Identity
The request is bound to a known user or tenant.
Proof Surface
Security
The Control Layer is what turns credentials into governable runtime behavior. A token can exist and access can still stop. That is intentional. Identity, entitlement, commercial state, and policy all participate in the final decision.
Last updated: March 9, 2026
Enforcement Chain
How `.agency` enforces governable automation
Each request passes through an explicit chain. That is why approval requirements, blocked states, and recovery paths stay legible instead of hiding inside prompt behavior.
Entitlement
Commercial, legal, and access state are checked live.
Control Layer
Rules decide whether work runs, pauses for review, or stops.
Execution
Only approved workflow actions reach the connected system.
Audit
Every outcome leaves a reason trail for support and review.
Reason-coded Blocking
Why access can stop even when credentials still exist
Blocked states are product behavior. Each one needs a clear reason and a recovery path so support, buyers, and operators see the same reality.
No entitlement
The account is real, but the service has not been granted for this tenant.
Grant or activate the package before token or host access resumes.Contract inactive
The credential exists, but the operating agreement no longer allows execution.
Renew or restore the contract state before writes resume.Billing issue
Commercial standing is part of the live access check, not a separate back-office process.
Resolve the billing state and re-run the entitlement check.Policy acceptance required
The user is known, but the access policy has not been accepted for the current account.
Accept the active policy and retry the governed action.Workflow suspended
The workflow remains installed, but governance has paused execution for risk or review.
Resume only after operator review or updated policy conditions.Identity boundary
Auth0 establishes the person or tenant boundary. `.agency` does not treat a bearer token as a replacement for identity.
Live entitlement
Every request is checked against organization membership, service entitlement, contract standing, billing state, and policy acceptance.
Credential separation
Portal sign-in, managed bearer tokens, and hosted product credentials remain distinct so compromise or revocation can be handled deliberately.
Operational control
Revocation, regeneration, anomaly review, and audit trails are part of the standing operating model, not an optional support add-on.
Bearer token risk management
`.agency` issues one managed bearer token per authenticated user for approved hosts and background agents. The token is portable, but authorization remains conditional at request time through live entitlement and policy checks.
If compromise is suspected, CREATE SOMETHING can revoke or regenerate access immediately without waiting for a token expiry window.
Why commercial and legal state belongs in the access decision
Access is not determined by token validity alone. `.agency` can deny execution when contract status, billing standing, or required policy acceptance is not current. This keeps back-office reality tied to runtime behavior instead of leaving a governance gap between the agreement and the workflow.
For security inquiries, contact [email protected].