atomic-data-docs icon indicating copy to clipboard operation
atomic-data-docs copied to clipboard
verified publisher icon atomicdata-dev

Agent scopes - new Agents for the same user with limited access

Open joepio opened this issue 3 years ago • 0 comments

  • User has an Agent + server hosted on sarah.pod.com
  • User wants to use an app on calendarapp.com. This app only needs access to calendar data, for example. It should not be able to edit the user's name or open their private photos.

How do we do this?

Well, we already have Agents and Hierarchies, which can be used to give granular access to a specific part of data, like the Calendar.

However, if we create a new Agent (let's call her CalendarSara) and give that Agent write rights on sarah.pod.com/calendar, we'd still probably want users to know that that agent was in fact Sarah. How do we denote this?

  • Sarah creates the new Agent, so we could check the lastCommit.
  • Sarah's agent might link to the CalendarSara, e.g. with a new subAgents property.

joepio avatar Jan 19 '23 12:01 joepio