Scope catalog
The 12 scopes
Section titled “The 12 scopes”Floopy’s TBAC catalog is exactly 12 scopes — 4 V1 tool-named scopes (one per V1 tool) and 8 V2 capability scopes that gate the credibility-initiative endpoints. Wildcard * is reserved as “every current and future scope” and grants full access.
| Scope | Tools unlocked | Plan gate |
|---|---|---|
list_models | list_models | (none) |
estimate_cost | estimate_cost | (none) |
route_llm_request | route_llm_request | (none) |
get_analytics | get_analytics | (none) |
decisions:read | get_decision, list_decisions | audit_api |
experiments:read | list_experiments, get_experiment_results | audit_api |
experiments:write | create_experiment, rollback_experiment | audit_api |
optimization:read | get_verification | audit_api |
constraints:read | get_constraints | audit_api, constraints_api |
constraints:write | update_constraints | audit_api, constraints_api |
export:read | export_decisions | audit_api, log_retention_days ≥ 30 |
routing:explain | explain_routing | audit_api, feedback_driven_routing |
Granting
Section titled “Granting”In the dashboard’s Create token dialog, the Scope Picker groups the 12 scopes by area (V1 tools / Decisions / Experiments / Constraints / Routing). You can:
- Search by scope name or description.
- Toggle individual scopes.
- “Select all” / “Unselect all” within a group.
- Grant the wildcard
*(with a visible warning).
The picker only shows the functional scopes above. Decorative scopes from older designs (requests:*, prompts:*, evals:*, feedback:*, cache:*, admin*) have no corresponding routes and are intentionally omitted.
Validation
Section titled “Validation”Two checkpoints, both server-side:
tools/listfilters its response to tools whosescope_requiredmatches at least one scope on the token. The filtered list is what the LLM sees as available tools.tools/callre-validates the scope before dispatching; an out-of-scope call returns JSON-RPC error-32602.
Wildcard * short-circuits both checks.
Audit attribution
Section titled “Audit attribution”Every audit row is keyed back to the token’s creator — mcp_tbac_tokens.created_by is the auth.users.id of the dashboard user who minted the token. That column populates audit_log.actor_user_id.
For legacy tokens minted before migration 00122 (where created_by IS NULL), the audit row sets actor_type = 'service_account' and writes a metadata.actor_fallback = "tbac_token_id:<token_id>" so trail consumers can still track who did what — even if it’s at the token granularity rather than the user granularity.