Skip to Content
DocsProductionPer-user permissions

Per-user permissions

PerUserPermissions routes the policy decision per user_id. One Agent can run in BYPASS mode for staff while still gating destructive tools for end users.

from loomflow import Agent, Mode, StandardPermissions
from loomflow.security import PerUserPermissions
 
policies = {
    "admin_alice": StandardPermissions(mode=Mode.BYPASS),
    "service_account": StandardPermissions(
        mode=Mode.DEFAULT,
        allowed_tools=["read", "search"],
    ),
}
 
perms = PerUserPermissions(
    policies=policies,
    default=StandardPermissions(
        mode=Mode.DEFAULT,
        denied_tools=["delete_account", "send_email"],
    ),
)
 
agent = Agent("...", permissions=perms)

Unknown user_ids fall through to default. The framework forwards the live user_id from the active RunContext into every permissions.check(...) call. You don’t need to wire it manually.

Last updated on
Per-user budget capsApproval handlers