solace-agent-mesh 1.5.0__py3-none-any.whl → 1.6.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of solace-agent-mesh might be problematic. Click here for more details.

Files changed (326) hide show
  1. solace_agent_mesh/agent/adk/callbacks.py +14 -17
  2. solace_agent_mesh/agent/adk/embed_resolving_mcp_toolset.py +3 -1
  3. solace_agent_mesh/agent/adk/intelligent_mcp_callbacks.py +2 -1
  4. solace_agent_mesh/agent/adk/mcp_content_processor.py +2 -1
  5. solace_agent_mesh/agent/adk/models/lite_llm.py +123 -8
  6. solace_agent_mesh/agent/adk/models/oauth2_token_manager.py +245 -0
  7. solace_agent_mesh/agent/adk/runner.py +3 -1
  8. solace_agent_mesh/agent/adk/services.py +4 -1
  9. solace_agent_mesh/agent/adk/setup.py +3 -1
  10. solace_agent_mesh/agent/adk/tool_wrapper.py +2 -2
  11. solace_agent_mesh/agent/protocol/event_handlers.py +42 -2
  12. solace_agent_mesh/agent/proxies/__init__.py +0 -0
  13. solace_agent_mesh/agent/proxies/a2a/__init__.py +3 -0
  14. solace_agent_mesh/agent/proxies/a2a/app.py +55 -0
  15. solace_agent_mesh/agent/proxies/a2a/component.py +1115 -0
  16. solace_agent_mesh/agent/proxies/a2a/config.py +140 -0
  17. solace_agent_mesh/agent/proxies/a2a/oauth_token_cache.py +104 -0
  18. solace_agent_mesh/agent/proxies/base/__init__.py +3 -0
  19. solace_agent_mesh/agent/proxies/base/app.py +99 -0
  20. solace_agent_mesh/agent/proxies/base/component.py +619 -0
  21. solace_agent_mesh/agent/proxies/base/config.py +85 -0
  22. solace_agent_mesh/agent/proxies/base/proxy_task_context.py +17 -0
  23. solace_agent_mesh/agent/sac/app.py +12 -4
  24. solace_agent_mesh/agent/sac/component.py +164 -9
  25. solace_agent_mesh/agent/tools/audio_tools.py +127 -9
  26. solace_agent_mesh/agent/tools/builtin_artifact_tools.py +3 -1
  27. solace_agent_mesh/agent/tools/builtin_data_analysis_tools.py +3 -1
  28. solace_agent_mesh/agent/tools/dynamic_tool.py +2 -1
  29. solace_agent_mesh/agent/tools/general_agent_tools.py +2 -1
  30. solace_agent_mesh/agent/tools/image_tools.py +2 -1
  31. solace_agent_mesh/agent/tools/peer_agent_tool.py +2 -1
  32. solace_agent_mesh/agent/tools/registry.py +3 -1
  33. solace_agent_mesh/agent/tools/test_tools.py +2 -1
  34. solace_agent_mesh/agent/tools/web_tools.py +12 -6
  35. solace_agent_mesh/agent/utils/artifact_helpers.py +144 -4
  36. solace_agent_mesh/agent/utils/config_parser.py +3 -1
  37. solace_agent_mesh/assets/docs/404.html +3 -3
  38. solace_agent_mesh/assets/docs/assets/js/{b7006a3a.73a79653.js → 032c2d61.f3d37824.js} +1 -1
  39. solace_agent_mesh/assets/docs/assets/js/0bcf40b7.c019ad46.js +1 -0
  40. solace_agent_mesh/assets/docs/assets/js/15ba94aa.932dd2db.js +1 -0
  41. solace_agent_mesh/assets/docs/assets/js/2131ec11.5c7a1f6e.js +1 -0
  42. solace_agent_mesh/assets/docs/assets/js/{2334.622a6395.js → 2334.1cf50a20.js} +1 -1
  43. solace_agent_mesh/assets/docs/assets/js/240a0364.7eac6021.js +1 -0
  44. solace_agent_mesh/assets/docs/assets/js/2e32b5e0.33f5d75b.js +1 -0
  45. solace_agent_mesh/assets/docs/assets/js/341393d4.0fac2613.js +1 -0
  46. solace_agent_mesh/assets/docs/assets/js/{3624.b524e433.js → 3624.0eaa1fd0.js} +1 -1
  47. solace_agent_mesh/assets/docs/assets/js/3a6c6137.f5940cfa.js +1 -0
  48. solace_agent_mesh/assets/docs/assets/js/3ac1795d.76654dd9.js +1 -0
  49. solace_agent_mesh/assets/docs/assets/js/3ff0015d.2be20244.js +1 -0
  50. solace_agent_mesh/assets/docs/assets/js/509e993c.4c7a1a6d.js +1 -0
  51. solace_agent_mesh/assets/docs/assets/js/547e15cc.2cbb060a.js +1 -0
  52. solace_agent_mesh/assets/docs/assets/js/55b7b518.f2b1d1ba.js +1 -0
  53. solace_agent_mesh/assets/docs/assets/js/5c2bd65f.eda4bcb2.js +1 -0
  54. solace_agent_mesh/assets/docs/assets/js/6063ff4c.ef84f702.js +1 -0
  55. solace_agent_mesh/assets/docs/assets/js/631738c7.a8b1ef8b.js +1 -0
  56. solace_agent_mesh/assets/docs/assets/js/6a520c9d.ba015d81.js +1 -0
  57. solace_agent_mesh/assets/docs/assets/js/6ad8f0bd.f4b15f3b.js +1 -0
  58. solace_agent_mesh/assets/docs/assets/js/6d84eae0.4a5fbf39.js +1 -0
  59. solace_agent_mesh/assets/docs/assets/js/6fdfefc7.99de744e.js +1 -0
  60. solace_agent_mesh/assets/docs/assets/js/71da7b71.38583438.js +1 -0
  61. solace_agent_mesh/assets/docs/assets/js/722f809d.965da774.js +1 -0
  62. solace_agent_mesh/assets/docs/assets/js/742f027b.46c07808.js +1 -0
  63. solace_agent_mesh/assets/docs/assets/js/77cf947d.48cb18a2.js +1 -0
  64. solace_agent_mesh/assets/docs/assets/js/8024126c.56e59919.js +1 -0
  65. solace_agent_mesh/assets/docs/assets/js/81a99df0.07034dd9.js +1 -0
  66. solace_agent_mesh/assets/docs/assets/js/82fbfb93.139a1a1f.js +1 -0
  67. solace_agent_mesh/assets/docs/assets/js/{8591.d7c16be6.js → 8591.5d015485.js} +2 -2
  68. solace_agent_mesh/assets/docs/assets/js/{8731.49e930c2.js → 8731.6c1dbf0c.js} +1 -1
  69. solace_agent_mesh/assets/docs/assets/js/924ffdeb.8095e148.js +1 -0
  70. solace_agent_mesh/assets/docs/assets/js/945fb41e.6f4cdffd.js +1 -0
  71. solace_agent_mesh/assets/docs/assets/js/94e8668d.b5ddb7a1.js +1 -0
  72. solace_agent_mesh/assets/docs/assets/js/9bb13469.dd1c9b54.js +1 -0
  73. solace_agent_mesh/assets/docs/assets/js/9e9d0a82.570c057b.js +1 -0
  74. solace_agent_mesh/assets/docs/assets/js/ab9708a8.3e6dd091.js +1 -0
  75. solace_agent_mesh/assets/docs/assets/js/ad71b5ed.af3ecfd1.js +1 -0
  76. solace_agent_mesh/assets/docs/assets/js/c198a0dc.8f31f867.js +1 -0
  77. solace_agent_mesh/assets/docs/assets/js/c93cbaa0.eaff365e.js +1 -0
  78. solace_agent_mesh/assets/docs/assets/js/ceb2a7a6.5d92d7d0.js +1 -0
  79. solace_agent_mesh/assets/docs/assets/js/da0b5bad.d08a9466.js +1 -0
  80. solace_agent_mesh/assets/docs/assets/js/db924877.e98d12a1.js +1 -0
  81. solace_agent_mesh/assets/docs/assets/js/dd817ffc.0aa9630a.js +1 -0
  82. solace_agent_mesh/assets/docs/assets/js/dd81e2b8.d590bc9e.js +1 -0
  83. solace_agent_mesh/assets/docs/assets/js/de5f4c65.e8241890.js +1 -0
  84. solace_agent_mesh/assets/docs/assets/js/de915948.27d6b065.js +1 -0
  85. solace_agent_mesh/assets/docs/assets/js/e3d9abda.2b916f9e.js +1 -0
  86. solace_agent_mesh/assets/docs/assets/js/e6f9706b.e74a984d.js +1 -0
  87. solace_agent_mesh/assets/docs/assets/js/e92d0134.cf6d6522.js +1 -0
  88. solace_agent_mesh/assets/docs/assets/js/f284c35a.42f59cdd.js +1 -0
  89. solace_agent_mesh/assets/docs/assets/js/ff4d71f2.15b02f97.js +1 -0
  90. solace_agent_mesh/assets/docs/assets/js/main.20feee82.js +2 -0
  91. solace_agent_mesh/assets/docs/assets/js/runtime~main.0d198646.js +1 -0
  92. solace_agent_mesh/assets/docs/docs/documentation/components/agents/index.html +154 -0
  93. solace_agent_mesh/assets/docs/docs/documentation/{user-guide → components}/builtin-tools/artifact-management/index.html +7 -7
  94. solace_agent_mesh/assets/docs/docs/documentation/{user-guide → components}/builtin-tools/audio-tools/index.html +7 -7
  95. solace_agent_mesh/assets/docs/docs/documentation/{user-guide → components}/builtin-tools/data-analysis-tools/index.html +8 -8
  96. solace_agent_mesh/assets/docs/docs/documentation/{user-guide → components}/builtin-tools/embeds/index.html +6 -6
  97. solace_agent_mesh/assets/docs/docs/documentation/{user-guide → components}/builtin-tools/index.html +11 -11
  98. solace_agent_mesh/assets/docs/docs/documentation/{concepts → components}/cli/index.html +25 -25
  99. solace_agent_mesh/assets/docs/docs/documentation/components/gateways/index.html +91 -0
  100. solace_agent_mesh/assets/docs/docs/documentation/components/index.html +29 -0
  101. solace_agent_mesh/assets/docs/docs/documentation/components/orchestrator/index.html +55 -0
  102. solace_agent_mesh/assets/docs/docs/documentation/components/plugins/index.html +110 -0
  103. solace_agent_mesh/assets/docs/docs/documentation/components/proxies/index.html +262 -0
  104. solace_agent_mesh/assets/docs/docs/documentation/deploying/debugging/index.html +104 -0
  105. solace_agent_mesh/assets/docs/docs/documentation/deploying/deployment-options/index.html +85 -0
  106. solace_agent_mesh/assets/docs/docs/documentation/deploying/index.html +25 -0
  107. solace_agent_mesh/assets/docs/docs/documentation/deploying/observability/index.html +59 -0
  108. solace_agent_mesh/assets/docs/docs/documentation/{user-guide → developing}/create-agents/index.html +113 -152
  109. solace_agent_mesh/assets/docs/docs/documentation/{user-guide → developing}/create-gateways/index.html +10 -10
  110. solace_agent_mesh/assets/docs/docs/documentation/{user-guide → developing}/creating-python-tools/index.html +12 -12
  111. solace_agent_mesh/assets/docs/docs/documentation/developing/creating-service-providers/index.html +54 -0
  112. solace_agent_mesh/assets/docs/docs/documentation/developing/evaluations/index.html +135 -0
  113. solace_agent_mesh/assets/docs/docs/documentation/developing/index.html +34 -0
  114. solace_agent_mesh/assets/docs/docs/documentation/developing/structure/index.html +55 -0
  115. solace_agent_mesh/assets/docs/docs/documentation/{tutorials → developing/tutorials}/bedrock-agents/index.html +25 -25
  116. solace_agent_mesh/assets/docs/docs/documentation/{tutorials → developing/tutorials}/custom-agent/index.html +13 -13
  117. solace_agent_mesh/assets/docs/docs/documentation/{tutorials → developing/tutorials}/event-mesh-gateway/index.html +12 -12
  118. solace_agent_mesh/assets/docs/docs/documentation/{tutorials → developing/tutorials}/mcp-integration/index.html +10 -10
  119. solace_agent_mesh/assets/docs/docs/documentation/{tutorials → developing/tutorials}/mongodb-integration/index.html +13 -13
  120. solace_agent_mesh/assets/docs/docs/documentation/{tutorials → developing/tutorials}/rag-integration/index.html +13 -13
  121. solace_agent_mesh/assets/docs/docs/documentation/{tutorials → developing/tutorials}/rest-gateway/index.html +10 -10
  122. solace_agent_mesh/assets/docs/docs/documentation/developing/tutorials/slack-integration/index.html +72 -0
  123. solace_agent_mesh/assets/docs/docs/documentation/{tutorials → developing/tutorials}/sql-database/index.html +14 -14
  124. solace_agent_mesh/assets/docs/docs/documentation/enterprise/index.html +33 -0
  125. solace_agent_mesh/assets/docs/docs/documentation/enterprise/installation/index.html +83 -0
  126. solace_agent_mesh/assets/docs/docs/documentation/enterprise/rbac-setup-guide/index.html +222 -0
  127. solace_agent_mesh/assets/docs/docs/documentation/enterprise/single-sign-on/index.html +161 -0
  128. solace_agent_mesh/assets/docs/docs/documentation/getting-started/architecture/index.html +75 -0
  129. solace_agent_mesh/assets/docs/docs/documentation/getting-started/index.html +53 -0
  130. solace_agent_mesh/assets/docs/docs/documentation/getting-started/introduction/index.html +35 -100
  131. solace_agent_mesh/assets/docs/docs/documentation/getting-started/try-agent-mesh/index.html +41 -0
  132. solace_agent_mesh/assets/docs/docs/documentation/installing-and-configuring/configurations/index.html +81 -0
  133. solace_agent_mesh/assets/docs/docs/documentation/installing-and-configuring/index.html +25 -0
  134. solace_agent_mesh/assets/docs/docs/documentation/installing-and-configuring/installation/index.html +76 -0
  135. solace_agent_mesh/assets/docs/docs/documentation/installing-and-configuring/large_language_models/index.html +160 -0
  136. solace_agent_mesh/assets/docs/docs/documentation/installing-and-configuring/run-project/index.html +142 -0
  137. solace_agent_mesh/assets/docs/docs/documentation/migrations/a2a-upgrade/a2a-gateway-upgrade-to-0.3.0/index.html +100 -0
  138. solace_agent_mesh/assets/docs/docs/documentation/{Migrations/A2A Upgrade To 0.3.0/a2a-technical-migration-map/index.html → migrations/a2a-upgrade/a2a-technical-migration-map/index.html} +10 -11
  139. solace_agent_mesh/assets/docs/img/solace-logo.png +0 -0
  140. solace_agent_mesh/assets/docs/lunr-index-1761165361160.json +1 -0
  141. solace_agent_mesh/assets/docs/lunr-index.json +1 -1
  142. solace_agent_mesh/assets/docs/search-doc-1761165361160.json +1 -0
  143. solace_agent_mesh/assets/docs/search-doc.json +1 -1
  144. solace_agent_mesh/assets/docs/sitemap.xml +1 -1
  145. solace_agent_mesh/cli/__init__.py +1 -1
  146. solace_agent_mesh/cli/commands/add_cmd/agent_cmd.py +2 -69
  147. solace_agent_mesh/cli/commands/eval_cmd.py +11 -49
  148. solace_agent_mesh/cli/commands/init_cmd/__init__.py +0 -5
  149. solace_agent_mesh/cli/commands/init_cmd/env_step.py +10 -12
  150. solace_agent_mesh/cli/commands/init_cmd/orchestrator_step.py +9 -61
  151. solace_agent_mesh/cli/commands/init_cmd/webui_gateway_step.py +9 -49
  152. solace_agent_mesh/cli/commands/plugin_cmd/add_cmd.py +1 -2
  153. solace_agent_mesh/client/webui/frontend/static/assets/{authCallback-DwrxZE0E.js → authCallback-BTf6dqwp.js} +1 -1
  154. solace_agent_mesh/client/webui/frontend/static/assets/{client-DarGQzyw.js → client-CaY59VuC.js} +1 -1
  155. solace_agent_mesh/client/webui/frontend/static/assets/main-BGTaW0uv.js +342 -0
  156. solace_agent_mesh/client/webui/frontend/static/assets/main-DHJKSW1S.css +1 -0
  157. solace_agent_mesh/client/webui/frontend/static/assets/{vendor-BKIeiHj_.js → vendor-BEmvJSYz.js} +1 -1
  158. solace_agent_mesh/client/webui/frontend/static/auth-callback.html +3 -3
  159. solace_agent_mesh/client/webui/frontend/static/index.html +4 -4
  160. solace_agent_mesh/common/a2a/__init__.py +24 -0
  161. solace_agent_mesh/common/a2a/artifact.py +41 -1
  162. solace_agent_mesh/common/a2a/events.py +29 -0
  163. solace_agent_mesh/common/a2a/message.py +68 -0
  164. solace_agent_mesh/common/a2a/protocol.py +76 -3
  165. solace_agent_mesh/common/a2a/translation.py +3 -1
  166. solace_agent_mesh/common/agent_registry.py +83 -3
  167. solace_agent_mesh/common/constants.py +3 -1
  168. solace_agent_mesh/common/middleware/config_resolver.py +3 -1
  169. solace_agent_mesh/common/middleware/registry.py +3 -1
  170. solace_agent_mesh/common/sac/sam_component_base.py +2 -1
  171. solace_agent_mesh/common/sam_events/event_service.py +3 -2
  172. solace_agent_mesh/common/services/employee_service.py +3 -1
  173. solace_agent_mesh/common/services/identity_service.py +2 -1
  174. solace_agent_mesh/common/services/providers/local_file_identity_service.py +2 -1
  175. solace_agent_mesh/common/utils/artifact_utils.py +3 -1
  176. solace_agent_mesh/common/utils/asyncio_macos_fix.py +3 -1
  177. solace_agent_mesh/common/utils/embeds/converter.py +3 -1
  178. solace_agent_mesh/common/utils/embeds/evaluators.py +2 -1
  179. solace_agent_mesh/common/utils/embeds/modifiers.py +3 -2
  180. solace_agent_mesh/common/utils/embeds/resolver.py +2 -1
  181. solace_agent_mesh/common/utils/initializer.py +3 -1
  182. solace_agent_mesh/common/utils/message_utils.py +2 -1
  183. solace_agent_mesh/common/utils/push_notification_auth.py +3 -2
  184. solace_agent_mesh/common/utils/pydantic_utils.py +12 -0
  185. solace_agent_mesh/config_portal/backend/common.py +1 -1
  186. solace_agent_mesh/config_portal/frontend/static/client/assets/_index-ByU1X1HD.js +98 -0
  187. solace_agent_mesh/config_portal/frontend/static/client/assets/{manifest-44d62be6.js → manifest-61038fc6.js} +1 -1
  188. solace_agent_mesh/config_portal/frontend/static/client/index.html +1 -1
  189. solace_agent_mesh/core_a2a/service.py +2 -2
  190. solace_agent_mesh/evaluation/evaluator.py +128 -104
  191. solace_agent_mesh/evaluation/message_organizer.py +116 -110
  192. solace_agent_mesh/evaluation/report_data_processor.py +84 -86
  193. solace_agent_mesh/evaluation/report_generator.py +73 -79
  194. solace_agent_mesh/evaluation/run.py +421 -235
  195. solace_agent_mesh/evaluation/shared/__init__.py +92 -0
  196. solace_agent_mesh/evaluation/shared/constants.py +47 -0
  197. solace_agent_mesh/evaluation/shared/exceptions.py +50 -0
  198. solace_agent_mesh/evaluation/shared/helpers.py +35 -0
  199. solace_agent_mesh/evaluation/shared/test_case_loader.py +167 -0
  200. solace_agent_mesh/evaluation/shared/test_suite_loader.py +280 -0
  201. solace_agent_mesh/evaluation/subscriber.py +111 -232
  202. solace_agent_mesh/evaluation/summary_builder.py +227 -117
  203. solace_agent_mesh/gateway/base/app.py +3 -2
  204. solace_agent_mesh/gateway/base/component.py +11 -2
  205. solace_agent_mesh/gateway/base/task_context.py +2 -1
  206. solace_agent_mesh/gateway/http_sse/alembic/versions/20251015_add_session_performance_indexes.py +70 -0
  207. solace_agent_mesh/gateway/http_sse/app.py +2 -1
  208. solace_agent_mesh/gateway/http_sse/component.py +102 -3
  209. solace_agent_mesh/gateway/http_sse/components/task_logger_forwarder.py +3 -2
  210. solace_agent_mesh/gateway/http_sse/components/visualization_forwarder_component.py +3 -1
  211. solace_agent_mesh/gateway/http_sse/dependencies.py +7 -5
  212. solace_agent_mesh/gateway/http_sse/main.py +5 -2
  213. solace_agent_mesh/gateway/http_sse/repository/chat_task_repository.py +12 -13
  214. solace_agent_mesh/gateway/http_sse/repository/feedback_repository.py +15 -18
  215. solace_agent_mesh/gateway/http_sse/repository/interfaces.py +25 -18
  216. solace_agent_mesh/gateway/http_sse/repository/session_repository.py +30 -26
  217. solace_agent_mesh/gateway/http_sse/repository/task_repository.py +35 -44
  218. solace_agent_mesh/gateway/http_sse/routers/agent_cards.py +7 -5
  219. solace_agent_mesh/gateway/http_sse/routers/artifacts.py +97 -205
  220. solace_agent_mesh/gateway/http_sse/routers/auth.py +3 -1
  221. solace_agent_mesh/gateway/http_sse/routers/config.py +3 -2
  222. solace_agent_mesh/gateway/http_sse/routers/dto/responses/session_responses.py +4 -3
  223. solace_agent_mesh/gateway/http_sse/routers/people.py +3 -1
  224. solace_agent_mesh/gateway/http_sse/routers/sessions.py +5 -3
  225. solace_agent_mesh/gateway/http_sse/routers/sse.py +3 -2
  226. solace_agent_mesh/gateway/http_sse/routers/tasks.py +35 -42
  227. solace_agent_mesh/gateway/http_sse/routers/users.py +3 -1
  228. solace_agent_mesh/gateway/http_sse/routers/visualization.py +19 -12
  229. solace_agent_mesh/gateway/http_sse/services/agent_card_service.py +3 -1
  230. solace_agent_mesh/gateway/http_sse/services/data_retention_service.py +6 -5
  231. solace_agent_mesh/gateway/http_sse/services/feedback_service.py +53 -44
  232. solace_agent_mesh/gateway/http_sse/services/people_service.py +2 -2
  233. solace_agent_mesh/gateway/http_sse/services/session_service.py +23 -21
  234. solace_agent_mesh/gateway/http_sse/services/task_logger_service.py +10 -9
  235. solace_agent_mesh/gateway/http_sse/services/task_service.py +3 -2
  236. solace_agent_mesh/gateway/http_sse/session_manager.py +2 -1
  237. solace_agent_mesh/gateway/http_sse/shared/base_repository.py +45 -71
  238. solace_agent_mesh/gateway/http_sse/shared/types.py +0 -18
  239. solace_agent_mesh/gateway/http_sse/sse_event_buffer.py +2 -1
  240. solace_agent_mesh/gateway/http_sse/sse_manager.py +2 -2
  241. solace_agent_mesh/templates/gateway_app_template.py +4 -2
  242. solace_agent_mesh/templates/gateway_component_template.py +3 -1
  243. solace_agent_mesh/templates/gateway_config_template.yaml +0 -5
  244. solace_agent_mesh/templates/logging_config_template.ini +27 -46
  245. solace_agent_mesh/templates/plugin_gateway_config_template.yaml +0 -3
  246. solace_agent_mesh/templates/plugin_tools_template.py +2 -2
  247. solace_agent_mesh/templates/shared_config.yaml +40 -0
  248. {solace_agent_mesh-1.5.0.dist-info → solace_agent_mesh-1.6.0.dist-info}/METADATA +47 -21
  249. {solace_agent_mesh-1.5.0.dist-info → solace_agent_mesh-1.6.0.dist-info}/RECORD +254 -225
  250. solace_agent_mesh/assets/docs/assets/images/sac-flows-80d5b603c6aafd33e87945680ce0abf3.png +0 -0
  251. solace_agent_mesh/assets/docs/assets/images/sac_parts_of_a_component-cb3d0424b1d0c17734c5435cca6b4082.png +0 -0
  252. solace_agent_mesh/assets/docs/assets/js/04989206.a248f00c.js +0 -1
  253. solace_agent_mesh/assets/docs/assets/js/0e682baa.d54b8668.js +0 -1
  254. solace_agent_mesh/assets/docs/assets/js/1023fc19.8a8a9309.js +0 -1
  255. solace_agent_mesh/assets/docs/assets/js/1523c6b4.2645ef68.js +0 -1
  256. solace_agent_mesh/assets/docs/assets/js/166ab619.e27886d9.js +0 -1
  257. solace_agent_mesh/assets/docs/assets/js/1c6e87d2.e056b7e0.js +0 -1
  258. solace_agent_mesh/assets/docs/assets/js/21ceee5f.3bf39250.js +0 -1
  259. solace_agent_mesh/assets/docs/assets/js/2a9cab12.2afaee76.js +0 -1
  260. solace_agent_mesh/assets/docs/assets/js/332e10b5.f7629851.js +0 -1
  261. solace_agent_mesh/assets/docs/assets/js/3d406171.5560fdf9.js +0 -1
  262. solace_agent_mesh/assets/docs/assets/js/42b3f8d8.508ae8db.js +0 -1
  263. solace_agent_mesh/assets/docs/assets/js/442a8107.b5c2532a.js +0 -1
  264. solace_agent_mesh/assets/docs/assets/js/453a82a6.3c6bb61d.js +0 -1
  265. solace_agent_mesh/assets/docs/assets/js/483cef9a.bf9398af.js +0 -1
  266. solace_agent_mesh/assets/docs/assets/js/4c2787c2.c1290a40.js +0 -1
  267. solace_agent_mesh/assets/docs/assets/js/55f47984.bcd00a86.js +0 -1
  268. solace_agent_mesh/assets/docs/assets/js/5b4258a4.fdfd2325.js +0 -1
  269. solace_agent_mesh/assets/docs/assets/js/664b740a.ba305a89.js +0 -1
  270. solace_agent_mesh/assets/docs/assets/js/75384d09.c19e8b51.js +0 -1
  271. solace_agent_mesh/assets/docs/assets/js/768e31b0.9abcdc48.js +0 -1
  272. solace_agent_mesh/assets/docs/assets/js/85387663.be2bc838.js +0 -1
  273. solace_agent_mesh/assets/docs/assets/js/945fb41e.16e00776.js +0 -1
  274. solace_agent_mesh/assets/docs/assets/js/9a09e75d.92de8cf5.js +0 -1
  275. solace_agent_mesh/assets/docs/assets/js/9eff14a2.d62aad71.js +0 -1
  276. solace_agent_mesh/assets/docs/assets/js/a12a4955.25fbed32.js +0 -1
  277. solace_agent_mesh/assets/docs/assets/js/a3a92b25.af35e313.js +0 -1
  278. solace_agent_mesh/assets/docs/assets/js/aba87c2f.4ddf32f2.js +0 -1
  279. solace_agent_mesh/assets/docs/assets/js/ae0e903d.5fe5203f.js +0 -1
  280. solace_agent_mesh/assets/docs/assets/js/ae4415af.16cc58d3.js +0 -1
  281. solace_agent_mesh/assets/docs/assets/js/bac0be12.17de4316.js +0 -1
  282. solace_agent_mesh/assets/docs/assets/js/c2c06897.87cb1f47.js +0 -1
  283. solace_agent_mesh/assets/docs/assets/js/c835a94d.ce21f0bf.js +0 -1
  284. solace_agent_mesh/assets/docs/assets/js/cc969b05.feef7dcc.js +0 -1
  285. solace_agent_mesh/assets/docs/assets/js/cd3d4052.a19e7d78.js +0 -1
  286. solace_agent_mesh/assets/docs/assets/js/ced92a13.fb92e7ca.js +0 -1
  287. solace_agent_mesh/assets/docs/assets/js/cee5d587.47904f5e.js +0 -1
  288. solace_agent_mesh/assets/docs/assets/js/d6a81ee7.829198f1.js +0 -1
  289. solace_agent_mesh/assets/docs/assets/js/f284c35a.ed8dd236.js +0 -1
  290. solace_agent_mesh/assets/docs/assets/js/f897a61a.126663fe.js +0 -1
  291. solace_agent_mesh/assets/docs/assets/js/fbfa3e75.e144b16c.js +0 -1
  292. solace_agent_mesh/assets/docs/assets/js/main.0c149855.js +0 -2
  293. solace_agent_mesh/assets/docs/assets/js/runtime~main.c66557e4.js +0 -1
  294. solace_agent_mesh/assets/docs/docs/documentation/Enterprise/installation/index.html +0 -46
  295. solace_agent_mesh/assets/docs/docs/documentation/Enterprise/rbac-setup-guilde/index.html +0 -201
  296. solace_agent_mesh/assets/docs/docs/documentation/Enterprise/single-sign-on/index.html +0 -29
  297. solace_agent_mesh/assets/docs/docs/documentation/Migrations/A2A Upgrade To 0.3.0/a2a-gateway-upgrade-to-0.3.0/index.html +0 -105
  298. solace_agent_mesh/assets/docs/docs/documentation/concepts/agents/index.html +0 -144
  299. solace_agent_mesh/assets/docs/docs/documentation/concepts/architecture/index.html +0 -91
  300. solace_agent_mesh/assets/docs/docs/documentation/concepts/gateways/index.html +0 -91
  301. solace_agent_mesh/assets/docs/docs/documentation/concepts/orchestrator/index.html +0 -55
  302. solace_agent_mesh/assets/docs/docs/documentation/concepts/plugins/index.html +0 -111
  303. solace_agent_mesh/assets/docs/docs/documentation/deployment/debugging/index.html +0 -77
  304. solace_agent_mesh/assets/docs/docs/documentation/deployment/deploy/index.html +0 -48
  305. solace_agent_mesh/assets/docs/docs/documentation/deployment/observability/index.html +0 -54
  306. solace_agent_mesh/assets/docs/docs/documentation/getting-started/component-overview/index.html +0 -45
  307. solace_agent_mesh/assets/docs/docs/documentation/getting-started/configurations/index.html +0 -74
  308. solace_agent_mesh/assets/docs/docs/documentation/getting-started/configurations/litellm_models/index.html +0 -49
  309. solace_agent_mesh/assets/docs/docs/documentation/getting-started/installation/index.html +0 -76
  310. solace_agent_mesh/assets/docs/docs/documentation/getting-started/quick-start/index.html +0 -73
  311. solace_agent_mesh/assets/docs/docs/documentation/tutorials/slack-integration/index.html +0 -72
  312. solace_agent_mesh/assets/docs/docs/documentation/user-guide/creating-service-providers/index.html +0 -54
  313. solace_agent_mesh/assets/docs/docs/documentation/user-guide/solace-ai-connector/index.html +0 -69
  314. solace_agent_mesh/assets/docs/docs/documentation/user-guide/structure/index.html +0 -59
  315. solace_agent_mesh/assets/docs/lunr-index-1760032255022.json +0 -1
  316. solace_agent_mesh/assets/docs/search-doc-1760032255022.json +0 -1
  317. solace_agent_mesh/client/webui/frontend/static/assets/main-CZbpmwfA.css +0 -1
  318. solace_agent_mesh/client/webui/frontend/static/assets/main-C__uuUkB.js +0 -339
  319. solace_agent_mesh/config_portal/frontend/static/client/assets/_index-BNuqpWDc.js +0 -98
  320. solace_agent_mesh/evaluation/config_loader.py +0 -657
  321. solace_agent_mesh/evaluation/test_case_loader.py +0 -714
  322. /solace_agent_mesh/assets/docs/assets/js/{8591.d7c16be6.js.LICENSE.txt → 8591.5d015485.js.LICENSE.txt} +0 -0
  323. /solace_agent_mesh/assets/docs/assets/js/{main.0c149855.js.LICENSE.txt → main.20feee82.js.LICENSE.txt} +0 -0
  324. {solace_agent_mesh-1.5.0.dist-info → solace_agent_mesh-1.6.0.dist-info}/WHEEL +0 -0
  325. {solace_agent_mesh-1.5.0.dist-info → solace_agent_mesh-1.6.0.dist-info}/entry_points.txt +0 -0
  326. {solace_agent_mesh-1.5.0.dist-info → solace_agent_mesh-1.6.0.dist-info}/licenses/LICENSE +0 -0
solace_agent_mesh/assets/docs/docs/documentation/Enterprise/rbac-setup-guilde/index.html DELETED
@@ -1,201 +0,0 @@
1
- <!doctype html>
2
- <html lang="en" dir="ltr" class="docs-wrapper plugin-docs plugin-id-default docs-version-current docs-doc-page docs-doc-id-documentation/Enterprise/rbac-setup-guilde" data-has-hydrated="false">
3
- <head>
4
- <meta charset="UTF-8">
5
- <meta name="generator" content="Docusaurus v3.8.1">
6
- <title data-rh="true">RBAC Setup Guide | Solace Agent Mesh</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:image" content="https://solacelabs.github.io/solace-agent-mesh/img/logo.png"><meta data-rh="true" name="twitter:image" content="https://solacelabs.github.io/solace-agent-mesh/img/logo.png"><meta data-rh="true" property="og:url" content="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/Enterprise/rbac-setup-guilde"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="RBAC Setup Guide | Solace Agent Mesh"><meta data-rh="true" name="description" content="This guide provides detailed instructions for configuring Role-Based Access Control (RBAC) in a Solace Agent Mesh (SAM) Enterprise Docker installation. RBAC allows you to control access to SAM Enterprise features and resources based on user roles and permissions."><meta data-rh="true" property="og:description" content="This guide provides detailed instructions for configuring Role-Based Access Control (RBAC) in a Solace Agent Mesh (SAM) Enterprise Docker installation. RBAC allows you to control access to SAM Enterprise features and resources based on user roles and permissions."><link data-rh="true" rel="icon" href="/solace-agent-mesh/img/logo.png"><link data-rh="true" rel="canonical" href="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/Enterprise/rbac-setup-guilde"><link data-rh="true" rel="alternate" href="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/Enterprise/rbac-setup-guilde" hreflang="en"><link data-rh="true" rel="alternate" href="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/Enterprise/rbac-setup-guilde" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"RBAC Setup Guide","item":"https://solacelabs.github.io/solace-agent-mesh/docs/documentation/Enterprise/rbac-setup-guilde"}]}</script><link rel="stylesheet" href="/solace-agent-mesh/assets/css/styles.906a1503.css">
7
- <script src="/solace-agent-mesh/assets/js/runtime~main.c66557e4.js" defer="defer"></script>
8
- <script src="/solace-agent-mesh/assets/js/main.0c149855.js" defer="defer"></script>
9
- </head>
10
- <body class="navigation-with-keyboard">
11
- <svg xmlns="http://www.w3.org/2000/svg" style="display: none;"><defs>
12
- <symbol id="theme-svg-external-link" viewBox="0 0 24 24"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"/></symbol>
13
- </defs></svg>
14
- <script>!function(){var t=function(){try{return new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}}()||function(){try{return window.localStorage.getItem("theme")}catch(t){}}();document.documentElement.setAttribute("data-theme",t||(window.matchMedia("(prefers-color-scheme: dark)").matches?"dark":"light")),document.documentElement.setAttribute("data-theme-choice",t||"system")}(),function(){try{const c=new URLSearchParams(window.location.search).entries();for(var[t,e]of c)if(t.startsWith("docusaurus-data-")){var a=t.replace("docusaurus-data-","data-");document.documentElement.setAttribute(a,e)}}catch(t){}}()</script><div id="__docusaurus"><link rel="preload" as="image" href="/solace-agent-mesh/img/logo.png"><link rel="preload" as="image" href="/solace-agent-mesh/img/solace-logo.png"><div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="theme-layout-navbar navbar navbar--fixed-top"><div class="navbar__inner"><div class="theme-layout-navbar-left navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a class="navbar__brand" href="/solace-agent-mesh/docs/documentation/getting-started/introduction"><div class="navbar__logo"><img src="/solace-agent-mesh/img/logo.png" alt="Solace Agent Mesh Logo" class="themedComponent_mlkZ themedComponent--light_NVdE"><img src="/solace-agent-mesh/img/logo.png" alt="Solace Agent Mesh Logo" class="themedComponent_mlkZ themedComponent--dark_xIcU"></div><b class="navbar__title text--truncate">Solace Agent Mesh</b></a><a aria-current="page" class="navbar__item navbar__link navbar__link--active" href="/solace-agent-mesh/docs/documentation/getting-started/introduction">Documentation</a></div><div class="theme-layout-navbar-right navbar__items navbar__items--right"><a href="https://github.com/SolaceLabs/solace-agent-mesh/" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="system mode" aria-label="Switch between dark and light mode (currently system mode)"><svg viewBox="0 0 24 24" width="24" height="24" aria-hidden="true" class="toggleIcon_g3eP lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" aria-hidden="true" class="toggleIcon_g3eP darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" aria-hidden="true" class="toggleIcon_g3eP systemToggleIcon_QzmC"><path fill="currentColor" d="m12 21c4.971 0 9-4.029 9-9s-4.029-9-9-9-9 4.029-9 9 4.029 9 9 9zm4.95-13.95c1.313 1.313 2.05 3.093 2.05 4.95s-0.738 3.637-2.05 4.95c-1.313 1.313-3.093 2.05-4.95 2.05v-14c1.857 0 3.637 0.737 4.95 2.05z"></path></svg></button></div><div class="navbarSearchContainer_Bca1"><div class="navbar__search"><span aria-label="expand searchbar" role="button" class="search-icon" tabindex="0"></span><input id="search_input_react" type="search" placeholder="Loading..." aria-label="Search" class="navbar__search-input search-bar" disabled=""></div></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="theme-layout-main main-wrapper mainWrapper_z2l0"><div class="docsWrapper_hBAB"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docRoot_UBD9"><aside class="theme-doc-sidebar-container docSidebarContainer_YfHR"><div class="sidebarViewport_aRkj"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--sublist-caret" role="button" aria-expanded="true" href="/solace-agent-mesh/docs/documentation/getting-started/introduction">Getting Started</a></div><ul class="menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/solace-agent-mesh/docs/documentation/getting-started/introduction">Introduction</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/solace-agent-mesh/docs/documentation/getting-started/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/solace-agent-mesh/docs/documentation/getting-started/quick-start">Quick Start</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/solace-agent-mesh/docs/documentation/getting-started/component-overview">Component Overview</a></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item"><div class="menu__list-item-collapsible"><a class="menu__link" tabindex="0" href="/solace-agent-mesh/docs/documentation/getting-started/configurations/">Configurations</a></div><ul class="menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-3 menu__list-item"><a class="menu__link" tabindex="0" href="/solace-agent-mesh/docs/documentation/getting-started/configurations/litellm_models">LLM Models</a></li></ul></li></ul></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--sublist-caret" role="button" aria-expanded="false" href="/solace-agent-mesh/docs/documentation/concepts/architecture">Components and Concepts</a></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--sublist-caret" role="button" aria-expanded="false" href="/solace-agent-mesh/docs/documentation/user-guide/solace-ai-connector">User Guide</a></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--sublist-caret" role="button" aria-expanded="false" href="/solace-agent-mesh/docs/documentation/deployment/deploy">Deployment</a></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--sublist-caret" role="button" aria-expanded="false" href="/solace-agent-mesh/docs/documentation/tutorials/custom-agent">Tutorials</a></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--sublist-caret" role="button" aria-expanded="false" href="/solace-agent-mesh/docs/documentation/Migrations/A2A Upgrade To 0.3.0/a2a-gateway-upgrade-to-0.3.0">Migrations</a></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--sublist-caret menu__link--active" role="button" aria-expanded="true" href="/solace-agent-mesh/docs/documentation/Enterprise/installation">Enterprise</a></div><ul class="menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/solace-agent-mesh/docs/documentation/Enterprise/installation">Installation</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" tabindex="0" href="/solace-agent-mesh/docs/documentation/Enterprise/rbac-setup-guilde">RBAC Setup Guide</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-2 menu__list-item"><a class="menu__link" tabindex="0" href="/solace-agent-mesh/docs/documentation/Enterprise/single-sign-on">SSO</a></li></ul></li></ul></nav></div></div></aside><main class="docMainContainer_TBSr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs"><li class="breadcrumbs__item"><span class="breadcrumbs__link">Enterprise</span></li><li class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link">RBAC Setup Guide</span></li></ul></nav><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>RBAC Setup Guide</h1></header><p>This guide provides detailed instructions for configuring Role-Based Access Control (RBAC) in a Solace Agent Mesh (SAM) Enterprise Docker installation. RBAC allows you to control access to SAM Enterprise features and resources based on user roles and permissions.</p>
15
- <h2 class="anchor anchorWithStickyNavbar_LWe7" id="table-of-contents">Table of Contents<a href="#table-of-contents" class="hash-link" aria-label="Direct link to Table of Contents" title="Direct link to Table of Contents">​</a></h2>
16
- <ul>
17
- <li><a href="#introduction-to-rbac-in-sam-enterprise">Introduction to RBAC in SAM Enterprise</a></li>
18
- <li><a href="#docker-installation-with-rbac">Docker Installation with RBAC</a></li>
19
- <li><a href="#configuration-file-structure">Configuration File Structure</a></li>
20
- <li><a href="#example-configurations">Example Configurations</a></li>
21
- <li><a href="#best-practices">Best Practices</a></li>
22
- <li><a href="#troubleshooting">Troubleshooting</a></li>
23
- </ul>
24
- <h2 class="anchor anchorWithStickyNavbar_LWe7" id="introduction-to-rbac-in-sam-enterprise">Introduction to RBAC in SAM Enterprise<a href="#introduction-to-rbac-in-sam-enterprise" class="hash-link" aria-label="Direct link to Introduction to RBAC in SAM Enterprise" title="Direct link to Introduction to RBAC in SAM Enterprise">​</a></h2>
25
- <p>Role-Based Access Control (RBAC) in SAM Enterprise provides a flexible and secure way to manage user permissions. The RBAC system consists of:</p>
26
- <ul>
27
- <li><strong>Roles</strong>: Collections of permissions (scopes) that define what actions can be performed</li>
28
- <li><strong>Scopes</strong>: Specific permissions that grant access to features or resources</li>
29
- <li><strong>Users</strong>: Identities that are assigned one or more roles</li>
30
- </ul>
31
- <p>Key benefits of using RBAC in SAM Enterprise:</p>
32
- <ul>
33
- <li><strong>Granular Access Control</strong>: Define precise permissions for different user types</li>
34
- <li><strong>Simplified Administration</strong>: Manage permissions through roles rather than individual user assignments</li>
35
- <li><strong>Enhanced Security</strong>: Implement the principle of least privilege</li>
36
- <li><strong>Audit Trail</strong>: Clearly see which users have which permissions</li>
37
- </ul>
38
- <h2 class="anchor anchorWithStickyNavbar_LWe7" id="docker-installation-with-rbac">Docker Installation with RBAC<a href="#docker-installation-with-rbac" class="hash-link" aria-label="Direct link to Docker Installation with RBAC" title="Direct link to Docker Installation with RBAC">​</a></h2>
39
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="prerequisites">Prerequisites<a href="#prerequisites" class="hash-link" aria-label="Direct link to Prerequisites" title="Direct link to Prerequisites">​</a></h3>
40
- <ul>
41
- <li>Docker installed on your system</li>
42
- <li>SAM Enterprise Docker image (<code>solace-agent-mesh-enterprise</code>)</li>
43
- <li>Basic understanding of Docker volumes and configuration</li>
44
- </ul>
45
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="step-1-create-rbac-configuration-files">Step 1: Create RBAC Configuration Files<a href="#step-1-create-rbac-configuration-files" class="hash-link" aria-label="Direct link to Step 1: Create RBAC Configuration Files" title="Direct link to Step 1: Create RBAC Configuration Files">​</a></h3>
46
- <p>Create a directory on your host system to store the RBAC configuration files:</p>
47
- <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">mkdir -p sam-enterprise/configs/auth</span><br></span></code></pre></div></div>
48
- <p>Create the following files in the <code>sam-enterprise/configs/auth</code> directory:</p>
49
- <ol>
50
- <li><code>role-to-scope-definitions.yaml</code>: Defines roles and their associated permissions</li>
51
- <li><code>user-to-role-assignments.yaml</code>: Maps users to roles</li>
52
- </ol>
53
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="step-2-configure-role-definitions">Step 2: Configure Role Definitions<a href="#step-2-configure-role-definitions" class="hash-link" aria-label="Direct link to Step 2: Configure Role Definitions" title="Direct link to Step 2: Configure Role Definitions">​</a></h3>
54
- <p>Create the <code>role-to-scope-definitions.yaml</code> file with your role definitions:</p>
55
- <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token comment" style="color:rgb(98, 114, 164)"># role-to-scope-definitions.yaml</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">enterprise_admin</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Full access for enterprise administrators&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">scopes</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;*&quot;</span><span class="token plain"> </span><span class="token comment" style="color:rgb(98, 114, 164)"># Wildcard grants all permissions</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">data_analyst</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Data analysis and visualization specialist&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">scopes</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;tool:data:*&quot;</span><span class="token plain"> </span><span class="token comment" style="color:rgb(98, 114, 164)"># All data tools</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;artifact:read&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;artifact:create&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;monitor/namespace/*:a2a_messages:subscribe&quot;</span><span class="token plain"> </span><span class="token comment" style="color:rgb(98, 114, 164)"># Can monitor any namespace</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">standard_user</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Standard user with basic access&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">scopes</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;artifact:read&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;tool:basic:read&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;tool:basic:search&quot;</span><br></span></code></pre></div></div>
56
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="step-3-configure-user-assignments">Step 3: Configure User Assignments<a href="#step-3-configure-user-assignments" class="hash-link" aria-label="Direct link to Step 3: Configure User Assignments" title="Direct link to Step 3: Configure User Assignments">​</a></h3>
57
- <p>Create the <code>user-to-role-assignments.yaml</code> file with your user assignments:</p>
58
- <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token comment" style="color:rgb(98, 114, 164)"># user-to-role-assignments.yaml</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">users</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">admin@example.com</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">[</span><span class="token string" style="color:rgb(255, 121, 198)">&quot;enterprise_admin&quot;</span><span class="token punctuation" style="color:rgb(248, 248, 242)">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Enterprise Administrator Account&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">data.analyst@example.com</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">[</span><span class="token string" style="color:rgb(255, 121, 198)">&quot;data_analyst&quot;</span><span class="token punctuation" style="color:rgb(248, 248, 242)">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Senior Data Analyst&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">user1@example.com</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">[</span><span class="token string" style="color:rgb(255, 121, 198)">&quot;standard_user&quot;</span><span class="token punctuation" style="color:rgb(248, 248, 242)">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Standard Enterprise User&quot;</span><br></span></code></pre></div></div>
59
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="step-4-create-enterprise-configuration">Step 4: Create Enterprise Configuration<a href="#step-4-create-enterprise-configuration" class="hash-link" aria-label="Direct link to Step 4: Create Enterprise Configuration" title="Direct link to Step 4: Create Enterprise Configuration">​</a></h3>
60
- <p>Create a file named <code>enterprise_config.yaml</code> in the <code>sam-enterprise/configs</code> directory:</p>
61
- <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token comment" style="color:rgb(98, 114, 164)"># enterprise_config.yaml</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">authorization_service</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">type</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;default_rbac&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">role_to_scope_definitions_path</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;configs/auth/role-to-scope-definitions.yaml&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">user_to_role_assignments_path</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;configs/auth/user-to-role-assignments.yaml&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">namespace</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;enterprise_prod&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">gateway_id</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;enterprise_gateway&quot;</span><br></span></code></pre></div></div>
62
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="step-5-run-the-docker-container-with-mounted-configurations">Step 5: Run the Docker Container with Mounted Configurations<a href="#step-5-run-the-docker-container-with-mounted-configurations" class="hash-link" aria-label="Direct link to Step 5: Run the Docker Container with Mounted Configurations" title="Direct link to Step 5: Run the Docker Container with Mounted Configurations">​</a></h3>
63
- <p>Run the SAM Enterprise Docker container with the configuration files mounted:</p>
64
- <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">cd sam-enterprise</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker run -d \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> --name sam-enterprise \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -p 8000:8000 \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -p 5002:5002 \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -v &quot;$(pwd)/configs:/app/configs&quot; \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e SAM_AUTHORIZATION_CONFIG=&quot;/app/configs/enterprise_config.yaml&quot; </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e NAMESPACE=enterprise_prod \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e WEBUI_GATEWAY_ID=enterprise_gateway \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e ... list here all other necessary env vars ...</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> solace-agent-mesh-enterprise:&lt;tagname&gt; run configs</span><br></span></code></pre></div></div>
65
- <p>This command:</p>
66
- <ul>
67
- <li>Maps ports 8000 and 5002 to the host</li>
68
- <li>Mounts your local configuration directory to <code>/app/config</code> in the container</li>
69
- <li>Sets environment variables for the namespace and gateway ID</li>
70
- <li>Runs the container in detached mode</li>
71
- </ul>
72
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="step-6-verify-rbac-configuration">Step 6: Verify RBAC Configuration<a href="#step-6-verify-rbac-configuration" class="hash-link" aria-label="Direct link to Step 6: Verify RBAC Configuration" title="Direct link to Step 6: Verify RBAC Configuration">​</a></h3>
73
- <p>To verify that your RBAC configuration is working correctly:</p>
74
- <ol>
75
- <li>Access the SAM Enterprise web interface at <code>http://localhost:5002</code></li>
76
- <li>Log in with one of the user identities defined in your <code>user-to-role-assignments.yaml</code> file</li>
77
- <li>Confirm that the user has access to the appropriate features based on their assigned roles</li>
78
- </ol>
79
- <h2 class="anchor anchorWithStickyNavbar_LWe7" id="configuration-file-structure">Configuration File Structure<a href="#configuration-file-structure" class="hash-link" aria-label="Direct link to Configuration File Structure" title="Direct link to Configuration File Structure">​</a></h2>
80
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="role-to-scope-definitions">Role-to-Scope Definitions<a href="#role-to-scope-definitions" class="hash-link" aria-label="Direct link to Role-to-Scope Definitions" title="Direct link to Role-to-Scope Definitions">​</a></h3>
81
- <p>The <code>role-to-scope-definitions.yaml</code> file defines roles and their associated permissions:</p>
82
- <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">role_name</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Role description&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">scopes</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;scope1&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;scope2&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">inherits</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token comment" style="color:rgb(98, 114, 164)"># Optional - inherit scopes from other roles</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;parent_role1&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;parent_role2&quot;</span><br></span></code></pre></div></div>
83
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="user-to-role-assignments">User-to-Role Assignments<a href="#user-to-role-assignments" class="hash-link" aria-label="Direct link to User-to-Role Assignments" title="Direct link to User-to-Role Assignments">​</a></h3>
84
- <p>The <code>user-to-role-assignments.yaml</code> file maps users to roles:</p>
85
- <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token key atrule">users</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">user_identity</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">[</span><span class="token string" style="color:rgb(255, 121, 198)">&quot;role1&quot;</span><span class="token punctuation" style="color:rgb(248, 248, 242)">,</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;role2&quot;</span><span class="token punctuation" style="color:rgb(248, 248, 242)">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;User description&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token comment" style="color:rgb(98, 114, 164)"># Optional: Gateway-specific user identities</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">gateway_specific_identities</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">gateway_id:user_identity</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">[</span><span class="token string" style="color:rgb(255, 121, 198)">&quot;role1&quot;</span><span class="token punctuation" style="color:rgb(248, 248, 242)">,</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;role2&quot;</span><span class="token punctuation" style="color:rgb(248, 248, 242)">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;User with specific roles on this gateway&quot;</span><br></span></code></pre></div></div>
86
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="enterprise-configuration">Enterprise Configuration<a href="#enterprise-configuration" class="hash-link" aria-label="Direct link to Enterprise Configuration" title="Direct link to Enterprise Configuration">​</a></h3>
87
- <p>The enterprise configuration file references the RBAC configuration files:</p>
88
- <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token key atrule">authorization_service</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">type</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;default_rbac&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">role_to_scope_definitions_path</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;path/to/role-to-scope-definitions.yaml&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">user_to_role_assignments_path</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;path/to/user-to-role-assignments.yaml&quot;</span><br></span></code></pre></div></div>
89
- <h2 class="anchor anchorWithStickyNavbar_LWe7" id="example-configurations">Example Configurations<a href="#example-configurations" class="hash-link" aria-label="Direct link to Example Configurations" title="Direct link to Example Configurations">​</a></h2>
90
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="basic-production-configuration">Basic Production Configuration<a href="#basic-production-configuration" class="hash-link" aria-label="Direct link to Basic Production Configuration" title="Direct link to Basic Production Configuration">​</a></h3>
91
- <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token comment" style="color:rgb(98, 114, 164)"># role-to-scope-definitions.yaml</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">admin</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Administrator with full access&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">scopes</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;*&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">operator</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;System operator&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">scopes</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;tool:basic:*&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;tool:advanced:read&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;artifact:read&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;artifact:create&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;monitor/namespace/*:a2a_messages:subscribe&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">viewer</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Read-only access&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">scopes</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;tool:basic:read&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;artifact:read&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;monitor/namespace/*:a2a_messages:subscribe&quot;</span><br></span></code></pre></div></div>
92
- <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token comment" style="color:rgb(98, 114, 164)"># user-to-role-assignments.yaml</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">users</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">admin@company.com</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">[</span><span class="token string" style="color:rgb(255, 121, 198)">&quot;admin&quot;</span><span class="token punctuation" style="color:rgb(248, 248, 242)">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;System Administrator&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">operator@company.com</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">[</span><span class="token string" style="color:rgb(255, 121, 198)">&quot;operator&quot;</span><span class="token punctuation" style="color:rgb(248, 248, 242)">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;System Operator&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">viewer@company.com</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">[</span><span class="token string" style="color:rgb(255, 121, 198)">&quot;viewer&quot;</span><span class="token punctuation" style="color:rgb(248, 248, 242)">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Read-only User&quot;</span><br></span></code></pre></div></div>
93
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="using-ms-graph-for-user-role-assignments">Using MS Graph for User Role Assignments<a href="#using-ms-graph-for-user-role-assignments" class="hash-link" aria-label="Direct link to Using MS Graph for User Role Assignments" title="Direct link to Using MS Graph for User Role Assignments">​</a></h3>
94
- <p>For enterprise environments that use Microsoft Graph for user management:</p>
95
- <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token comment" style="color:rgb(98, 114, 164)"># enterprise_config.yaml</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">authorization_service</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">type</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;default_rbac&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">role_to_scope_definitions_path</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;configs/auth/role-to-scope-definitions.yaml&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">user_to_role_provider</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;ms_graph&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">ms_graph_config</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">ms_graph_tenant_id</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> $</span><span class="token punctuation" style="color:rgb(248, 248, 242)">{</span><span class="token plain">MS_GRAPH_TENANT_ID</span><span class="token punctuation" style="color:rgb(248, 248, 242)">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">ms_graph_client_id</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> $</span><span class="token punctuation" style="color:rgb(248, 248, 242)">{</span><span class="token plain">MS_GRAPH_CLIENT_ID</span><span class="token punctuation" style="color:rgb(248, 248, 242)">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">ms_graph_client_secret</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> $</span><span class="token punctuation" style="color:rgb(248, 248, 242)">{</span><span class="token plain">MS_GRAPH_CLIENT_SECRET</span><span class="token punctuation" style="color:rgb(248, 248, 242)">}</span><br></span></code></pre></div></div>
96
- <p>When using this configuration, set the environment variables in your Docker run command:</p>
97
- <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker run -d \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> --name sam-enterprise \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -p 8000:8000 \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -p 5002:5002 \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -v &quot;$(pwd)/config:/app/configs&quot; \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e MS_GRAPH_TENANT_ID=your-tenant-id \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e MS_GRAPH_CLIENT_ID=your-client-id \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e MS_GRAPH_CLIENT_SECRET=your-client-secret \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e NAMESPACE=enterprise_prod \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e WEBUI_GATEWAY_ID=enterprise_gateway \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> solace-agent-mesh-enterprise:&lt;tag&gt;</span><br></span></code></pre></div></div>
98
- <h2 class="anchor anchorWithStickyNavbar_LWe7" id="best-practices">Best Practices<a href="#best-practices" class="hash-link" aria-label="Direct link to Best Practices" title="Direct link to Best Practices">​</a></h2>
99
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="security-recommendations">Security Recommendations<a href="#security-recommendations" class="hash-link" aria-label="Direct link to Security Recommendations" title="Direct link to Security Recommendations">​</a></h3>
100
- <ol>
101
- <li><strong>Principle of Least Privilege</strong>: Assign users the minimum permissions necessary for their tasks</li>
102
- <li><strong>Regular Audits</strong>: Periodically review role assignments and permissions</li>
103
- <li><strong>Secure Configuration Files</strong>: Protect your RBAC configuration files with appropriate file permissions</li>
104
- <li><strong>Use Environment Variables</strong>: Store sensitive information like MS Graph credentials as environment variables</li>
105
- <li><strong>Avoid Development Configurations</strong>: Never use development configurations in production environments</li>
106
- </ol>
107
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="role-design-principles">Role Design Principles<a href="#role-design-principles" class="hash-link" aria-label="Direct link to Role Design Principles" title="Direct link to Role Design Principles">​</a></h3>
108
- <ol>
109
- <li><strong>Role Granularity</strong>: Create roles that align with job functions</li>
110
- <li><strong>Role Hierarchy</strong>: Use role inheritance to build a logical hierarchy</li>
111
- <li><strong>Descriptive Names</strong>: Use clear, descriptive names for roles</li>
112
- <li><strong>Documentation</strong>: Document the purpose and scope of each role</li>
113
- <li><strong>Minimize Wildcard Usage</strong>: Avoid using wildcards (<code>*</code>) except for admin roles</li>
114
- </ol>
115
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="docker-specific-recommendations">Docker-Specific Recommendations<a href="#docker-specific-recommendations" class="hash-link" aria-label="Direct link to Docker-Specific Recommendations" title="Direct link to Docker-Specific Recommendations">​</a></h3>
116
- <ol>
117
- <li><strong>Persistent Volumes</strong>: Use Docker volumes for persistent configuration storage</li>
118
- <li><strong>Environment-Specific Configs</strong>: Create separate configuration files for different environments</li>
119
- <li><strong>Health Checks</strong>: Implement health checks to verify RBAC is functioning correctly</li>
120
- <li><strong>Backup Configurations</strong>: Regularly backup your RBAC configuration files</li>
121
- <li><strong>Container Security</strong>: Follow Docker security best practices (non-root user, read-only filesystem where possible)</li>
122
- </ol>
123
- <h2 class="anchor anchorWithStickyNavbar_LWe7" id="troubleshooting">Troubleshooting<a href="#troubleshooting" class="hash-link" aria-label="Direct link to Troubleshooting" title="Direct link to Troubleshooting">​</a></h2>
124
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="common-issues-and-solutions">Common Issues and Solutions<a href="#common-issues-and-solutions" class="hash-link" aria-label="Direct link to Common Issues and Solutions" title="Direct link to Common Issues and Solutions">​</a></h3>
125
- <h4 class="anchor anchorWithStickyNavbar_LWe7" id="issue-authorization-denied-for-valid-user">Issue: Authorization Denied for Valid User<a href="#issue-authorization-denied-for-valid-user" class="hash-link" aria-label="Direct link to Issue: Authorization Denied for Valid User" title="Direct link to Issue: Authorization Denied for Valid User">​</a></h4>
126
- <p><strong>Symptoms</strong>:</p>
127
- <ul>
128
- <li>User cannot access features they should have permission to use</li>
129
- <li>Authorization denied messages in logs</li>
130
- </ul>
131
- <p><strong>Solutions</strong>:</p>
132
- <ol>
133
- <li>Verify the user identity matches exactly what&#x27;s in <code>user-to-role-assignments.yaml</code></li>
134
- <li>Check that the role has the necessary scopes</li>
135
- <li>Ensure configuration files are correctly mounted in the Docker container</li>
136
- <li>Check logs for authorization service errors
137
- ex:</li>
138
- </ol>
139
- <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">INFO:solace_ai_connector:[ConfigurableRbacAuthSvc] Successfully loaded role-to-scope definitions from: /app/configs/auth/role-to-scope-definitions1.yaml</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;enterprise_admin&#x27; loaded with 1 direct scopes, 1 resolved scopes.</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;data_analyst&#x27; loaded with 4 direct scopes, 4 resolved scopes.</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;standard_user&#x27; loaded with 1 direct scopes, 1 resolved scopes.</span><br></span></code></pre></div></div>
140
- <h4 class="anchor anchorWithStickyNavbar_LWe7" id="issue-configuration-files-not-found">Issue: Configuration Files Not Found<a href="#issue-configuration-files-not-found" class="hash-link" aria-label="Direct link to Issue: Configuration Files Not Found" title="Direct link to Issue: Configuration Files Not Found">​</a></h4>
141
- <p><strong>Symptoms</strong>:</p>
142
- <ul>
143
- <li>Error messages about missing configuration files</li>
144
- <li>Default/fallback authorization behavior</li>
145
- </ul>
146
- <p><strong>Solutions</strong>:</p>
147
- <ol>
148
- <li>Verify the file paths in your enterprise configuration</li>
149
- <li>Check that the volume mount is correct in your Docker run command</li>
150
- <li>Ensure file permissions allow the container user to read the files</li>
151
- <li>Check for typos in file names or paths</li>
152
- </ol>
153
- <h4 class="anchor anchorWithStickyNavbar_LWe7" id="issue-ms-graph-integration-not-working">Issue: MS Graph Integration Not Working<a href="#issue-ms-graph-integration-not-working" class="hash-link" aria-label="Direct link to Issue: MS Graph Integration Not Working" title="Direct link to Issue: MS Graph Integration Not Working">​</a></h4>
154
- <p><strong>Symptoms</strong>:</p>
155
- <ul>
156
- <li>Users cannot authenticate</li>
157
- <li>Error messages related to MS Graph in logs</li>
158
- </ul>
159
- <p><strong>Solutions</strong>:</p>
160
- <ol>
161
- <li>Verify MS Graph credentials are correct</li>
162
- <li>Check that environment variables are properly set</li>
163
- <li>Ensure the MS Graph application has the necessary permissions</li>
164
- <li>Check network connectivity from the container to MS Graph endpoints</li>
165
- </ol>
166
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="debugging-authorization">Debugging Authorization<a href="#debugging-authorization" class="hash-link" aria-label="Direct link to Debugging Authorization" title="Direct link to Debugging Authorization">​</a></h3>
167
- <p>To debug authorization issues:</p>
168
- <ol>
169
- <li>
170
- <p><strong>Enable Debug Logging</strong>:</p>
171
- <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token comment" style="color:rgb(98, 114, 164)"># Add to your enterprise_config.yaml</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">log_level</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;DEBUG&quot;</span><br></span></code></pre></div></div>
172
- </li>
173
- <li>
174
- <p><strong>Check Container Logs</strong>:</p>
175
- <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker logs sam-enterprise</span><br></span></code></pre></div></div>
176
- </li>
177
- <li>
178
- <p><strong>Verify Configuration Loading</strong>:
179
- Look for log messages with <code>[EnterpriseConfigResolverImpl]</code> or <code>[ConfigurableRbacAuthSvc]</code> prefixes</p>
180
- </li>
181
- <li>
182
- <p><strong>Test with Admin User</strong>:
183
- Temporarily assign the user to an admin role to verify if it&#x27;s a permission issue</p>
184
- </li>
185
- <li>
186
- <p><strong>Inspect Mounted Files</strong>:</p>
187
- <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker exec -it sam-enterprise ls -la /app/configs/auth</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker exec -it sam-enterprise cat /app/configs/auth/role-to-scope-definitions.yaml</span><br></span></code></pre></div></div>
188
- </li>
189
- </ol>
190
- <h3 class="anchor anchorWithStickyNavbar_LWe7" id="getting-help">Getting Help<a href="#getting-help" class="hash-link" aria-label="Direct link to Getting Help" title="Direct link to Getting Help">​</a></h3>
191
- <p>If you continue to experience issues:</p>
192
- <ol>
193
- <li>Check the SAM Enterprise documentation</li>
194
- <li>Review the logs for specific error messages</li>
195
- <li>Contact Solace support with details of your configuration and the issues you&#x27;re experiencing</li>
196
- </ol>
197
- <h2 class="anchor anchorWithStickyNavbar_LWe7" id="conclusion">Conclusion<a href="#conclusion" class="hash-link" aria-label="Direct link to Conclusion" title="Direct link to Conclusion">​</a></h2>
198
- <p>Setting up Role-Based Access Control in your SAM Enterprise Docker installation provides enhanced security and granular access control. By following this guide, you can configure RBAC to meet your organization&#x27;s specific requirements while maintaining a secure and manageable environment.</p>
199
- <p>Remember to regularly review and update your RBAC configuration as your organization&#x27;s needs evolve, and always follow security best practices when managing access control.</p></div><footer class="theme-doc-footer docusaurus-mt-lg"><div class="row margin-top--sm theme-doc-footer-edit-meta-row"><div class="col"><a href="https://github.com/SolaceLabs/solace-agent-mesh/edit/main/docs/docs/documentation/Enterprise/rbac-setup-guilde.md" target="_blank" rel="noopener noreferrer" class="theme-edit-this-page"><svg fill="currentColor" height="20" width="20" viewBox="0 0 40 40" class="iconEdit_Z9Sw" aria-hidden="true"><g><path d="m34.5 11.7l-3 3.1-6.3-6.3 3.1-3q0.5-0.5 1.2-0.5t1.1 0.5l3.9 3.9q0.5 0.4 0.5 1.1t-0.5 1.2z m-29.5 17.1l18.4-18.5 6.3 6.3-18.4 18.4h-6.3v-6.2z"></path></g></svg>Edit this page</a></div><div class="col lastUpdated_JAkA"></div></div></footer></article><nav class="docusaurus-mt-lg pagination-nav" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/solace-agent-mesh/docs/documentation/Enterprise/installation"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Installation</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/solace-agent-mesh/docs/documentation/Enterprise/single-sign-on"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">SSO</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#table-of-contents" class="table-of-contents__link toc-highlight">Table of Contents</a></li><li><a href="#introduction-to-rbac-in-sam-enterprise" class="table-of-contents__link toc-highlight">Introduction to RBAC in SAM Enterprise</a></li><li><a href="#docker-installation-with-rbac" class="table-of-contents__link toc-highlight">Docker Installation with RBAC</a><ul><li><a href="#prerequisites" class="table-of-contents__link toc-highlight">Prerequisites</a></li><li><a href="#step-1-create-rbac-configuration-files" class="table-of-contents__link toc-highlight">Step 1: Create RBAC Configuration Files</a></li><li><a href="#step-2-configure-role-definitions" class="table-of-contents__link toc-highlight">Step 2: Configure Role Definitions</a></li><li><a href="#step-3-configure-user-assignments" class="table-of-contents__link toc-highlight">Step 3: Configure User Assignments</a></li><li><a href="#step-4-create-enterprise-configuration" class="table-of-contents__link toc-highlight">Step 4: Create Enterprise Configuration</a></li><li><a href="#step-5-run-the-docker-container-with-mounted-configurations" class="table-of-contents__link toc-highlight">Step 5: Run the Docker Container with Mounted Configurations</a></li><li><a href="#step-6-verify-rbac-configuration" class="table-of-contents__link toc-highlight">Step 6: Verify RBAC Configuration</a></li></ul></li><li><a href="#configuration-file-structure" class="table-of-contents__link toc-highlight">Configuration File Structure</a><ul><li><a href="#role-to-scope-definitions" class="table-of-contents__link toc-highlight">Role-to-Scope Definitions</a></li><li><a href="#user-to-role-assignments" class="table-of-contents__link toc-highlight">User-to-Role Assignments</a></li><li><a href="#enterprise-configuration" class="table-of-contents__link toc-highlight">Enterprise Configuration</a></li></ul></li><li><a href="#example-configurations" class="table-of-contents__link toc-highlight">Example Configurations</a><ul><li><a href="#basic-production-configuration" class="table-of-contents__link toc-highlight">Basic Production Configuration</a></li><li><a href="#using-ms-graph-for-user-role-assignments" class="table-of-contents__link toc-highlight">Using MS Graph for User Role Assignments</a></li></ul></li><li><a href="#best-practices" class="table-of-contents__link toc-highlight">Best Practices</a><ul><li><a href="#security-recommendations" class="table-of-contents__link toc-highlight">Security Recommendations</a></li><li><a href="#role-design-principles" class="table-of-contents__link toc-highlight">Role Design Principles</a></li><li><a href="#docker-specific-recommendations" class="table-of-contents__link toc-highlight">Docker-Specific Recommendations</a></li></ul></li><li><a href="#troubleshooting" class="table-of-contents__link toc-highlight">Troubleshooting</a><ul><li><a href="#common-issues-and-solutions" class="table-of-contents__link toc-highlight">Common Issues and Solutions</a></li><li><a href="#debugging-authorization" class="table-of-contents__link toc-highlight">Debugging Authorization</a></li><li><a href="#getting-help" class="table-of-contents__link toc-highlight">Getting Help</a></li></ul></li><li><a href="#conclusion" class="table-of-contents__link toc-highlight">Conclusion</a></li></ul></div></div></div></div></main></div></div></div><footer class="theme-layout-footer footer footer--dark"><div class="container container-fluid"><div class="row footer__links"><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Solace Agent Mesh</div><ul class="footer__items clean-list"><li class="footer__item"><a class="footer__link-item" href="/solace-agent-mesh/docs/documentation/getting-started/introduction">Documentation</a></li><li class="footer__item"><a href="https://github.com/SolaceLabs/solace-agent-mesh/" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://github.com/SolaceLabs/solace-agent-mesh-core-plugins/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Official Plugins<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Company</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://solace.com/products/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Products<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/contact/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Contact<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/support/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Support<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/legal/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Privacy and Legal<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Community</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://www.linkedin.com/company/solacedotcom/" target="_blank" rel="noopener noreferrer" class="footer__link-item">LinkedIn<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://github.com/SolaceLabs" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://www.youtube.com/SolaceSystems" target="_blank" rel="noopener noreferrer" class="footer__link-item">YouTube<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://twitter.com/solacedotcom" target="_blank" rel="noopener noreferrer" class="footer__link-item">X<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div></div><div class="footer__bottom text--center"><div class="margin-bottom--sm"><img src="/solace-agent-mesh/img/solace-logo.png" alt="Solace Logo" class="footer__logo themedComponent_mlkZ themedComponent--light_NVdE" width="10%" height="10%"><img src="/solace-agent-mesh/img/solace-logo.png" alt="Solace Logo" class="footer__logo themedComponent_mlkZ themedComponent--dark_xIcU" width="10%" height="10%"></div><div class="footer__copyright">Solace Agent Mesh. Copyright © 2025 Solace. Version: 1.5.0</div></div></div></footer></div>
200
- </body>
201
- </html>