← Back to Features

features

Authorization

Pluggable providers for RBAC and webhook-delegated authorization, plus in-memory IP-bound tunnel tokens with automatic rotation.

authorization.py defines a small provider interface that the hub consults on every privileged action: joining a session, requesting hijack, posting chat, placing annotations.

LocalProvider

The reference provider implements standard RBAC with three roles — viewer, operator, admin. Use this in dev and small deployments.

WebhookProvider

For enterprise integration, every decision is delegated to an external HTTP endpoint. The hub does no policy of its own — it sends the request context to the webhook and trusts the verdict. This makes it straightforward to plug uterm into an existing identity / policy stack without forking the codebase.

Tunnel security

uterm’s binary tunnels (TCP forwarding, HTTP inspection) use in-memory tokens with:

  • IP binding — a token is bound to the originating address.
  • Automatic rotation — tokens age out and are swept on a timer.
  • Single-use semantics for sensitive operations.

No long-lived shared secret is written to disk for a tunnel session. When the session ends, the tokens are gone.