Task-Based Access Control

Permissions that know
what your agent is doing

Traditional access control grants sweeping, permanent permissions tied to an identity. Devctrl grants only what the current task needs — and nothing more.

Get Early Access

RBAC vs TBAC

RBAC is tied to who. TBAC is tied to what.

Role-based access was designed for humans clicking through UIs. Agents make thousands of autonomous decisions — they need access control that understands the task, not just the identity.

Legacy

Role-Based

Permissions are bound to the identity of the user or service account. Once granted, they stay — across every call, every task, forever.

Identity gets a role
Role grants tools, permanently
No sense of what's happening right now
Broad blast radius on compromise

With Devctrl

Task-Based

Permissions are bound to the specific task the agent is performing. The same agent doing a different task gets different access.

Identity gets a task
Task carries context and scope
Policies read task, context, and request together
Exactly the permissions needed, nothing more

Security & Compliance

TBAC ensures that AI agents only receive the permissions they need for their current task. Every interaction is checked and logged by the policy engine — complete compliance, automatically enforced.

Efficiency Boost

Compared to RBAC, TBAC enables greater autonomy for AI agents. They can act independently within clearly defined task boundaries — fewer manual interventions, faster execution, more productivity.

Context + Policy

The same tool, decided by task context.

Every task carries structured context. Your policies can read that context and make decisions no role-based system can.

Task

process_refund

tsk_Kp4m

Task context

task.context.customer_id: "cust_a1f9"

task.context.amount: 42.00

task.context.order_id: "ord_88c2"

Request

request.tool.name:"email.send"

request.tool.args.customer_id:

Policy (CEL)

email_scope.cel

1request.tool.name == "email.send"
2&& request.tool.args.customer_id
3    == task.context.customer_id

The policy runs at every call, reading the live task context.

Change the customer on the left — watch the verdict flip.

Result

Allow

request.tool.args.customer_id"cust_a1f9"

task.context.customer_id"cust_a1f9"

match: true

request.tool.args.customer_id matches task.context.customer_id — allowed by CEL policy.

Same agent, same tool, same tenant — different outcomes because the task context changed.

Dive deeper into TBAC

Why it matters

Built for agents that actually act.

TBAC closes the gap between compliance requirements and agent autonomy — your agents move faster, your governance gets tighter, and your auditors sleep better.

Least-privilege, automatic

Agents can never access a tool outside of a task. The blast radius of any compromise is bounded to one task's context.

Context-aware denials

Policies read task context — not just identity. You can enforce business rules like 'only the customer this task was created for' in a few lines.

Audit at the task level

Every decision is logged against the task that caused it. Replay, audit, and debug any action back to the work that triggered it.

Ready to try it?

Stop granting forever. Grant per task.

Join the private beta and we'll help you model your first task schemas and policies together.