Access Tiers Overview

OSSA Access Tiers - permission levels for agent capabilities

Access Tiers Overview

OSSA defines four access tiers that control agent permissions and capabilities:

Tier	Level	Description
observer	Read-only	Query-only access, no state changes
operator	Standard	Execute capabilities, tool calls
admin	Elevated	System configuration, agent management
system	Full	Unrestricted access (internal only)

Configuration

apiVersion: ossa/v0.4.9
kind: Agent

spec:
  access_tier: operator  # Default tier

  capabilities:
    - name: read_data
      access_tier: observer
    - name: update_record
      access_tier: operator
    - name: manage_agents
      access_tier: admin

Permission Inheritance

Access tiers form a hierarchy:

system > admin > operator > observer

Higher tiers inherit permissions from lower tiers.

Execution Profiles
Memory Model
Schema Reference

Access Tiers Overview

Access Tiers Overview

Configuration

Permission Inheritance

Related Documentation