Administration & Access Control

Squad enforces role-based access control at every level of the platform: from API endpoints to tool execution to knowledge management. This ensures that while the system learns from use, humans control who can approve that learning and what the system is permitted to do.

Identity & Authentication

Squad integrates with your organisation’s identity provider via OAuth2/OIDC, supporting single sign-on through SAML and OIDC federation. All API endpoints require authentication unless explicitly whitelisted (health checks, OAuth configuration).

Aspect	Implementation
Protocol	OAuth2 / OIDC
Identity Provider	Keycloak (bundled), or federated with your existing IdP
Token Format	JWT with configurable expiry
SSO	SAML and OIDC federation supported

Role-Based Access Control

Permissions are enforced at two levels: API endpoints and tool execution.

API-Level Permissions

Each endpoint declares its required permissions. The platform enforces these before any processing begins.

Permission	What It Grants
read	Query the platform, view results, access session and review history
write	Approve, reject, and amend pending queries; submit messages
view_workflows	View stored workflow templates
execute_workflow	Trigger stored workflow templates
create_workflow	Propose new tools and workflow templates
manage_users	User administration and role assignment
system_admin	Full platform access including configuration and system operations

Squad ships two roles. The user role grants read, write, view_workflows, execute_workflow, and create_workflow. The admin role adds manage_users and system_admin.

Tool-Level Access

Inside the AIM agent, a separate tool-configuration layer restricts which tools are available based on the user’s role. Standard users receive a safe preset that excludes graph-mutation tools (write_cypher) and external search (tavily_search). Administrators receive the full tool set. This is independent of API-level permissions — a standard user has write at the API layer (e.g. for approving reviews) but the agent will not execute destructive graph operations on their behalf.

Note

Even users with elevated privileges are subject to deterministic security review. RBAC controls what you’re allowed to do; security review controls what the system is allowed to execute. These are independent layers. See Guardrails & Safety.

Governing What the System Learns

Access control is particularly important for Squad’s learning mechanisms. The permissions model ensures that:

• Standard users can query the platform, approve or reject reviews, and create workflows — but the agent restricts their tool surface to prevent direct graph mutations
• Administrators (system_admin) can revoke approved workflows, manage the tool registry, configure system behaviour, and have access to the full agent tool set including graph-write operations

This separation means the platform can be used broadly while governance over dangerous operations is handled by a smaller set of authorised individuals. For the human gating model around reusable templates, see Accuracy & Disambiguation.

Session Management

User sessions are managed through a combination of Redis (active session state) and PostgreSQL (persistent session records).

• Session creation: Authenticated users can create chat sessions via the API or UI
• Session isolation: Each session maintains its own working memory and conversation context
• Session history: Full conversation history is persisted and accessible to the session owner
• Global history: Administrators can access session history across users for audit purposes

Rate Limiting

API rate limiting is enforced to protect platform stability. Limits are configurable per deployment and can be adjusted based on your organisation’s usage patterns.