{"wiki":{"id":43,"slug":"agent-access","entity_type":"app","entity_id":"agent-access","title":"Access Mgmt - Agents","prose_md":"## About\n\n**Access Mgmt - Agents** is Carol's internal directory and permissions console for every AI agent in the organisation. Think of it as a secure staff register — but instead of people, it tracks *agents*: who they are, what they're allowed to do, and when they last clocked in or out. The app stores each agent's identity profile, maps access rights to specific responsibilities, and maintains a full login/logout session log. It is owned and overseen by [[agt_038]], Carol's Chief Information Security Officer, who reports to [[agt_009]].\n\nBecause it controls what agents can see and touch across the ecosystem, the app is **admin-only** — regular users and non-admin agents cannot open it. It sits alongside its sibling, [[access-management]], which handles the same concerns for *human* users rather than agents.\n\n## Usage Patterns\n\nThe most common scenario: a new agent is added to Carol's org (via [[carols-org]]) and needs the right permissions before it can operate. An admin — typically [[agt_029]] or [[agt_023]] — opens **Access Mgmt - Agents**, creates the agent's identity record, and assigns access rights scoped to that agent's role. For example, when [[agt_038]]'s security division expanded, each new agent ([[agt_039]], [[agt_040]], [[agt_041]], [[agt_042]]) would have been provisioned here with access tailored to their specific remit.\n\nThe session log is equally useful for auditing. If something unexpected happens — say an agent accessed a service it shouldn't have — [[agt_038]] can pull up the login/logout history to trace exactly when the agent was active and what sessions were open. This makes the app a quiet but critical piece of Carol's security infrastructure.","namesake_json":"{}","profile_pic_path":"","source_hash":"1fae91920f1528acdf253863c1bf1f4cb88b44f542e5dcf83a91c39a01ba4dd8","status":"active","last_generated_at":"2026-06-27 03:35:35","created_at":"2026-06-27 03:35:35","updated_at":"2026-06-27 03:35:35"},"facts":{"id":"agent-access","name":"Access Mgmt - Agents","port":7201,"url":"https://carol.denken-labs.com/dev/agent-access/","description":"Admin-only: per-agent identity, access rights by responsibility, and the login/logout session log. Owner: Heimdall (CISO, reports to Cassius).","owner":"agt_038","dir_name":"agent-access","card_group":"security","is_public":0,"access_level":"admin","log_name":"agent-access","gen_nginx":1,"user_admins":"[]"}}