Skip to content

webpro255/openai-agentlock

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
examples
examples
 
 
openai_agentlock
openai_agentlock
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

openai-agentlock

AgentLock authorization middleware for the OpenAI Agents SDK.

Wraps FunctionTool instances so every tool call passes through an AuthorizationGate before the tool body runs. Denials are returned to the model as plain strings; allowed calls receive a single-use execution token, optional output transforms, and provenance tracking.

Install

pip install openai-agentlock

Minimal usage

from agents import Agent, function_tool
from agentlock import AuthorizationGate, AgentLockPermissions
from openai_agentlock import lock_agent

gate = AuthorizationGate()

@function_tool
def read_record(record_id: str) -> str:
    return f"record {record_id}"

agent = Agent(name="demo", tools=[read_record])

lock_agent(
    agent,
    gate,
    permissions={
        "read_record": AgentLockPermissions(
            allowed_roles=["reader"],
            requires_auth=True,
        ),
    },
)

Pass an identity object through RunContextWrapper.context that exposes user_id, role, and (optionally) session_id so the gate can evaluate role and scope.

License

Apache 2.0.

About

AgentLock authorization middleware for OpenAI Agents SDK tool calls

agentlock.dev

Topics

authorization openai authorizations ai-agents ai-security guardrails ai-security-tool agent-security openai-agents openai-agents-sdk agentlock

Resources

Readme

License

View license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

1 tags

Contributors

Languages