Endpoint Required Scope GET /agentsagents:readGET /agents/*agents:readPOST /agentsagents:writePATCH /agents/*agents:writeDELETE /agents/*agents:deletePOST /agents/*/runsagents:runPOST /agents/*/runs/*/continueagents:runPOST /agents/*/runs/*/cancelagents:run
Endpoint Required Scope GET /teamsteams:readGET /teams/*teams:readPOST /teamsteams:writePATCH /teams/*teams:writeDELETE /teams/*teams:deletePOST /teams/*/runsteams:runPOST /teams/*/runs/*/continueteams:runPOST /teams/*/runs/*/cancelteams:run
Endpoint Required Scope GET /workflowsworkflows:readGET /workflows/*workflows:readPOST /workflowsworkflows:writePATCH /workflows/*workflows:writeDELETE /workflows/*workflows:deletePOST /workflows/*/runsworkflows:runPOST /workflows/*/runs/*/continueworkflows:runPOST /workflows/*/runs/*/cancelworkflows:run
Endpoint Required Scope GET /sessionssessions:readGET /sessions/*sessions:readPOST /sessionssessions:writePOST /sessions/*/renamesessions:writePATCH /sessions/*sessions:writeDELETE /sessionssessions:deleteDELETE /sessions/*sessions:delete
Endpoint Required Scope GET /memoriesmemories:readGET /memories/*memories:readGET /memory_topicsmemories:readGET /user_memory_statsmemories:readPOST /memoriesmemories:writePATCH /memories/*memories:writePOST /optimize-memoriesmemories:writeDELETE /memoriesmemories:deleteDELETE /memories/*memories:delete
Endpoint Required Scope GET /knowledge/contentknowledge:readGET /knowledge/content/*knowledge:readGET /knowledge/configknowledge:readGET /knowledge/*/sourcesknowledge:readGET /knowledge/*/sources/*/filesknowledge:readPOST /knowledge/searchknowledge:readPOST /knowledge/contentknowledge:writePOST /knowledge/remote-contentknowledge:writePATCH /knowledge/content/*knowledge:writeDELETE /knowledge/contentknowledge:deleteDELETE /knowledge/content/*knowledge:delete
Endpoint Required Scope GET /metricsmetrics:readPOST /metrics/refreshmetrics:write
Endpoint Required Scope GET /eval-runsevals:readGET /eval-runs/*evals:readPOST /eval-runsevals:writePATCH /eval-runs/*evals:writeDELETE /eval-runsevals:delete
Endpoint Required Scope GET /tracestraces:readGET /traces/*traces:readGET /trace_session_statstraces:readPOST /traces/searchtraces:read
Endpoint Required Scope GET /schedulesschedules:readGET /schedules/*schedules:readGET /schedules/*/runsschedules:readGET /schedules/*/runs/*schedules:readPOST /schedulesschedules:writePATCH /schedules/*schedules:writePOST /schedules/*/enableschedules:writePOST /schedules/*/disableschedules:writePOST /schedules/*/triggerschedules:writeDELETE /schedules/*schedules:delete
Endpoint Required Scope GET /approvalsapprovals:readGET /approvals/countapprovals:readGET /approvals/*approvals:readGET /approvals/*/statusapprovals:readPOST /approvals/*/resolveapprovals:writeDELETE /approvals/*approvals:delete
Endpoint Required Scope GET /componentscomponents:readGET /components/*components:readGET /components/*/configscomponents:readGET /components/*/configs/*components:readGET /components/*/configs/currentcomponents:readPOST /componentscomponents:writePOST /components/*/configscomponents:writePOST /components/*/configs/*/set-currentcomponents:writePATCH /components/*components:writePATCH /components/*/configs/*components:writeDELETE /components/*components:deleteDELETE /components/*/configs/*components:delete
Access Prerequisites A few scopes gate access to everything downstream. Without them, finer-grained scopes have no effect because the user cannot reach the resources they apply to.
Scope Without it, the user cannot org:readAccess the organization at all os:readList AgentOS instances in the organization config:readUse any AgentOS endpoint (the UI loads /config on startup)
Custom Scope Mappings Customize or extend the default scope mappings using the JWT middleware:
from agno.os import AgentOS from agno.os.middleware import JWTMiddleware agent_os = AgentOS( id = "my-agent-os" , agents = [my_agent], ) app = agent_os.get_app() app.add_middleware( JWTMiddleware, verification_keys = [ "your-jwt-key" ], algorithm = "RS256" , authorization = True , scope_mappings = { "GET /agents" : [ "custom:read" ], "POST /custom/endpoint" : [ "custom:write" ], "GET /public/stats" : [], # No scopes required } )
Custom scope mappings are additive to the defaults. To override a default, specify the same route pattern with your custom scopes.
Custom Roles and Scopes Custom roles require JWT authentication. Without it, scope enforcement is skipped entirely by AgentOS and assigned roles have no effect.
Compose scopes into named roles in the control plane and assign them to users in your organization. Members inherit the scopes of every role assigned to them.
Create a Custom Role
Open the Roles page in the control plane.
Define a role name and select the scopes it grants.
Save the role.
Assign a Role to a User Open the Organization settings page and assign the role to a user.
JWT Token Structure Your JWT tokens should include:
{ "sub" : "user-123" , "scopes" : [ "agents:read" , "agents:my-agent:run" ], "exp" : 1735689600 , "iat" : 1735603200 }
Claim Required Description scopesYes Array of permission scopes subNo User ID (extracted as user_id) session_idNo Session ID for session tracking audNo Audience (must match AgentOS id when verify_audience=True)
Example Tokens Read-only access: { "scopes" : [ "agents:read" , "teams:read" , "sessions:read" ] }
Run a specific agent: { "scopes" : [ "agents:my-agent:run" , "agents:my-agent:read" , "sessions:write" ] }
Admin access: { "scopes" : [ "agent_os:admin" ] }
Configuration Options Configure JWT verification using AuthorizationConfig:
from agno.os import AgentOS from agno.os.config import AuthorizationConfig agent_os = AgentOS( id = "my-agent-os" , agents = [agent], authorization = True , authorization_config = AuthorizationConfig( verification_keys = [ "your-jwt-verification-key" ], algorithm = "RS256" , ), )
You can also use a JWKS file:
authorization_config = AuthorizationConfig( jwks_file = "/path/to/jwks.json" , algorithm = "RS256" , )
Or set environment variables:
export JWT_VERIFICATION_KEY = "your-public-key" # or export JWT_JWKS_FILE = "/path/to/jwks.json"
Excluded Routes These routes are excluded from RBAC checks by default:
/, /health, /docs, /redoc, /openapi.json, /docs/oauth2-redirectError Responses Status Code Description 401 UnauthorizedMissing or invalid JWT token 403 ForbiddenInsufficient scopes for the requested operation
Examples
Basic RBAC Basic RBAC example
Per-Agent Permissions Grant specific permissions to specific agents
Developer Resources
AuthorizationConfig Reference Configuration options for JWT verification
JWTMiddleware Reference Complete JWT middleware class reference
