Agora Authority Policy v1¶
Source schema: doc/schemas/agora-authority-policy.v1.schema.json
Node-global policy artifact describing accountable subjects that may establish Agora namespace authority, organization custody policies, publish/subscribe namespace policies, namespace defaults, and public decision-receipt diagnostics. Components consume an effective snapshot of this policy; authority roots are not Agora-private runtime settings.
Governing Basis¶
doc/project/60-solutions/008-agora/008-agora.mddoc/project/60-solutions/021-agora-authority/021-agora-authority.md
Project Lineage¶
Requirements¶
doc/project/50-requirements/requirements-006-node-networking-mvp.mddoc/project/50-requirements/requirements-008-org-subject-rollout.mddoc/project/50-requirements/requirements-010-middleware-executor.mddoc/project/50-requirements/requirements-011-dator-arca-contracts.mddoc/project/50-requirements/requirements-014-resource-opinions.md
Stories¶
doc/project/30-stories/story-001-swarm-node-onboarding.mddoc/project/30-stories/story-004-pod-client-onboarding.mddoc/project/30-stories/story-005-whisper-rumor-intake.mddoc/project/30-stories/story-006-buyer-node-components.mddoc/project/30-stories/story-006-voluntary-swarm-exchange.mddoc/project/30-stories/story-007-settlement-capable-node.mddoc/project/30-stories/story-008-cool-site-comment.md
Fields¶
| Field | Required | Shape | Description |
|---|---|---|---|
schema |
yes |
const: agora-authority-policy.v1 |
|
schema/v |
yes |
const: 1 |
|
policy/id |
yes |
string | Stable local or federated authority policy identifier. |
valid_from |
no |
ref: #/$defs/rfc3339 |
|
valid_until |
no |
unspecified | |
authority_roots |
yes |
array | Configured accountable subjects that may establish namespace authority. Empty means no protected namespace has local authority unless another local policy says public-open. |
org_custody_policies |
no |
array | Inline or referenced org custody policies available to org authority roots. Inline entries use the org-custody-policy.v1 shape. |
publish_policies |
no |
array | |
subscribe_policies |
no |
array | |
namespace_defaults |
yes |
array | Default posture for topic namespaces. Protected ai.orbiplex/** namespaces should be fail-closed unless explicitly public-open. |
diagnostics |
no |
object |
Definitions¶
| Definition | Shape | Description |
|---|---|---|
rfc3339 |
string | |
subject |
object | |
topic_pattern |
string | Agora topic key or topic pattern. A trailing /** means prefix match. |
authority_root |
object | |
org_custody_policy_ref |
object | |
topic_policy |
object | |
namespace_default |
object | |
| ## Field Semantics |
schema¶
- Required:
yes - Shape: const:
agora-authority-policy.v1
schema/v¶
- Required:
yes - Shape: const:
1
policy/id¶
- Required:
yes - Shape: string
Stable local or federated authority policy identifier.
valid_from¶
- Required:
no - Shape: ref:
#/$defs/rfc3339
valid_until¶
- Required:
no - Shape: unspecified
authority_roots¶
- Required:
yes - Shape: array
Configured accountable subjects that may establish namespace authority. Empty means no protected namespace has local authority unless another local policy says public-open.
org_custody_policies¶
- Required:
no - Shape: array
Inline or referenced org custody policies available to org authority roots. Inline entries use the org-custody-policy.v1 shape.
publish_policies¶
- Required:
no - Shape: array
subscribe_policies¶
- Required:
no - Shape: array
namespace_defaults¶
- Required:
yes - Shape: array
Default posture for topic namespaces. Protected ai.orbiplex/** namespaces should be fail-closed unless explicitly public-open.
diagnostics¶
- Required:
no - Shape: object
Definition Semantics¶
$defs.rfc3339¶
- Shape: string
$defs.subject¶
- Shape: object
$defs.topic_pattern¶
- Shape: string
Agora topic key or topic pattern. A trailing /** means prefix match.
$defs.authority_root¶
- Shape: object
$defs.org_custody_policy_ref¶
- Shape: object
$defs.topic_policy¶
- Shape: object
$defs.namespace_default¶
- Shape: object