Agent Buildprint

Back to registry

＋ Feature / Extension • Proof trail Updated Not dated

Auth, Teams & RBAC OS

A stack-adaptable Buildprint for adding teams, RBAC, invites, audit logs, server guards, and tenant isolation without replacing working auth by default.

-- views

What this builds

A scoped product implementation packet.

An agent-grade Auth, Teams & RBAC Buildprint that forces deep Phase 00 research and blocks completion unless every team-scoped route has direct server/API authorization tests.

Phase 00 auth forensics and tenant research
Permission vocabulary and role matrix
Invite and membership lifecycle
Server-side authorization contracts
Full threat regression validation chapter

Core capabilities

The useful parts the finished build should expose.

01 Phase 00 auth forensics and tenant research

02 Permission vocabulary and role matrix

03 Invite and membership lifecycle

04 Server-side authorization contracts

05 Full threat regression validation chapter

What you need

Local first, live proof explicit.

An existing app or auth provider to wrap
Product decisions for team naming, owner/admin policy, billing/API-key scope
Database migration path for tenant ownership

System shape

What kind of artifact this becomes.

Product surface

An agent-grade Auth, Teams & RBAC Buildprint that forces deep Phase 00 research and blocks completion unless every team-scoped route has direct server/API authorization tests.

Runtime layer

Existing app auth

Build materials

Auth census / Tenant map / Permissions / Server guards

Proof boundary

Phase 00 heavy / Offline proof included

Build scope

Included, required from you, and outside the claim.

Included

Phase 00 auth forensics and tenant research
Permission vocabulary and role matrix
Invite and membership lifecycle
Server-side authorization contracts

Bring yourself

An existing app or auth provider to wrap
Product decisions for team naming, owner/admin policy, billing/API-key scope
Database migration path for tenant ownership

Out of scope

Auth provider rip-and-replace
Frontend-only authorization
Cross-tenant data leakage
Client-provided teamId trust

Agent handoff

Start from the packet, not the UI.

agb start https://agent-buildprint.com/buildprints/auth-teams-rbac-os/package.json

Agent guide Manifest GitHub files

Key files

The first files an agent should read.

BUILDPRINT.md compatibility bootstrap or package contract

All package files

API_ROUTES.md Buildprint package file

BUILDPRINT.md compatibility bootstrap or package contract

checks/acceptance.md acceptance checklist

conformance/examples/adapter.stub.ts target-app conformance artifact

conformance/package.json target-app conformance artifact

conformance/README.md target-app conformance artifact

conformance/src/adapter-contract.ts target-app conformance artifact

conformance/src/load-adapter.ts target-app conformance artifact

conformance/test/auth-rbac.conformance.test.ts target-app conformance artifact

conformance/test/node-builtins.d.ts target-app conformance artifact

conformance/tsconfig.json target-app conformance artifact

CONTRACTS.md legacy interface/data contracts, when present

MIGRATION_GUIDE.md Buildprint package file

PLAN.md legacy execution index, when present

plans/00-auth-forensics-tenant-research.md phase rail

plans/01-data-model-tenant-boundary.md phase rail

plans/02-permission-model-engine.md phase rail

plans/03-server-guards-context.md phase rail

plans/04-invite-membership-lifecycle.md phase rail

plans/05-role-management-owner-safety.md phase rail

plans/06-ui-flows.md phase rail

plans/07-audit-log.md phase rail

plans/08-billing-admin-boundary.md phase rail

plans/09-full-security-product-validation.md phase rail

plans/10-migration-rollout.md phase rail

proof/package.json offline proof artifact

proof/src/index.ts offline proof artifact

proof/test/node-builtins.d.ts offline proof artifact

proof/test/rbac.test.ts offline proof artifact

proof/tsconfig.json offline proof artifact

publication.json machine-readable mirror

questions.md configuration interview

RBAC_MATRIX.md Buildprint package file

README.md human overview, non-authoritative

schemas/buildprint.meta.json schema artifact

SECURITY_POLICY.md Buildprint package file

SPEC.md legacy behavior requirements, when present

TEST_MATRIX.md legacy risk-to-test alignment, when present

UI_FLOWS.md Buildprint package file

VALIDATION_TEMPLATE.md legacy completion report template, when present