Access Control
Rebyte enforces access control at multiple layers. Each layer is independently configured and enforced.
Organization roles
Section titled “Organization roles”Two roles managed via Clerk:
| Role | Scope |
|---|---|
| Admin | Full org control — network policies, security policies, agent policies, BYOK keys, system prompt, API keys, channels |
| Member | Create workspaces, run tasks, use configured resources. Cannot modify org-level settings. |
Agent Computer permissions
Section titled “Agent Computer permissions”Each Agent Computer (workspace) has a visibility level and per-user access grants.
Visibility
Section titled “Visibility”| Level | Who can access |
|---|---|
private | Creator and explicitly granted users only |
shared (default) | All org members — read and write |
public | Anyone can view. Org members can edit. |
Access levels
Section titled “Access levels”| Level | Can do |
|---|---|
| Owner | Full control. Delete workspace. Automatically assigned to creator. |
| Editor | Read/write files, run tasks, configure settings. Granted to ACL members and org members (if shared/public). |
| Viewer | Read-only. Only applies to public workspaces for non-org users. |
Evaluation order
Section titled “Evaluation order”- Is the user the workspace creator? → owner
- Is the user in the workspace ACL? → editor
- Is the user in the same org AND visibility is
sharedorpublic? → editor - Is visibility
public? → viewer - Otherwise → denied
Grant per-user access via the workspace members/ACL settings.
Skills permissions
Section titled “Skills permissions”Team skills use a creator-based permission model.
| Action | Who |
|---|---|
| Create skill | Any org member |
| View/download skill | Public visibility: anyone in org. Private: creator or ACL-granted users. |
| Update metadata | Any org member |
| Delete skill | Any org member |
| Change visibility | Creator only |
| Manage skill ACL | Creator only |
| Rollback version | Creator only |
| View ACL | Any org member |
Skills support two visibility levels: private and public (within the org). The creator controls visibility, ACL grants, and version rollback.
Agent Context permissions
Section titled “Agent Context permissions”Context Lake (data source connections) uses admin-gated creation with creator-managed ACL.
| Action | Who |
|---|---|
| Create dataset/view | Org admin only |
| List datasets/views | Any org member |
| Query dataset/view | Creator, ACL-granted users, org admin, or any org member if visibility is shared or public |
| Manage dataset/view ACL | Creator only |
| View ACL | Creator or org admin |
Each dataset and view has its own ACL and visibility setting. Shared/public datasets are queryable by all org members. Private datasets require explicit ACL grants. ACL entries include a granted_by audit trail.
Organization policies (admin-only)
Section titled “Organization policies (admin-only)”Admins control platform-wide policies through Settings.
Agent policies
Section titled “Agent policies”Per-executor controls:
| Setting | Effect |
|---|---|
enabled | Enable/disable an executor (Claude, Gemini, Codex, OpenCode) for the entire org |
authMethod | Force api_key (BYOK) or credits mode per executor |
disabledModels | Block specific models from being used |
Network policy
Section titled “Network policy”See Agent Shield for details. Network policy settings can currently be modified by any org member.
| Setting | Default |
|---|---|
| Domain allowlist mode | package_managers_only |
| Additional allowed domains | None |
Security policy
Section titled “Security policy”| Setting | Default | Effect |
|---|---|---|
| Shield monitoring | optional | required enforces Shield on all computers; optional allows per-workspace opt-in |
Per-workspace override: workspace editors can enable/disable Shield monitoring on individual workspaces when the org policy is optional.
System prompt
Section titled “System prompt”Admins can set a custom system prompt applied to all agent executions in the org. Requires Team subscription.
API key scopes
Section titled “API key scopes”API keys have granular scopes controlling what operations they can perform:
| Scope | Permission |
|---|---|
tasks:read | List and view tasks |
tasks:write | Create tasks, send follow-ups, delete |
files:read | View file metadata |
files:write | Upload files |
webhooks:read | List webhooks, view public key |
webhooks:write | Create and delete webhooks |
All scopes are granted by default on key creation. Granular scope selection is planned.
Summary
Section titled “Summary”| Layer | Controlled by | Granularity |
|---|---|---|
| Org settings & policies | Org admin | Org-wide |
| Agent Computer access | Creator + ACL | Per-workspace, per-user |
| Skills access | Creator + ACL | Per-skill, per-user |
| Context Lake access | Admin (create) + Creator (ACL) | Per-dataset/view, per-user |
| API key scopes | Org admin | Per-key |
| Network egress | Org admin | Org-wide (via Agent Shield) |