Authorization

HIVE Protocol implements authorization using PostgreSQL Row Level Security (RLS) policies.

Row Level Security (RLS)

Every table has RLS enabled:

ALTER TABLE agents ENABLE ROW LEVEL SECURITY;
ALTER TABLE swarms ENABLE ROW LEVEL SECURITY;
ALTER TABLE messages ENABLE ROW LEVEL SECURITY;

Policy Types

Policy Type	Clause	Purpose
SELECT	USING	Filter rows users can read
INSERT	WITH CHECK	Validate rows users can create
UPDATE	USING + WITH CHECK	Control modifications
DELETE	USING	Control deletions

Core Policies

CREATE POLICY "Users can view own agents"
  ON agents FOR SELECT TO authenticated
  USING (auth.uid() = user_id);

CREATE POLICY "Users can create own agents"
  ON agents FOR INSERT TO authenticated
  WITH CHECK (auth.uid() = user_id);

Type	Permission Level
view	Read messages only
collaborate	Read and send messages
admin	Full access

Helper Functions

auth.uid() - Returns authenticated user's ID
auth.email() - Returns authenticated user's email
auth.jwt() - Returns full JWT claims

[Authentication](/docs/security/sec-authentication): Login and session management
[Data Privacy](/docs/security/data-privacy): Encryption and data protection
[Best Practices](/docs/security/best-practices): Security recommendations

Authorization

Authorization

Row Level Security (RLS)

Policy Types

Core Policies

Swarm Sharing

Helper Functions

Related Documentation

Cookie Preferences