solace-agent-mesh 1.6.2__py3-none-any.whl → 1.6.3__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of solace-agent-mesh might be problematic. Click here for more details.

Files changed (70) hide show
  1. solace_agent_mesh/agent/adk/services.py +3 -3
  2. solace_agent_mesh/assets/docs/404.html +3 -3
  3. solace_agent_mesh/assets/docs/assets/js/94e8668d.3b883666.js +1 -0
  4. solace_agent_mesh/assets/docs/assets/js/{main.d1643f0b.js → main.ed05b14d.js} +2 -2
  5. solace_agent_mesh/assets/docs/assets/js/{runtime~main.97f920d4.js → runtime~main.a8a75e0b.js} +1 -1
  6. solace_agent_mesh/assets/docs/docs/documentation/components/agents/index.html +3 -3
  7. solace_agent_mesh/assets/docs/docs/documentation/components/builtin-tools/artifact-management/index.html +3 -3
  8. solace_agent_mesh/assets/docs/docs/documentation/components/builtin-tools/audio-tools/index.html +3 -3
  9. solace_agent_mesh/assets/docs/docs/documentation/components/builtin-tools/data-analysis-tools/index.html +3 -3
  10. solace_agent_mesh/assets/docs/docs/documentation/components/builtin-tools/embeds/index.html +3 -3
  11. solace_agent_mesh/assets/docs/docs/documentation/components/builtin-tools/index.html +3 -3
  12. solace_agent_mesh/assets/docs/docs/documentation/components/cli/index.html +3 -3
  13. solace_agent_mesh/assets/docs/docs/documentation/components/gateways/index.html +3 -3
  14. solace_agent_mesh/assets/docs/docs/documentation/components/index.html +3 -3
  15. solace_agent_mesh/assets/docs/docs/documentation/components/orchestrator/index.html +3 -3
  16. solace_agent_mesh/assets/docs/docs/documentation/components/plugins/index.html +3 -3
  17. solace_agent_mesh/assets/docs/docs/documentation/components/proxies/index.html +3 -3
  18. solace_agent_mesh/assets/docs/docs/documentation/deploying/debugging/index.html +3 -3
  19. solace_agent_mesh/assets/docs/docs/documentation/deploying/deployment-options/index.html +3 -3
  20. solace_agent_mesh/assets/docs/docs/documentation/deploying/index.html +3 -3
  21. solace_agent_mesh/assets/docs/docs/documentation/deploying/logging/index.html +3 -3
  22. solace_agent_mesh/assets/docs/docs/documentation/deploying/observability/index.html +3 -3
  23. solace_agent_mesh/assets/docs/docs/documentation/developing/create-agents/index.html +3 -3
  24. solace_agent_mesh/assets/docs/docs/documentation/developing/create-gateways/index.html +3 -3
  25. solace_agent_mesh/assets/docs/docs/documentation/developing/creating-python-tools/index.html +3 -3
  26. solace_agent_mesh/assets/docs/docs/documentation/developing/creating-service-providers/index.html +3 -3
  27. solace_agent_mesh/assets/docs/docs/documentation/developing/evaluations/index.html +3 -3
  28. solace_agent_mesh/assets/docs/docs/documentation/developing/index.html +3 -3
  29. solace_agent_mesh/assets/docs/docs/documentation/developing/structure/index.html +3 -3
  30. solace_agent_mesh/assets/docs/docs/documentation/developing/tutorials/bedrock-agents/index.html +3 -3
  31. solace_agent_mesh/assets/docs/docs/documentation/developing/tutorials/custom-agent/index.html +3 -3
  32. solace_agent_mesh/assets/docs/docs/documentation/developing/tutorials/event-mesh-gateway/index.html +3 -3
  33. solace_agent_mesh/assets/docs/docs/documentation/developing/tutorials/mcp-integration/index.html +3 -3
  34. solace_agent_mesh/assets/docs/docs/documentation/developing/tutorials/mongodb-integration/index.html +3 -3
  35. solace_agent_mesh/assets/docs/docs/documentation/developing/tutorials/rag-integration/index.html +3 -3
  36. solace_agent_mesh/assets/docs/docs/documentation/developing/tutorials/rest-gateway/index.html +3 -3
  37. solace_agent_mesh/assets/docs/docs/documentation/developing/tutorials/slack-integration/index.html +3 -3
  38. solace_agent_mesh/assets/docs/docs/documentation/developing/tutorials/sql-database/index.html +3 -3
  39. solace_agent_mesh/assets/docs/docs/documentation/enterprise/index.html +3 -3
  40. solace_agent_mesh/assets/docs/docs/documentation/enterprise/installation/index.html +3 -3
  41. solace_agent_mesh/assets/docs/docs/documentation/enterprise/rbac-setup-guide/index.html +23 -28
  42. solace_agent_mesh/assets/docs/docs/documentation/enterprise/single-sign-on/index.html +3 -3
  43. solace_agent_mesh/assets/docs/docs/documentation/getting-started/architecture/index.html +3 -3
  44. solace_agent_mesh/assets/docs/docs/documentation/getting-started/index.html +3 -3
  45. solace_agent_mesh/assets/docs/docs/documentation/getting-started/introduction/index.html +3 -3
  46. solace_agent_mesh/assets/docs/docs/documentation/getting-started/try-agent-mesh/index.html +3 -3
  47. solace_agent_mesh/assets/docs/docs/documentation/installing-and-configuring/configurations/index.html +3 -3
  48. solace_agent_mesh/assets/docs/docs/documentation/installing-and-configuring/index.html +3 -3
  49. solace_agent_mesh/assets/docs/docs/documentation/installing-and-configuring/installation/index.html +3 -3
  50. solace_agent_mesh/assets/docs/docs/documentation/installing-and-configuring/large_language_models/index.html +3 -3
  51. solace_agent_mesh/assets/docs/docs/documentation/installing-and-configuring/run-project/index.html +3 -3
  52. solace_agent_mesh/assets/docs/docs/documentation/migrations/a2a-upgrade/a2a-gateway-upgrade-to-0.3.0/index.html +3 -3
  53. solace_agent_mesh/assets/docs/docs/documentation/migrations/a2a-upgrade/a2a-technical-migration-map/index.html +3 -3
  54. solace_agent_mesh/assets/docs/lunr-index-1761744323675.json +1 -0
  55. solace_agent_mesh/assets/docs/lunr-index.json +1 -1
  56. solace_agent_mesh/assets/docs/search-doc-1761744323675.json +1 -0
  57. solace_agent_mesh/assets/docs/search-doc.json +1 -1
  58. solace_agent_mesh/cli/__init__.py +1 -1
  59. solace_agent_mesh/gateway/http_sse/app.py +19 -0
  60. solace_agent_mesh/gateway/http_sse/component.py +143 -72
  61. solace_agent_mesh/gateway/http_sse/main.py +32 -9
  62. {solace_agent_mesh-1.6.2.dist-info → solace_agent_mesh-1.6.3.dist-info}/METADATA +1 -1
  63. {solace_agent_mesh-1.6.2.dist-info → solace_agent_mesh-1.6.3.dist-info}/RECORD +67 -67
  64. solace_agent_mesh/assets/docs/assets/js/94e8668d.b5ddb7a1.js +0 -1
  65. solace_agent_mesh/assets/docs/lunr-index-1761663789856.json +0 -1
  66. solace_agent_mesh/assets/docs/search-doc-1761663789856.json +0 -1
  67. /solace_agent_mesh/assets/docs/assets/js/{main.d1643f0b.js.LICENSE.txt → main.ed05b14d.js.LICENSE.txt} +0 -0
  68. {solace_agent_mesh-1.6.2.dist-info → solace_agent_mesh-1.6.3.dist-info}/WHEEL +0 -0
  69. {solace_agent_mesh-1.6.2.dist-info → solace_agent_mesh-1.6.3.dist-info}/entry_points.txt +0 -0
  70. {solace_agent_mesh-1.6.2.dist-info → solace_agent_mesh-1.6.3.dist-info}/licenses/LICENSE +0 -0
solace_agent_mesh/assets/docs/docs/documentation/enterprise/rbac-setup-guide/index.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.8.1">
6
6
  <title data-rh="true">Setting Up RBAC | Solace Agent Mesh</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:image" content="https://solacelabs.github.io/solace-agent-mesh/img/logo.png"><meta data-rh="true" name="twitter:image" content="https://solacelabs.github.io/solace-agent-mesh/img/logo.png"><meta data-rh="true" property="og:url" content="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/enterprise/rbac-setup-guide"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="Setting Up RBAC | Solace Agent Mesh"><meta data-rh="true" name="description" content="This guide walks you through configuring Role-Based Access Control (RBAC) in a Docker installation for Agent Mesh. You will learn how to control access to Agent Mesh Enterprise features and resources based on user roles and permissions."><meta data-rh="true" property="og:description" content="This guide walks you through configuring Role-Based Access Control (RBAC) in a Docker installation for Agent Mesh. You will learn how to control access to Agent Mesh Enterprise features and resources based on user roles and permissions."><link data-rh="true" rel="icon" href="/solace-agent-mesh/img/logo.png"><link data-rh="true" rel="canonical" href="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/enterprise/rbac-setup-guide"><link data-rh="true" rel="alternate" href="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/enterprise/rbac-setup-guide" hreflang="en"><link data-rh="true" rel="alternate" href="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/enterprise/rbac-setup-guide" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Agent Mesh Enterprise","item":"https://solacelabs.github.io/solace-agent-mesh/docs/documentation/enterprise/"},{"@type":"ListItem","position":2,"name":"Setting Up RBAC","item":"https://solacelabs.github.io/solace-agent-mesh/docs/documentation/enterprise/rbac-setup-guide"}]}</script><link rel="stylesheet" href="/solace-agent-mesh/assets/css/styles.906a1503.css">
7
- <script src="/solace-agent-mesh/assets/js/runtime~main.97f920d4.js" defer="defer"></script>
8
- <script src="/solace-agent-mesh/assets/js/main.d1643f0b.js" defer="defer"></script>
7
+ <script src="/solace-agent-mesh/assets/js/runtime~main.a8a75e0b.js" defer="defer"></script>
8
+ <script src="/solace-agent-mesh/assets/js/main.ed05b14d.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg xmlns="http://www.w3.org/2000/svg" style="display: none;"><defs>
@@ -68,11 +68,12 @@
68
68
  </ul>
69
69
  <h3 class="anchor anchorWithStickyNavbar_LWe7" id="creating-the-configuration-directory-structure">Creating the Configuration Directory Structure<a href="#creating-the-configuration-directory-structure" class="hash-link" aria-label="Direct link to Creating the Configuration Directory Structure" title="Direct link to Creating the Configuration Directory Structure">​</a></h3>
70
70
  <p>You need to create a directory structure on your host system to store RBAC configuration files. The Docker container will mount this directory to access your configurations.</p>
71
- <p>Create the directory structure:</p>
72
- <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">mkdir -p sam-enterprise/configs/auth</span><br></span></code></pre></div></div>
73
- <p>This command creates a <code>sam-enterprise</code> directory with a nested <code>configs/auth</code> subdirectory. The <code>auth</code> subdirectory will contain your RBAC configuration files, while the <code>configs</code> directory can hold other configuration files you might need.</p>
71
+ <p>Create the directory structure as follows:</p>
72
+ <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">mkdir -p sam-enterprise/config/auth</span><br></span></code></pre></div></div>
73
+ <p>This command creates a <code>sam-enterprise</code> directory with a nested <code>config/auth</code> subdirectory. The <code>auth</code> subdirectory will contain your RBAC configuration files.</p>
74
74
  <h3 class="anchor anchorWithStickyNavbar_LWe7" id="defining-roles-and-permissions">Defining Roles and Permissions<a href="#defining-roles-and-permissions" class="hash-link" aria-label="Direct link to Defining Roles and Permissions" title="Direct link to Defining Roles and Permissions">​</a></h3>
75
- <p>Create a file named <code>role-to-scope-definitions.yaml</code> in the <code>sam-enterprise/configs/auth</code> directory. This file defines all roles in your system and the scopes (permissions) associated with each role.</p>
75
+ <p>Create a file named <code>role-to-scope-definitions.yaml</code> in the <code>sam-enterprise/config/auth</code> directory.
76
+ This file defines all roles in your system and the scopes (permissions) associated with each role.</p>
76
77
  <p>Here is an example configuration that defines three roles:</p>
77
78
  <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token comment" style="color:rgb(98, 114, 164)"># role-to-scope-definitions.yaml</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">enterprise_admin</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Full access for enterprise administrators&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">scopes</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;*&quot;</span><span class="token plain"> </span><span class="token comment" style="color:rgb(98, 114, 164)"># Wildcard grants all permissions</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">data_analyst</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Data analysis and visualization specialist&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">scopes</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;tool:data:*&quot;</span><span class="token plain"> </span><span class="token comment" style="color:rgb(98, 114, 164)"># All data tools</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;artifact:read&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;artifact:create&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;monitor/namespace/*:a2a_messages:subscribe&quot;</span><span class="token plain"> </span><span class="token comment" style="color:rgb(98, 114, 164)"># Can monitor any namespace</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">standard_user</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Standard user with basic access&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">scopes</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;artifact:read&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;tool:basic:read&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">-</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;tool:basic:search&quot;</span><br></span></code></pre></div></div>
78
79
  <p>This configuration creates three distinct roles:</p>
@@ -80,29 +81,25 @@
80
81
  <p>The <code>data_analyst</code> role receives permissions tailored for data analysis work. The scope <code>tool:data:*</code> grants all permissions for data-related tools (read, write, execute). The <code>artifact:read</code> and <code>artifact:create</code> scopes allow analysts to view existing artifacts and create new ones. The monitoring scope <code>monitor/namespace/*:a2a_messages:subscribe</code> enables analysts to observe message traffic across all namespaces, which helps them understand data flows.</p>
81
82
  <p>The <code>standard_user</code> role provides minimal permissions for basic operations. Users with this role can read artifacts and perform basic tool operations but cannot create new artifacts or access advanced features.</p>
82
83
  <h3 class="anchor anchorWithStickyNavbar_LWe7" id="assigning-users-to-roles">Assigning Users to Roles<a href="#assigning-users-to-roles" class="hash-link" aria-label="Direct link to Assigning Users to Roles" title="Direct link to Assigning Users to Roles">​</a></h3>
83
- <p>Create a file named <code>user-to-role-assignments.yaml</code> in the <code>sam-enterprise/configs/auth</code> directory. This file maps user identities to roles.</p>
84
+ <p>Create a file named <code>user-to-role-assignments.yaml</code> in the <code>sam-enterprise/config/auth</code> directory. This file maps user identities to roles.</p>
84
85
  <p>Here is an example configuration:</p>
85
86
  <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token comment" style="color:rgb(98, 114, 164)"># user-to-role-assignments.yaml</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">users</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">admin@example.com</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">[</span><span class="token string" style="color:rgb(255, 121, 198)">&quot;enterprise_admin&quot;</span><span class="token punctuation" style="color:rgb(248, 248, 242)">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Enterprise Administrator Account&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">data.analyst@example.com</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">[</span><span class="token string" style="color:rgb(255, 121, 198)">&quot;data_analyst&quot;</span><span class="token punctuation" style="color:rgb(248, 248, 242)">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Senior Data Analyst&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">user1@example.com</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">roles</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">[</span><span class="token string" style="color:rgb(255, 121, 198)">&quot;standard_user&quot;</span><span class="token punctuation" style="color:rgb(248, 248, 242)">]</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">description</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;Standard Enterprise User&quot;</span><br></span></code></pre></div></div>
86
87
  <p>Each entry in this file maps a user identity (typically an email address) to one or more roles. The user identity must match exactly what your authentication system provides because Agent Mesh Enterprise performs case-sensitive matching.</p>
87
88
  <p>You can assign multiple roles to a single user by listing them in the <code>roles</code> array. When a user has multiple roles, they receive the combined permissions from all assigned roles. For example, if you assign both <code>data_analyst</code> and <code>standard_user</code> roles to a user, they receive all scopes from both roles.</p>
88
89
  <p>The <code>description</code> field is optional but recommended. It helps you document the purpose of each user account, which is valuable when reviewing or auditing your RBAC configuration.</p>
89
90
  <h3 class="anchor anchorWithStickyNavbar_LWe7" id="creating-the-enterprise-configuration">Creating the Enterprise Configuration<a href="#creating-the-enterprise-configuration" class="hash-link" aria-label="Direct link to Creating the Enterprise Configuration" title="Direct link to Creating the Enterprise Configuration">​</a></h3>
90
- <p>Create a file named <code>enterprise_config.yaml</code> in the <code>sam-enterprise/configs</code> directory (not in the <code>auth</code> subdirectory). This file tells Agent Mesh Enterprise where to find your RBAC configuration files and how to use them.</p>
91
- <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token comment" style="color:rgb(98, 114, 164)"># enterprise_config.yaml</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">authorization_service</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">type</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;default_rbac&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">role_to_scope_definitions_path</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;configs/auth/role-to-scope-definitions.yaml&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">user_to_role_assignments_path</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;configs/auth/user-to-role-assignments.yaml&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">namespace</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;enterprise_prod&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">gateway_id</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;enterprise_gateway&quot;</span><br></span></code></pre></div></div>
91
+ <p>Create a file named <code>enterprise_config.yaml</code> in the <code>sam-enterprise/config</code> directory (not in the <code>auth</code> subdirectory). This file tells Agent Mesh Enterprise where to find your RBAC configuration files and how to use them.</p>
92
+ <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token comment" style="color:rgb(98, 114, 164)"># enterprise_config.yaml</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">authorization_service</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">type</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;default_rbac&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">role_to_scope_definitions_path</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;config/auth/role-to-scope-definitions.yaml&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">user_to_role_assignments_path</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;config/auth/user-to-role-assignments.yaml&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">namespace</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;enterprise_prod&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">gateway_id</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;enterprise_gateway&quot;</span><br></span></code></pre></div></div>
92
93
  <p>The <code>authorization_service</code> section configures the RBAC system. The <code>type</code> field specifies <code>default_rbac</code>, which tells Agent Mesh Enterprise to use the file-based RBAC system. The two path fields point to your RBAC configuration files—these paths are relative to the container&#x27;s working directory, not your host system.</p>
93
94
  <p>The <code>namespace</code> and <code>gateway_id</code> fields configure the Agent Mesh Enterprise instance. The namespace isolates this instance from others, while the gateway ID identifies the web interface gateway.</p>
94
95
  <h3 class="anchor anchorWithStickyNavbar_LWe7" id="running-the-docker-container">Running the Docker Container<a href="#running-the-docker-container" class="hash-link" aria-label="Direct link to Running the Docker Container" title="Direct link to Running the Docker Container">​</a></h3>
95
- <p>Now you can start the Docker container with your RBAC configuration. Navigate to your <code>sam-enterprise</code> directory and run:</p>
96
- <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">cd sam-enterprise</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker run -d \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> --name sam-enterprise \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -p 8000:8000 \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -p 5002:5002 \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -v &quot;$(pwd)/configs:/app/configs&quot; \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e SAM_AUTHORIZATION_CONFIG=&quot;/app/configs/enterprise_config.yaml&quot; \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e NAMESPACE=enterprise_prod \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e WEBUI_GATEWAY_ID=enterprise_gateway \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e ... list here all other necessary env vars ...</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> solace-agent-mesh-enterprise:&lt;tagname&gt; run configs</span><br></span></code></pre></div></div>
97
- <p>This command performs several important operations:</p>
98
- <p>The <code>-d</code> flag runs the container in detached mode, which means it runs in the background and does not block your terminal.</p>
99
- <p>The <code>-p</code> flags map container ports to host ports. Port 8000 is the API port, and port 5002 is the web interface port. After the container starts, you can access the web interface at <code>http://localhost:5002</code>.</p>
100
- <p>The <code>-v</code> flag mounts your local <code>configs</code> directory to <code>/app/configs</code> inside the container. This mount allows the container to read your RBAC configuration files. The <code>$(pwd)</code> command expands to your current directory path, ensuring the mount works regardless of where you run the command.</p>
101
- <p>The <code>-e</code> flags set environment variables inside the container. The <code>SAM_AUTHORIZATION_CONFIG</code> variable tells Agent Mesh Enterprise where to find the main configuration file. The <code>NAMESPACE</code> and <code>WEBUI_GATEWAY_ID</code> variables must match the values in your <code>enterprise_config.yaml</code> file.</p>
96
+ <p>Now you can start the Docker container with your RBAC configuration.
97
+ Navigate to your <code>sam-enterprise</code> directory and run:</p>
98
+ <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">cd sam-enterprise</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker run -d \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> --name sam-enterprise \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -p 8001:8000 \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -v &quot;$(pwd):/app&quot; \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e SAM_AUTHORIZATION_CONFIG=&quot;/app/config/auth/enterprise_config.yaml&quot; \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e NAMESPACE=enterprise_prod \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e WEBUI_GATEWAY_ID=enterprise_gateway \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e ... list here all other necessary env vars ...</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> solace-agent-mesh-enterprise:&lt;tagname&gt;</span><br></span></code></pre></div></div>
102
99
  <h3 class="anchor anchorWithStickyNavbar_LWe7" id="verifying-your-configuration">Verifying Your Configuration<a href="#verifying-your-configuration" class="hash-link" aria-label="Direct link to Verifying Your Configuration" title="Direct link to Verifying Your Configuration">​</a></h3>
103
100
  <p>After starting the container, you should verify that RBAC is working correctly. Follow these steps:</p>
104
101
  <ol>
105
- <li>Open your web browser and navigate to <code>http://localhost:5002</code></li>
102
+ <li>Open your web browser and navigate to <code>http://localhost:8001</code></li>
106
103
  <li>Log in using one of the user identities defined in your <code>user-to-role-assignments.yaml</code> file</li>
107
104
  <li>Attempt to access features that the user should have permission to use</li>
108
105
  <li>Attempt to access features that the user should not have permission to use</li>
@@ -111,7 +108,7 @@
111
108
  <p>You can also check the container logs to verify that Agent Mesh Enterprise loaded your configuration files:</p>
112
109
  <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker logs sam-enterprise</span><br></span></code></pre></div></div>
113
110
  <p>Look for log messages that indicate successful configuration loading. You should see messages similar to:</p>
114
- <div class="language-text codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">INFO:solace_ai_connector:[ConfigurableRbacAuthSvc] Successfully loaded role-to-scope definitions from: /app/configs/auth/role-to-scope-definitions.yaml</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;enterprise_admin&#x27; loaded with 1 direct scopes, 1 resolved scopes.</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;data_analyst&#x27; loaded with 4 direct scopes, 4 resolved scopes.</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;standard_user&#x27; loaded with 3 direct scopes, 3 resolved scopes.</span><br></span></code></pre></div></div>
111
+ <div class="language-text codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">INFO:solace_ai_connector:[ConfigurableRbacAuthSvc] Successfully loaded role-to-scope definitions from: /app/config/auth/role-to-scope-definitions.yaml</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;enterprise_admin&#x27; loaded with 1 direct scopes, 1 resolved scopes.</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;data_analyst&#x27; loaded with 4 direct scopes, 4 resolved scopes.</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;standard_user&#x27; loaded with 3 direct scopes, 3 resolved scopes.</span><br></span></code></pre></div></div>
115
112
  <p>These messages confirm that Agent Mesh Enterprise found and parsed your configuration files correctly.</p>
116
113
  <h2 class="anchor anchorWithStickyNavbar_LWe7" id="understanding-configuration-files">Understanding Configuration Files<a href="#understanding-configuration-files" class="hash-link" aria-label="Direct link to Understanding Configuration Files" title="Direct link to Understanding Configuration Files">​</a></h2>
117
114
  <p>Now that you have a working RBAC configuration, you should understand the full structure and capabilities of each configuration file. This knowledge helps you customize the configuration to meet your specific needs.</p>
@@ -130,7 +127,6 @@
130
127
  <h3 class="anchor anchorWithStickyNavbar_LWe7" id="enterprise-configuration-structure">Enterprise Configuration Structure<a href="#enterprise-configuration-structure" class="hash-link" aria-label="Direct link to Enterprise Configuration Structure" title="Direct link to Enterprise Configuration Structure">​</a></h3>
131
128
  <p>The enterprise configuration file supports multiple authorization service types. Here is the complete structure for the file-based RBAC system:</p>
132
129
  <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token key atrule">authorization_service</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">type</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;default_rbac&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">role_to_scope_definitions_path</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;path/to/role-to-scope-definitions.yaml&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">user_to_role_assignments_path</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;path/to/user-to-role-assignments.yaml&quot;</span><br></span></code></pre></div></div>
133
- <p>The paths you specify are relative to the container&#x27;s working directory. When you mount your <code>configs</code> directory to <code>/app/configs</code>, you should use paths like <code>configs/auth/role-to-scope-definitions.yaml</code>.</p>
134
130
  <h2 class="anchor anchorWithStickyNavbar_LWe7" id="advanced-configuration-options">Advanced Configuration Options<a href="#advanced-configuration-options" class="hash-link" aria-label="Direct link to Advanced Configuration Options" title="Direct link to Advanced Configuration Options">​</a></h2>
135
131
  <p>After you have a basic RBAC configuration working, you might want to explore advanced options that provide additional flexibility and integration capabilities.</p>
136
132
  <h3 class="anchor anchorWithStickyNavbar_LWe7" id="production-ready-role-configuration">Production-Ready Role Configuration<a href="#production-ready-role-configuration" class="hash-link" aria-label="Direct link to Production-Ready Role Configuration" title="Direct link to Production-Ready Role Configuration">​</a></h3>
@@ -142,11 +138,11 @@
142
138
  <h3 class="anchor anchorWithStickyNavbar_LWe7" id="integrating-with-microsoft-graph">Integrating with Microsoft Graph<a href="#integrating-with-microsoft-graph" class="hash-link" aria-label="Direct link to Integrating with Microsoft Graph" title="Direct link to Integrating with Microsoft Graph">​</a></h3>
143
139
  <p>For enterprise environments that use Microsoft Entra ID (formerly Azure AD) for user management, you can integrate Agent Mesh Enterprise with Microsoft Graph. This integration allows you to manage user role assignments through Microsoft Graph instead of maintaining a separate YAML file.</p>
144
140
  <p>To configure Microsoft Graph integration, modify your <code>enterprise_config.yaml</code>:</p>
145
- <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token comment" style="color:rgb(98, 114, 164)"># enterprise_config.yaml</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">authorization_service</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">type</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;default_rbac&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">role_to_scope_definitions_path</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;configs/auth/role-to-scope-definitions.yaml&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">user_to_role_provider</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;ms_graph&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">ms_graph_config</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">ms_graph_tenant_id</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> $</span><span class="token punctuation" style="color:rgb(248, 248, 242)">{</span><span class="token plain">MS_GRAPH_TENANT_ID</span><span class="token punctuation" style="color:rgb(248, 248, 242)">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">ms_graph_client_id</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> $</span><span class="token punctuation" style="color:rgb(248, 248, 242)">{</span><span class="token plain">MS_GRAPH_CLIENT_ID</span><span class="token punctuation" style="color:rgb(248, 248, 242)">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">ms_graph_client_secret</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> $</span><span class="token punctuation" style="color:rgb(248, 248, 242)">{</span><span class="token plain">MS_GRAPH_CLIENT_SECRET</span><span class="token punctuation" style="color:rgb(248, 248, 242)">}</span><br></span></code></pre></div></div>
141
+ <div class="language-yaml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-yaml codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token comment" style="color:rgb(98, 114, 164)"># enterprise_config.yaml</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token key atrule">authorization_service</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">type</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;default_rbac&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">role_to_scope_definitions_path</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;config/auth/role-to-scope-definitions.yaml&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">user_to_role_provider</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> </span><span class="token string" style="color:rgb(255, 121, 198)">&quot;ms_graph&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">ms_graph_config</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">ms_graph_tenant_id</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> $</span><span class="token punctuation" style="color:rgb(248, 248, 242)">{</span><span class="token plain">MS_GRAPH_TENANT_ID</span><span class="token punctuation" style="color:rgb(248, 248, 242)">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">ms_graph_client_id</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> $</span><span class="token punctuation" style="color:rgb(248, 248, 242)">{</span><span class="token plain">MS_GRAPH_CLIENT_ID</span><span class="token punctuation" style="color:rgb(248, 248, 242)">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> </span><span class="token key atrule">ms_graph_client_secret</span><span class="token punctuation" style="color:rgb(248, 248, 242)">:</span><span class="token plain"> $</span><span class="token punctuation" style="color:rgb(248, 248, 242)">{</span><span class="token plain">MS_GRAPH_CLIENT_SECRET</span><span class="token punctuation" style="color:rgb(248, 248, 242)">}</span><br></span></code></pre></div></div>
146
142
  <p>This configuration tells Agent Mesh Enterprise to retrieve user role assignments from Microsoft Graph instead of reading them from a YAML file. The <code>${...}</code> syntax indicates that these values come from environment variables, which keeps sensitive credentials out of your configuration files.</p>
147
143
  <p>When you use Microsoft Graph integration, you still define roles in the <code>role-to-scope-definitions.yaml</code> file, but you manage user-to-role assignments through Microsoft Graph groups or attributes.</p>
148
144
  <p>Run the Docker container with the Microsoft Graph credentials:</p>
149
- <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker run -d \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> --name sam-enterprise \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -p 8000:8000 \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -p 5002:5002 \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -v &quot;$(pwd)/config:/app/configs&quot; \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e MS_GRAPH_TENANT_ID=your-tenant-id \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e MS_GRAPH_CLIENT_ID=your-client-id \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e MS_GRAPH_CLIENT_SECRET=your-client-secret \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e NAMESPACE=enterprise_prod \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e WEBUI_GATEWAY_ID=enterprise_gateway \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> solace-agent-mesh-enterprise:&lt;tag&gt;</span><br></span></code></pre></div></div>
145
+ <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker run -d \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> --name sam-enterprise \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -p 8000:8001 \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -v &quot;$(pwd):/app&quot; \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e MS_GRAPH_TENANT_ID=your-tenant-id \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e MS_GRAPH_CLIENT_ID=your-client-id \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e MS_GRAPH_CLIENT_SECRET=your-client-secret \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e NAMESPACE=enterprise_prod \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> -e WEBUI_GATEWAY_ID=enterprise_gateway \</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"> solace-agent-mesh-enterprise:&lt;tag&gt;</span><br></span></code></pre></div></div>
150
146
  <p>The Microsoft Graph integration requires that you configure an application registration in Microsoft Entra ID with appropriate permissions to read user and group information. The tenant ID identifies your Microsoft Entra ID tenant, the client ID identifies your application registration, and the client secret authenticates your application.</p>
151
147
  <h2 class="anchor anchorWithStickyNavbar_LWe7" id="best-practices">Best Practices<a href="#best-practices" class="hash-link" aria-label="Direct link to Best Practices" title="Direct link to Best Practices">​</a></h2>
152
148
  <p>Following best practices helps you create a secure, maintainable RBAC configuration that scales with your organization&#x27;s needs.</p>
@@ -178,18 +174,17 @@
178
174
  <p>To resolve this issue, first verify that the user identity matches exactly what appears in your <code>user-to-role-assignments.yaml</code> file. Agent Mesh Enterprise performs case-sensitive matching, so <code>user@example.com</code> and <code>User@example.com</code> are different identities.</p>
179
175
  <p>Next, check that the role assigned to the user has the necessary scopes. Review the <code>role-to-scope-definitions.yaml</code> file and verify that the role includes scopes for the features the user is trying to access.</p>
180
176
  <p>Ensure that your configuration files are correctly mounted in the Docker container. You can verify the mount by running:</p>
181
- <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker exec -it sam-enterprise ls -la /app/configs/auth</span><br></span></code></pre></div></div>
177
+ <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker exec -it sam-enterprise ls -la /app/config/auth</span><br></span></code></pre></div></div>
182
178
  <p>This command lists the files in the mounted directory. You should see your <code>role-to-scope-definitions.yaml</code> and <code>user-to-role-assignments.yaml</code> files.</p>
183
179
  <p>Check the container logs for authorization service errors:</p>
184
180
  <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker logs sam-enterprise</span><br></span></code></pre></div></div>
185
181
  <p>Look for messages with the <code>[ConfigurableRbacAuthSvc]</code> prefix. These messages indicate whether Agent Mesh Enterprise successfully loaded your configuration files and how it resolved roles and scopes. You should see messages like:</p>
186
- <div class="language-text codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">INFO:solace_ai_connector:[ConfigurableRbacAuthSvc] Successfully loaded role-to-scope definitions from: /app/configs/auth/role-to-scope-definitions.yaml</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;enterprise_admin&#x27; loaded with 1 direct scopes, 1 resolved scopes.</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;data_analyst&#x27; loaded with 4 direct scopes, 4 resolved scopes.</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;standard_user&#x27; loaded with 1 direct scopes, 1 resolved scopes.</span><br></span></code></pre></div></div>
182
+ <div class="language-text codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">INFO:solace_ai_connector:[ConfigurableRbacAuthSvc] Successfully loaded role-to-scope definitions from: /app/config/auth/role-to-scope-definitions.yaml</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;enterprise_admin&#x27; loaded with 1 direct scopes, 1 resolved scopes.</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;data_analyst&#x27; loaded with 4 direct scopes, 4 resolved scopes.</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">DEBUG:solace_ai_connector:[ConfigurableRbacAuthSvc] Role &#x27;standard_user&#x27; loaded with 1 direct scopes, 1 resolved scopes.</span><br></span></code></pre></div></div>
187
183
  <h3 class="anchor anchorWithStickyNavbar_LWe7" id="configuration-files-not-found">Configuration Files Not Found<a href="#configuration-files-not-found" class="hash-link" aria-label="Direct link to Configuration Files Not Found" title="Direct link to Configuration Files Not Found">​</a></h3>
188
184
  <p>If you see error messages about missing configuration files or the system uses default authorization behavior, the container cannot find your configuration files.</p>
189
- <p>Verify that the file paths in your <code>enterprise_config.yaml</code> are correct. The paths should be relative to the container&#x27;s working directory, typically <code>/app</code>. If you mounted your configs directory to <code>/app/configs</code>, your paths should start with <code>configs/</code>.</p>
190
- <p>Check that the volume mount in your Docker run command is correct. The mount should map your host directory to <code>/app/configs</code> in the container. Verify that you are using the correct path on your host system.</p>
185
+ <p>Check that the volume mount in your Docker run command is correct. The mount should map your host directory to <code>/app</code> in the container. Verify that you are using the correct path on your host system.</p>
191
186
  <p>Ensure that file permissions allow the container user to read the files. On Linux systems, you might need to adjust file permissions:</p>
192
- <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">chmod 644 sam-enterprise/configs/auth/*.yaml</span><br></span></code></pre></div></div>
187
+ <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">chmod 644 sam-enterprise/config/auth/*.yaml</span><br></span></code></pre></div></div>
193
188
  <p>Check for typos in file names or paths. The file names are case-sensitive, and even small typos prevent Agent Mesh Enterprise from finding your configuration files.</p>
194
189
  <h3 class="anchor anchorWithStickyNavbar_LWe7" id="microsoft-graph-integration-not-working">Microsoft Graph Integration Not Working<a href="#microsoft-graph-integration-not-working" class="hash-link" aria-label="Direct link to Microsoft Graph Integration Not Working" title="Direct link to Microsoft Graph Integration Not Working">​</a></h3>
195
190
  <p>If users cannot authenticate when you use Microsoft Graph integration, or you see error messages related to Microsoft Graph in the logs, several issues might be causing the problem.</p>
@@ -208,7 +203,7 @@
208
203
  <p>Look for log messages with the <code>[EnterpriseConfigResolverImpl]</code> or <code>[ConfigurableRbacAuthSvc]</code> prefixes. These messages show how Agent Mesh Enterprise loaded and processed your configuration.</p>
209
204
  <p>Temporarily assign the user to an administrator role to verify whether the issue is permission-related. If the user can access features when assigned to an admin role, the problem is with the scopes assigned to their original role.</p>
210
205
  <p>Inspect the mounted configuration files inside the container to verify that they contain the expected content:</p>
211
- <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker exec -it sam-enterprise cat /app/configs/auth/role-to-scope-definitions.yaml</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker exec -it sam-enterprise cat /app/configs/auth/user-to-role-assignments.yaml</span><br></span></code></pre></div></div>
206
+ <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_QJqH"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker exec -it sam-enterprise cat /app/config/auth/role-to-scope-definitions.yaml</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">docker exec -it sam-enterprise cat /app/config/auth/user-to-role-assignments.yaml</span><br></span></code></pre></div></div>
212
207
  <p>This verification ensures that the files inside the container match your host files and that the volume mount is working correctly.</p>
213
208
  <h3 class="anchor anchorWithStickyNavbar_LWe7" id="getting-help">Getting Help<a href="#getting-help" class="hash-link" aria-label="Direct link to Getting Help" title="Direct link to Getting Help">​</a></h3>
214
209
  <p>If you continue to experience issues after following these troubleshooting steps, you can get additional help:</p>
@@ -217,6 +212,6 @@
217
212
  <p>Contact Solace support with details of your configuration and the issues you are experiencing. Include relevant log excerpts and describe the steps you have already taken to troubleshoot the problem.</p>
218
213
  <h2 class="anchor anchorWithStickyNavbar_LWe7" id="conclusion">Conclusion<a href="#conclusion" class="hash-link" aria-label="Direct link to Conclusion" title="Direct link to Conclusion">​</a></h2>
219
214
  <p>Setting up Role-Based Access Control in your Agent Mesh Enterprise Docker installation provides enhanced security and granular access control. This guide has walked you through understanding RBAC concepts, planning your configuration, creating configuration files, and troubleshooting common issues.</p>
220
- <p>You now have the knowledge to configure RBAC to meet your organization&#x27;s specific requirements while maintaining a secure and manageable environment. Remember to regularly review and update your RBAC configuration as your organization&#x27;s needs evolve, and always follow security best practices when managing access control.</p></div><footer class="theme-doc-footer docusaurus-mt-lg"><div class="row margin-top--sm theme-doc-footer-edit-meta-row"><div class="col"><a href="https://github.com/SolaceLabs/solace-agent-mesh/edit/main/docs/docs/documentation/enterprise/rbac-setup-guide.md" target="_blank" rel="noopener noreferrer" class="theme-edit-this-page"><svg fill="currentColor" height="20" width="20" viewBox="0 0 40 40" class="iconEdit_Z9Sw" aria-hidden="true"><g><path d="m34.5 11.7l-3 3.1-6.3-6.3 3.1-3q0.5-0.5 1.2-0.5t1.1 0.5l3.9 3.9q0.5 0.4 0.5 1.1t-0.5 1.2z m-29.5 17.1l18.4-18.5 6.3 6.3-18.4 18.4h-6.3v-6.2z"></path></g></svg>Edit this page</a></div><div class="col lastUpdated_JAkA"></div></div></footer></article><nav class="docusaurus-mt-lg pagination-nav" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/solace-agent-mesh/docs/documentation/enterprise/installation"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Installing Agent Mesh Enterprise</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/solace-agent-mesh/docs/documentation/enterprise/single-sign-on"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Enabling SSO</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#table-of-contents" class="table-of-contents__link toc-highlight">Table of Contents</a></li><li><a href="#understanding-rbac-in-agent-mesh-enterprise" class="table-of-contents__link toc-highlight">Understanding RBAC in Agent Mesh Enterprise</a><ul><li><a href="#the-three-components" class="table-of-contents__link toc-highlight">The Three Components</a></li><li><a href="#how-authorization-works" class="table-of-contents__link toc-highlight">How Authorization Works</a></li></ul></li><li><a href="#planning-your-rbac-configuration" class="table-of-contents__link toc-highlight">Planning Your RBAC Configuration</a><ul><li><a href="#identifying-user-types" class="table-of-contents__link toc-highlight">Identifying User Types</a></li><li><a href="#designing-roles" class="table-of-contents__link toc-highlight">Designing Roles</a></li><li><a href="#mapping-scopes-to-features" class="table-of-contents__link toc-highlight">Mapping Scopes to Features</a></li></ul></li><li><a href="#setting-up-rbac-in-docker" class="table-of-contents__link toc-highlight">Setting Up RBAC in Docker</a><ul><li><a href="#prerequisites" class="table-of-contents__link toc-highlight">Prerequisites</a></li><li><a href="#creating-the-configuration-directory-structure" class="table-of-contents__link toc-highlight">Creating the Configuration Directory Structure</a></li><li><a href="#defining-roles-and-permissions" class="table-of-contents__link toc-highlight">Defining Roles and Permissions</a></li><li><a href="#assigning-users-to-roles" class="table-of-contents__link toc-highlight">Assigning Users to Roles</a></li><li><a href="#creating-the-enterprise-configuration" class="table-of-contents__link toc-highlight">Creating the Enterprise Configuration</a></li><li><a href="#running-the-docker-container" class="table-of-contents__link toc-highlight">Running the Docker Container</a></li><li><a href="#verifying-your-configuration" class="table-of-contents__link toc-highlight">Verifying Your Configuration</a></li></ul></li><li><a href="#understanding-configuration-files" class="table-of-contents__link toc-highlight">Understanding Configuration Files</a><ul><li><a href="#role-to-scope-definitions-structure" class="table-of-contents__link toc-highlight">Role-to-Scope Definitions Structure</a></li><li><a href="#user-to-role-assignments-structure" class="table-of-contents__link toc-highlight">User-to-Role Assignments Structure</a></li><li><a href="#enterprise-configuration-structure" class="table-of-contents__link toc-highlight">Enterprise Configuration Structure</a></li></ul></li><li><a href="#advanced-configuration-options" class="table-of-contents__link toc-highlight">Advanced Configuration Options</a><ul><li><a href="#production-ready-role-configuration" class="table-of-contents__link toc-highlight">Production-Ready Role Configuration</a></li><li><a href="#integrating-with-microsoft-graph" class="table-of-contents__link toc-highlight">Integrating with Microsoft Graph</a></li></ul></li><li><a href="#best-practices" class="table-of-contents__link toc-highlight">Best Practices</a><ul><li><a href="#security-recommendations" class="table-of-contents__link toc-highlight">Security Recommendations</a></li><li><a href="#role-design-principles" class="table-of-contents__link toc-highlight">Role Design Principles</a></li><li><a href="#docker-specific-recommendations" class="table-of-contents__link toc-highlight">Docker-Specific Recommendations</a></li></ul></li><li><a href="#troubleshooting" class="table-of-contents__link toc-highlight">Troubleshooting</a><ul><li><a href="#authorization-denied-for-valid-user" class="table-of-contents__link toc-highlight">Authorization Denied for Valid User</a></li><li><a href="#configuration-files-not-found" class="table-of-contents__link toc-highlight">Configuration Files Not Found</a></li><li><a href="#microsoft-graph-integration-not-working" class="table-of-contents__link toc-highlight">Microsoft Graph Integration Not Working</a></li><li><a href="#debugging-authorization-issues" class="table-of-contents__link toc-highlight">Debugging Authorization Issues</a></li><li><a href="#getting-help" class="table-of-contents__link toc-highlight">Getting Help</a></li></ul></li><li><a href="#conclusion" class="table-of-contents__link toc-highlight">Conclusion</a></li></ul></div></div></div></div></main></div></div></div><footer class="theme-layout-footer footer footer--dark"><div class="container container-fluid"><div class="row footer__links"><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Solace Agent Mesh</div><ul class="footer__items clean-list"><li class="footer__item"><a class="footer__link-item" href="/solace-agent-mesh/docs/documentation/getting-started">Documentation</a></li><li class="footer__item"><a href="https://github.com/SolaceLabs/solace-agent-mesh/" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://github.com/SolaceLabs/solace-agent-mesh-core-plugins/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Official Plugins<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Company</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://solace.com/products/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Products<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/contact/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Contact<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/support/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Support<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/legal/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Privacy and Legal<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Community</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://www.linkedin.com/company/solacedotcom/" target="_blank" rel="noopener noreferrer" class="footer__link-item">LinkedIn<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://github.com/SolaceLabs" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://www.youtube.com/SolaceSystems" target="_blank" rel="noopener noreferrer" class="footer__link-item">YouTube<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://twitter.com/solacedotcom" target="_blank" rel="noopener noreferrer" class="footer__link-item">X<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div></div><div class="footer__bottom text--center"><div class="margin-bottom--sm"><img src="/solace-agent-mesh/img/solace-logo.png" alt="Solace Logo" class="footer__logo themedComponent_mlkZ themedComponent--light_NVdE" width="10%" height="10%"><img src="/solace-agent-mesh/img/solace-logo.png" alt="Solace Logo" class="footer__logo themedComponent_mlkZ themedComponent--dark_xIcU" width="10%" height="10%"></div><div class="footer__copyright">Solace Agent Mesh. Copyright © 2025 Solace. Version: 1.6.2</div></div></div></footer></div>
215
+ <p>You now have the knowledge to configure RBAC to meet your organization&#x27;s specific requirements while maintaining a secure and manageable environment. Remember to regularly review and update your RBAC configuration as your organization&#x27;s needs evolve, and always follow security best practices when managing access control.</p></div><footer class="theme-doc-footer docusaurus-mt-lg"><div class="row margin-top--sm theme-doc-footer-edit-meta-row"><div class="col"><a href="https://github.com/SolaceLabs/solace-agent-mesh/edit/main/docs/docs/documentation/enterprise/rbac-setup-guide.md" target="_blank" rel="noopener noreferrer" class="theme-edit-this-page"><svg fill="currentColor" height="20" width="20" viewBox="0 0 40 40" class="iconEdit_Z9Sw" aria-hidden="true"><g><path d="m34.5 11.7l-3 3.1-6.3-6.3 3.1-3q0.5-0.5 1.2-0.5t1.1 0.5l3.9 3.9q0.5 0.4 0.5 1.1t-0.5 1.2z m-29.5 17.1l18.4-18.5 6.3 6.3-18.4 18.4h-6.3v-6.2z"></path></g></svg>Edit this page</a></div><div class="col lastUpdated_JAkA"></div></div></footer></article><nav class="docusaurus-mt-lg pagination-nav" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/solace-agent-mesh/docs/documentation/enterprise/installation"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Installing Agent Mesh Enterprise</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/solace-agent-mesh/docs/documentation/enterprise/single-sign-on"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Enabling SSO</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#table-of-contents" class="table-of-contents__link toc-highlight">Table of Contents</a></li><li><a href="#understanding-rbac-in-agent-mesh-enterprise" class="table-of-contents__link toc-highlight">Understanding RBAC in Agent Mesh Enterprise</a><ul><li><a href="#the-three-components" class="table-of-contents__link toc-highlight">The Three Components</a></li><li><a href="#how-authorization-works" class="table-of-contents__link toc-highlight">How Authorization Works</a></li></ul></li><li><a href="#planning-your-rbac-configuration" class="table-of-contents__link toc-highlight">Planning Your RBAC Configuration</a><ul><li><a href="#identifying-user-types" class="table-of-contents__link toc-highlight">Identifying User Types</a></li><li><a href="#designing-roles" class="table-of-contents__link toc-highlight">Designing Roles</a></li><li><a href="#mapping-scopes-to-features" class="table-of-contents__link toc-highlight">Mapping Scopes to Features</a></li></ul></li><li><a href="#setting-up-rbac-in-docker" class="table-of-contents__link toc-highlight">Setting Up RBAC in Docker</a><ul><li><a href="#prerequisites" class="table-of-contents__link toc-highlight">Prerequisites</a></li><li><a href="#creating-the-configuration-directory-structure" class="table-of-contents__link toc-highlight">Creating the Configuration Directory Structure</a></li><li><a href="#defining-roles-and-permissions" class="table-of-contents__link toc-highlight">Defining Roles and Permissions</a></li><li><a href="#assigning-users-to-roles" class="table-of-contents__link toc-highlight">Assigning Users to Roles</a></li><li><a href="#creating-the-enterprise-configuration" class="table-of-contents__link toc-highlight">Creating the Enterprise Configuration</a></li><li><a href="#running-the-docker-container" class="table-of-contents__link toc-highlight">Running the Docker Container</a></li><li><a href="#verifying-your-configuration" class="table-of-contents__link toc-highlight">Verifying Your Configuration</a></li></ul></li><li><a href="#understanding-configuration-files" class="table-of-contents__link toc-highlight">Understanding Configuration Files</a><ul><li><a href="#role-to-scope-definitions-structure" class="table-of-contents__link toc-highlight">Role-to-Scope Definitions Structure</a></li><li><a href="#user-to-role-assignments-structure" class="table-of-contents__link toc-highlight">User-to-Role Assignments Structure</a></li><li><a href="#enterprise-configuration-structure" class="table-of-contents__link toc-highlight">Enterprise Configuration Structure</a></li></ul></li><li><a href="#advanced-configuration-options" class="table-of-contents__link toc-highlight">Advanced Configuration Options</a><ul><li><a href="#production-ready-role-configuration" class="table-of-contents__link toc-highlight">Production-Ready Role Configuration</a></li><li><a href="#integrating-with-microsoft-graph" class="table-of-contents__link toc-highlight">Integrating with Microsoft Graph</a></li></ul></li><li><a href="#best-practices" class="table-of-contents__link toc-highlight">Best Practices</a><ul><li><a href="#security-recommendations" class="table-of-contents__link toc-highlight">Security Recommendations</a></li><li><a href="#role-design-principles" class="table-of-contents__link toc-highlight">Role Design Principles</a></li><li><a href="#docker-specific-recommendations" class="table-of-contents__link toc-highlight">Docker-Specific Recommendations</a></li></ul></li><li><a href="#troubleshooting" class="table-of-contents__link toc-highlight">Troubleshooting</a><ul><li><a href="#authorization-denied-for-valid-user" class="table-of-contents__link toc-highlight">Authorization Denied for Valid User</a></li><li><a href="#configuration-files-not-found" class="table-of-contents__link toc-highlight">Configuration Files Not Found</a></li><li><a href="#microsoft-graph-integration-not-working" class="table-of-contents__link toc-highlight">Microsoft Graph Integration Not Working</a></li><li><a href="#debugging-authorization-issues" class="table-of-contents__link toc-highlight">Debugging Authorization Issues</a></li><li><a href="#getting-help" class="table-of-contents__link toc-highlight">Getting Help</a></li></ul></li><li><a href="#conclusion" class="table-of-contents__link toc-highlight">Conclusion</a></li></ul></div></div></div></div></main></div></div></div><footer class="theme-layout-footer footer footer--dark"><div class="container container-fluid"><div class="row footer__links"><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Solace Agent Mesh</div><ul class="footer__items clean-list"><li class="footer__item"><a class="footer__link-item" href="/solace-agent-mesh/docs/documentation/getting-started">Documentation</a></li><li class="footer__item"><a href="https://github.com/SolaceLabs/solace-agent-mesh/" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://github.com/SolaceLabs/solace-agent-mesh-core-plugins/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Official Plugins<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Company</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://solace.com/products/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Products<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/contact/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Contact<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/support/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Support<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/legal/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Privacy and Legal<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Community</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://www.linkedin.com/company/solacedotcom/" target="_blank" rel="noopener noreferrer" class="footer__link-item">LinkedIn<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://github.com/SolaceLabs" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://www.youtube.com/SolaceSystems" target="_blank" rel="noopener noreferrer" class="footer__link-item">YouTube<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://twitter.com/solacedotcom" target="_blank" rel="noopener noreferrer" class="footer__link-item">X<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div></div><div class="footer__bottom text--center"><div class="margin-bottom--sm"><img src="/solace-agent-mesh/img/solace-logo.png" alt="Solace Logo" class="footer__logo themedComponent_mlkZ themedComponent--light_NVdE" width="10%" height="10%"><img src="/solace-agent-mesh/img/solace-logo.png" alt="Solace Logo" class="footer__logo themedComponent_mlkZ themedComponent--dark_xIcU" width="10%" height="10%"></div><div class="footer__copyright">Solace Agent Mesh. Copyright © 2025 Solace. Version: 1.6.3</div></div></div></footer></div>
221
216
  </body>
222
217
  </html>
solace_agent_mesh/assets/docs/docs/documentation/enterprise/single-sign-on/index.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.8.1">
6
6
  <title data-rh="true">Enabling SSO | Solace Agent Mesh</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:image" content="https://solacelabs.github.io/solace-agent-mesh/img/logo.png"><meta data-rh="true" name="twitter:image" content="https://solacelabs.github.io/solace-agent-mesh/img/logo.png"><meta data-rh="true" property="og:url" content="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/enterprise/single-sign-on"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="Enabling SSO | Solace Agent Mesh"><meta data-rh="true" name="description" content="Overview"><meta data-rh="true" property="og:description" content="Overview"><link data-rh="true" rel="icon" href="/solace-agent-mesh/img/logo.png"><link data-rh="true" rel="canonical" href="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/enterprise/single-sign-on"><link data-rh="true" rel="alternate" href="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/enterprise/single-sign-on" hreflang="en"><link data-rh="true" rel="alternate" href="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/enterprise/single-sign-on" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Agent Mesh Enterprise","item":"https://solacelabs.github.io/solace-agent-mesh/docs/documentation/enterprise/"},{"@type":"ListItem","position":2,"name":"Enabling SSO","item":"https://solacelabs.github.io/solace-agent-mesh/docs/documentation/enterprise/single-sign-on"}]}</script><link rel="stylesheet" href="/solace-agent-mesh/assets/css/styles.906a1503.css">
7
- <script src="/solace-agent-mesh/assets/js/runtime~main.97f920d4.js" defer="defer"></script>
8
- <script src="/solace-agent-mesh/assets/js/main.d1643f0b.js" defer="defer"></script>
7
+ <script src="/solace-agent-mesh/assets/js/runtime~main.a8a75e0b.js" defer="defer"></script>
8
+ <script src="/solace-agent-mesh/assets/js/main.ed05b14d.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg xmlns="http://www.w3.org/2000/svg" style="display: none;"><defs>
@@ -156,6 +156,6 @@
156
156
  <p>Restrict CORS origins by setting OAUTH2_CORS_ORIGINS to your specific domain instead of using the wildcard &quot;*&quot;. This prevents unauthorized websites from making requests to your authentication service.</p>
157
157
  <p>Regularly rotate your OAuth2 client secrets and update the corresponding environment variables. Store sensitive credentials securely using Docker secrets or a secrets management service rather than passing them directly in the command line.</p>
158
158
  <p>Configure appropriate session timeouts based on your security requirements. Shorter timeouts increase security but may inconvenience users who need to reauthenticate more frequently.</p>
159
- <p>Monitor authentication logs for suspicious activity and failed login attempts. The OAuth2 service logs all authentication events, which you can review for security auditing.</p></div><footer class="theme-doc-footer docusaurus-mt-lg"><div class="row margin-top--sm theme-doc-footer-edit-meta-row"><div class="col"><a href="https://github.com/SolaceLabs/solace-agent-mesh/edit/main/docs/docs/documentation/enterprise/single-sign-on.md" target="_blank" rel="noopener noreferrer" class="theme-edit-this-page"><svg fill="currentColor" height="20" width="20" viewBox="0 0 40 40" class="iconEdit_Z9Sw" aria-hidden="true"><g><path d="m34.5 11.7l-3 3.1-6.3-6.3 3.1-3q0.5-0.5 1.2-0.5t1.1 0.5l3.9 3.9q0.5 0.4 0.5 1.1t-0.5 1.2z m-29.5 17.1l18.4-18.5 6.3 6.3-18.4 18.4h-6.3v-6.2z"></path></g></svg>Edit this page</a></div><div class="col lastUpdated_JAkA"></div></div></footer></article><nav class="docusaurus-mt-lg pagination-nav" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/solace-agent-mesh/docs/documentation/enterprise/rbac-setup-guide"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Setting Up RBAC</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#overview" class="table-of-contents__link toc-highlight">Overview</a></li><li><a href="#prerequisites" class="table-of-contents__link toc-highlight">Prerequisites</a></li><li><a href="#understanding-the-sso-architecture" class="table-of-contents__link toc-highlight">Understanding the SSO Architecture</a></li><li><a href="#step-1-create-configuration-files" class="table-of-contents__link toc-highlight">Step 1: Create Configuration Files</a><ul><li><a href="#create-oauth2_serveryaml" class="table-of-contents__link toc-highlight">Create oauth2_server.yaml</a></li><li><a href="#create-oauth2_configyaml" class="table-of-contents__link toc-highlight">Create oauth2_config.yaml</a></li><li><a href="#update-your-webui-gateway" class="table-of-contents__link toc-highlight">Update Your WebUI Gateway</a></li></ul></li><li><a href="#step-2-configure-your-oauth2-provider" class="table-of-contents__link toc-highlight">Step 2: Configure Your OAuth2 Provider</a><ul><li><a href="#for-azure-microsoft-entra-id" class="table-of-contents__link toc-highlight">For Azure (Microsoft Entra ID)</a></li><li><a href="#for-google" class="table-of-contents__link toc-highlight">For Google</a></li><li><a href="#for-other-providers" class="table-of-contents__link toc-highlight">For Other Providers</a></li></ul></li><li><a href="#step-3-launch-the-docker-container" class="table-of-contents__link toc-highlight">Step 3: Launch the Docker Container</a></li><li><a href="#understanding-the-environment-variables" class="table-of-contents__link toc-highlight">Understanding the Environment Variables</a><ul><li><a href="#core-application-settings" class="table-of-contents__link toc-highlight">Core Application Settings</a></li><li><a href="#frontend-authentication-settings" class="table-of-contents__link toc-highlight">Frontend Authentication Settings</a></li><li><a href="#oauth2-service-settings" class="table-of-contents__link toc-highlight">OAuth2 Service Settings</a></li><li><a href="#provider-specific-credentials" class="table-of-contents__link toc-highlight">Provider-Specific Credentials</a></li><li><a href="#external-authentication-configuration" class="table-of-contents__link toc-highlight">External Authentication Configuration</a></li><li><a href="#port-mapping-and-volume-mount" class="table-of-contents__link toc-highlight">Port Mapping and Volume Mount</a></li></ul></li><li><a href="#verifying-your-sso-configuration" class="table-of-contents__link toc-highlight">Verifying Your SSO Configuration</a></li><li><a href="#security-considerations-for-production" class="table-of-contents__link toc-highlight">Security Considerations for Production</a></li></ul></div></div></div></div></main></div></div></div><footer class="theme-layout-footer footer footer--dark"><div class="container container-fluid"><div class="row footer__links"><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Solace Agent Mesh</div><ul class="footer__items clean-list"><li class="footer__item"><a class="footer__link-item" href="/solace-agent-mesh/docs/documentation/getting-started">Documentation</a></li><li class="footer__item"><a href="https://github.com/SolaceLabs/solace-agent-mesh/" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://github.com/SolaceLabs/solace-agent-mesh-core-plugins/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Official Plugins<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Company</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://solace.com/products/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Products<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/contact/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Contact<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/support/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Support<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/legal/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Privacy and Legal<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Community</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://www.linkedin.com/company/solacedotcom/" target="_blank" rel="noopener noreferrer" class="footer__link-item">LinkedIn<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://github.com/SolaceLabs" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://www.youtube.com/SolaceSystems" target="_blank" rel="noopener noreferrer" class="footer__link-item">YouTube<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://twitter.com/solacedotcom" target="_blank" rel="noopener noreferrer" class="footer__link-item">X<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div></div><div class="footer__bottom text--center"><div class="margin-bottom--sm"><img src="/solace-agent-mesh/img/solace-logo.png" alt="Solace Logo" class="footer__logo themedComponent_mlkZ themedComponent--light_NVdE" width="10%" height="10%"><img src="/solace-agent-mesh/img/solace-logo.png" alt="Solace Logo" class="footer__logo themedComponent_mlkZ themedComponent--dark_xIcU" width="10%" height="10%"></div><div class="footer__copyright">Solace Agent Mesh. Copyright © 2025 Solace. Version: 1.6.2</div></div></div></footer></div>
159
+ <p>Monitor authentication logs for suspicious activity and failed login attempts. The OAuth2 service logs all authentication events, which you can review for security auditing.</p></div><footer class="theme-doc-footer docusaurus-mt-lg"><div class="row margin-top--sm theme-doc-footer-edit-meta-row"><div class="col"><a href="https://github.com/SolaceLabs/solace-agent-mesh/edit/main/docs/docs/documentation/enterprise/single-sign-on.md" target="_blank" rel="noopener noreferrer" class="theme-edit-this-page"><svg fill="currentColor" height="20" width="20" viewBox="0 0 40 40" class="iconEdit_Z9Sw" aria-hidden="true"><g><path d="m34.5 11.7l-3 3.1-6.3-6.3 3.1-3q0.5-0.5 1.2-0.5t1.1 0.5l3.9 3.9q0.5 0.4 0.5 1.1t-0.5 1.2z m-29.5 17.1l18.4-18.5 6.3 6.3-18.4 18.4h-6.3v-6.2z"></path></g></svg>Edit this page</a></div><div class="col lastUpdated_JAkA"></div></div></footer></article><nav class="docusaurus-mt-lg pagination-nav" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/solace-agent-mesh/docs/documentation/enterprise/rbac-setup-guide"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Setting Up RBAC</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#overview" class="table-of-contents__link toc-highlight">Overview</a></li><li><a href="#prerequisites" class="table-of-contents__link toc-highlight">Prerequisites</a></li><li><a href="#understanding-the-sso-architecture" class="table-of-contents__link toc-highlight">Understanding the SSO Architecture</a></li><li><a href="#step-1-create-configuration-files" class="table-of-contents__link toc-highlight">Step 1: Create Configuration Files</a><ul><li><a href="#create-oauth2_serveryaml" class="table-of-contents__link toc-highlight">Create oauth2_server.yaml</a></li><li><a href="#create-oauth2_configyaml" class="table-of-contents__link toc-highlight">Create oauth2_config.yaml</a></li><li><a href="#update-your-webui-gateway" class="table-of-contents__link toc-highlight">Update Your WebUI Gateway</a></li></ul></li><li><a href="#step-2-configure-your-oauth2-provider" class="table-of-contents__link toc-highlight">Step 2: Configure Your OAuth2 Provider</a><ul><li><a href="#for-azure-microsoft-entra-id" class="table-of-contents__link toc-highlight">For Azure (Microsoft Entra ID)</a></li><li><a href="#for-google" class="table-of-contents__link toc-highlight">For Google</a></li><li><a href="#for-other-providers" class="table-of-contents__link toc-highlight">For Other Providers</a></li></ul></li><li><a href="#step-3-launch-the-docker-container" class="table-of-contents__link toc-highlight">Step 3: Launch the Docker Container</a></li><li><a href="#understanding-the-environment-variables" class="table-of-contents__link toc-highlight">Understanding the Environment Variables</a><ul><li><a href="#core-application-settings" class="table-of-contents__link toc-highlight">Core Application Settings</a></li><li><a href="#frontend-authentication-settings" class="table-of-contents__link toc-highlight">Frontend Authentication Settings</a></li><li><a href="#oauth2-service-settings" class="table-of-contents__link toc-highlight">OAuth2 Service Settings</a></li><li><a href="#provider-specific-credentials" class="table-of-contents__link toc-highlight">Provider-Specific Credentials</a></li><li><a href="#external-authentication-configuration" class="table-of-contents__link toc-highlight">External Authentication Configuration</a></li><li><a href="#port-mapping-and-volume-mount" class="table-of-contents__link toc-highlight">Port Mapping and Volume Mount</a></li></ul></li><li><a href="#verifying-your-sso-configuration" class="table-of-contents__link toc-highlight">Verifying Your SSO Configuration</a></li><li><a href="#security-considerations-for-production" class="table-of-contents__link toc-highlight">Security Considerations for Production</a></li></ul></div></div></div></div></main></div></div></div><footer class="theme-layout-footer footer footer--dark"><div class="container container-fluid"><div class="row footer__links"><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Solace Agent Mesh</div><ul class="footer__items clean-list"><li class="footer__item"><a class="footer__link-item" href="/solace-agent-mesh/docs/documentation/getting-started">Documentation</a></li><li class="footer__item"><a href="https://github.com/SolaceLabs/solace-agent-mesh/" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://github.com/SolaceLabs/solace-agent-mesh-core-plugins/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Official Plugins<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Company</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://solace.com/products/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Products<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/contact/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Contact<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/support/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Support<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/legal/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Privacy and Legal<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Community</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://www.linkedin.com/company/solacedotcom/" target="_blank" rel="noopener noreferrer" class="footer__link-item">LinkedIn<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://github.com/SolaceLabs" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://www.youtube.com/SolaceSystems" target="_blank" rel="noopener noreferrer" class="footer__link-item">YouTube<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://twitter.com/solacedotcom" target="_blank" rel="noopener noreferrer" class="footer__link-item">X<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div></div><div class="footer__bottom text--center"><div class="margin-bottom--sm"><img src="/solace-agent-mesh/img/solace-logo.png" alt="Solace Logo" class="footer__logo themedComponent_mlkZ themedComponent--light_NVdE" width="10%" height="10%"><img src="/solace-agent-mesh/img/solace-logo.png" alt="Solace Logo" class="footer__logo themedComponent_mlkZ themedComponent--dark_xIcU" width="10%" height="10%"></div><div class="footer__copyright">Solace Agent Mesh. Copyright © 2025 Solace. Version: 1.6.3</div></div></div></footer></div>
160
160
  </body>
161
161
  </html>
solace_agent_mesh/assets/docs/docs/documentation/getting-started/architecture/index.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.8.1">
6
6
  <title data-rh="true">Architecture Overview | Solace Agent Mesh</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:image" content="https://solacelabs.github.io/solace-agent-mesh/img/logo.png"><meta data-rh="true" name="twitter:image" content="https://solacelabs.github.io/solace-agent-mesh/img/logo.png"><meta data-rh="true" property="og:url" content="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/getting-started/architecture"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="Architecture Overview | Solace Agent Mesh"><meta data-rh="true" name="description" content="Agent Mesh is an event-driven framework that creates a distributed ecosystem of collaborative AI agents. The architecture decouples agent logic from communication and orchestration, enabling you to build scalable, resilient, and modular AI systems."><meta data-rh="true" property="og:description" content="Agent Mesh is an event-driven framework that creates a distributed ecosystem of collaborative AI agents. The architecture decouples agent logic from communication and orchestration, enabling you to build scalable, resilient, and modular AI systems."><link data-rh="true" rel="icon" href="/solace-agent-mesh/img/logo.png"><link data-rh="true" rel="canonical" href="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/getting-started/architecture"><link data-rh="true" rel="alternate" href="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/getting-started/architecture" hreflang="en"><link data-rh="true" rel="alternate" href="https://solacelabs.github.io/solace-agent-mesh/docs/documentation/getting-started/architecture" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Getting Started","item":"https://solacelabs.github.io/solace-agent-mesh/docs/documentation/getting-started/"},{"@type":"ListItem","position":2,"name":"Architecture Overview","item":"https://solacelabs.github.io/solace-agent-mesh/docs/documentation/getting-started/architecture"}]}</script><link rel="stylesheet" href="/solace-agent-mesh/assets/css/styles.906a1503.css">
7
- <script src="/solace-agent-mesh/assets/js/runtime~main.97f920d4.js" defer="defer"></script>
8
- <script src="/solace-agent-mesh/assets/js/main.d1643f0b.js" defer="defer"></script>
7
+ <script src="/solace-agent-mesh/assets/js/runtime~main.a8a75e0b.js" defer="defer"></script>
8
+ <script src="/solace-agent-mesh/assets/js/main.ed05b14d.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg xmlns="http://www.w3.org/2000/svg" style="display: none;"><defs>
@@ -70,6 +70,6 @@
70
70
  <h2 class="anchor anchorWithStickyNavbar_LWe7" id="a2a-protocol-and-topic-structure">A2A Protocol and Topic Structure<a href="#a2a-protocol-and-topic-structure" class="hash-link" aria-label="Direct link to A2A Protocol and Topic Structure" title="Direct link to A2A Protocol and Topic Structure">​</a></h2>
71
71
  <p>The A2A protocol is based on JSON-RPC 2.0 and defines the message formats for all interactions between components. Communication is routed via a hierarchical topic structure on the Solace event broker, which allows for precise, point-to-point routing in a decoupled, asynchronous environment.</p>
72
72
  <table><thead><tr><th>Purpose</th><th>Topic Pattern</th></tr></thead><tbody><tr><td><strong>Agent Discovery</strong></td><td><code>{namespace}/a2a/v1/discovery/agentcards</code></td></tr><tr><td><strong>Task Requests</strong></td><td><code>{namespace}/a2a/v1/agent/request/{target_agent_name}</code></td></tr><tr><td><strong>Status Updates</strong></td><td><code>{namespace}/a2a/v1/gateway/status/{gateway_id}/{task_id}</code></td></tr><tr><td><strong>Final Responses</strong></td><td><code>{namespace}/a2a/v1/gateway/response/{gateway_id}/{task_id}</code></td></tr><tr><td><strong>Peer Delegation Status</strong></td><td><code>{namespace}/a2a/v1/agent/status/{delegating_agent_name}/{sub_task_id}</code></td></tr><tr><td><strong>Peer Delegation Response</strong></td><td><code>{namespace}/a2a/v1/agent/response/{delegating_agent_name}/{sub_task_id}</code></td></tr></tbody></table>
73
- <p>For more information about the CLI tools that help you work with these components, see <a href="/solace-agent-mesh/docs/documentation/components/cli">CLI</a>. To learn about extending the system with custom functionality, see <a href="/solace-agent-mesh/docs/documentation/components/plugins">Plugins</a>.</p></div><footer class="theme-doc-footer docusaurus-mt-lg"><div class="row margin-top--sm theme-doc-footer-edit-meta-row"><div class="col"><a href="https://github.com/SolaceLabs/solace-agent-mesh/edit/main/docs/docs/documentation/getting-started/architecture.md" target="_blank" rel="noopener noreferrer" class="theme-edit-this-page"><svg fill="currentColor" height="20" width="20" viewBox="0 0 40 40" class="iconEdit_Z9Sw" aria-hidden="true"><g><path d="m34.5 11.7l-3 3.1-6.3-6.3 3.1-3q0.5-0.5 1.2-0.5t1.1 0.5l3.9 3.9q0.5 0.4 0.5 1.1t-0.5 1.2z m-29.5 17.1l18.4-18.5 6.3 6.3-18.4 18.4h-6.3v-6.2z"></path></g></svg>Edit this page</a></div><div class="col lastUpdated_JAkA"></div></div></footer></article><nav class="docusaurus-mt-lg pagination-nav" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/solace-agent-mesh/docs/documentation/getting-started/try-agent-mesh"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Try Agent Mesh</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/solace-agent-mesh/docs/documentation/components/"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Components</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#architectural-principles" class="table-of-contents__link toc-highlight">Architectural Principles</a></li><li><a href="#system-components" class="table-of-contents__link toc-highlight">System Components</a><ul><li><a href="#solace-event-broker" class="table-of-contents__link toc-highlight">Solace Event Broker</a></li><li><a href="#gateways" class="table-of-contents__link toc-highlight">Gateways</a></li><li><a href="#agent-hosts-and-agents" class="table-of-contents__link toc-highlight">Agent Hosts and Agents</a></li></ul></li><li><a href="#key-architectural-flows" class="table-of-contents__link toc-highlight">Key Architectural Flows</a><ul><li><a href="#user-task-processing-flow" class="table-of-contents__link toc-highlight">User Task Processing Flow</a></li><li><a href="#agent-to-agent-delegation-flow" class="table-of-contents__link toc-highlight">Agent-to-Agent Delegation Flow</a></li><li><a href="#agent-discovery-flow" class="table-of-contents__link toc-highlight">Agent Discovery Flow</a></li></ul></li><li><a href="#a2a-protocol-and-topic-structure" class="table-of-contents__link toc-highlight">A2A Protocol and Topic Structure</a></li></ul></div></div></div></div></main></div></div></div><footer class="theme-layout-footer footer footer--dark"><div class="container container-fluid"><div class="row footer__links"><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Solace Agent Mesh</div><ul class="footer__items clean-list"><li class="footer__item"><a class="footer__link-item" href="/solace-agent-mesh/docs/documentation/getting-started">Documentation</a></li><li class="footer__item"><a href="https://github.com/SolaceLabs/solace-agent-mesh/" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://github.com/SolaceLabs/solace-agent-mesh-core-plugins/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Official Plugins<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Company</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://solace.com/products/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Products<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/contact/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Contact<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/support/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Support<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/legal/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Privacy and Legal<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Community</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://www.linkedin.com/company/solacedotcom/" target="_blank" rel="noopener noreferrer" class="footer__link-item">LinkedIn<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://github.com/SolaceLabs" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://www.youtube.com/SolaceSystems" target="_blank" rel="noopener noreferrer" class="footer__link-item">YouTube<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://twitter.com/solacedotcom" target="_blank" rel="noopener noreferrer" class="footer__link-item">X<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div></div><div class="footer__bottom text--center"><div class="margin-bottom--sm"><img src="/solace-agent-mesh/img/solace-logo.png" alt="Solace Logo" class="footer__logo themedComponent_mlkZ themedComponent--light_NVdE" width="10%" height="10%"><img src="/solace-agent-mesh/img/solace-logo.png" alt="Solace Logo" class="footer__logo themedComponent_mlkZ themedComponent--dark_xIcU" width="10%" height="10%"></div><div class="footer__copyright">Solace Agent Mesh. Copyright © 2025 Solace. Version: 1.6.2</div></div></div></footer></div>
73
+ <p>For more information about the CLI tools that help you work with these components, see <a href="/solace-agent-mesh/docs/documentation/components/cli">CLI</a>. To learn about extending the system with custom functionality, see <a href="/solace-agent-mesh/docs/documentation/components/plugins">Plugins</a>.</p></div><footer class="theme-doc-footer docusaurus-mt-lg"><div class="row margin-top--sm theme-doc-footer-edit-meta-row"><div class="col"><a href="https://github.com/SolaceLabs/solace-agent-mesh/edit/main/docs/docs/documentation/getting-started/architecture.md" target="_blank" rel="noopener noreferrer" class="theme-edit-this-page"><svg fill="currentColor" height="20" width="20" viewBox="0 0 40 40" class="iconEdit_Z9Sw" aria-hidden="true"><g><path d="m34.5 11.7l-3 3.1-6.3-6.3 3.1-3q0.5-0.5 1.2-0.5t1.1 0.5l3.9 3.9q0.5 0.4 0.5 1.1t-0.5 1.2z m-29.5 17.1l18.4-18.5 6.3 6.3-18.4 18.4h-6.3v-6.2z"></path></g></svg>Edit this page</a></div><div class="col lastUpdated_JAkA"></div></div></footer></article><nav class="docusaurus-mt-lg pagination-nav" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/solace-agent-mesh/docs/documentation/getting-started/try-agent-mesh"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">Try Agent Mesh</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/solace-agent-mesh/docs/documentation/components/"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Components</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#architectural-principles" class="table-of-contents__link toc-highlight">Architectural Principles</a></li><li><a href="#system-components" class="table-of-contents__link toc-highlight">System Components</a><ul><li><a href="#solace-event-broker" class="table-of-contents__link toc-highlight">Solace Event Broker</a></li><li><a href="#gateways" class="table-of-contents__link toc-highlight">Gateways</a></li><li><a href="#agent-hosts-and-agents" class="table-of-contents__link toc-highlight">Agent Hosts and Agents</a></li></ul></li><li><a href="#key-architectural-flows" class="table-of-contents__link toc-highlight">Key Architectural Flows</a><ul><li><a href="#user-task-processing-flow" class="table-of-contents__link toc-highlight">User Task Processing Flow</a></li><li><a href="#agent-to-agent-delegation-flow" class="table-of-contents__link toc-highlight">Agent-to-Agent Delegation Flow</a></li><li><a href="#agent-discovery-flow" class="table-of-contents__link toc-highlight">Agent Discovery Flow</a></li></ul></li><li><a href="#a2a-protocol-and-topic-structure" class="table-of-contents__link toc-highlight">A2A Protocol and Topic Structure</a></li></ul></div></div></div></div></main></div></div></div><footer class="theme-layout-footer footer footer--dark"><div class="container container-fluid"><div class="row footer__links"><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Solace Agent Mesh</div><ul class="footer__items clean-list"><li class="footer__item"><a class="footer__link-item" href="/solace-agent-mesh/docs/documentation/getting-started">Documentation</a></li><li class="footer__item"><a href="https://github.com/SolaceLabs/solace-agent-mesh/" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://github.com/SolaceLabs/solace-agent-mesh-core-plugins/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Official Plugins<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Company</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://solace.com/products/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Products<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/contact/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Contact<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/support/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Support<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://solace.com/legal/" target="_blank" rel="noopener noreferrer" class="footer__link-item">Privacy and Legal<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div><div class="theme-layout-footer-column col footer__col"><div class="footer__title">Community</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://www.linkedin.com/company/solacedotcom/" target="_blank" rel="noopener noreferrer" class="footer__link-item">LinkedIn<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://github.com/SolaceLabs" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://www.youtube.com/SolaceSystems" target="_blank" rel="noopener noreferrer" class="footer__link-item">YouTube<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li><li class="footer__item"><a href="https://twitter.com/solacedotcom" target="_blank" rel="noopener noreferrer" class="footer__link-item">X<svg width="13.5" height="13.5" aria-hidden="true" class="iconExternalLink_nPIU"><use href="#theme-svg-external-link"></use></svg></a></li></ul></div></div><div class="footer__bottom text--center"><div class="margin-bottom--sm"><img src="/solace-agent-mesh/img/solace-logo.png" alt="Solace Logo" class="footer__logo themedComponent_mlkZ themedComponent--light_NVdE" width="10%" height="10%"><img src="/solace-agent-mesh/img/solace-logo.png" alt="Solace Logo" class="footer__logo themedComponent_mlkZ themedComponent--dark_xIcU" width="10%" height="10%"></div><div class="footer__copyright">Solace Agent Mesh. Copyright © 2025 Solace. Version: 1.6.3</div></div></div></footer></div>
74
74
  </body>
75
75
  </html>