Spaces:

nothingworry
/

IntegraChat

Sleeping

nothingworry commited on 16 days ago

Commit

7d2d8f1

1 Parent(s): b65ef75

update the readme file

Files changed (1) hide show

README.md CHANGED Viewed

@@ -11,6 +11,8 @@
 - [Overview](#overview)
 - [Quick Start](#quick-start)
 - [Features](#features)
 - [Installation & Setup](#installation--setup)
 - [Usage](#usage)
 - [API Endpoints](#api-endpoints)
@@ -70,6 +72,8 @@ Then access:
 - **FastAPI Docs**: `http://localhost:8000/docs`
 - **Next.js Frontend** (optional): `cd frontend && npm install && npm run dev` → `http://localhost:3000`
 ---
 ## Features
@@ -364,6 +368,7 @@ All endpoints are served by the FastAPI backend at `http://localhost:8000`. Most
 Most endpoints require:
 - `x-tenant-id`: Tenant identifier for multi-tenant isolation
 - `Content-Type: application/json`: For POST requests with JSON payloads
 ### Example Request

 - [Overview](#overview)
 - [Quick Start](#quick-start)
 - [Features](#features)
+- [Conversation Memory System](#conversation-memory-system)
+- [Role-Based Access Control (RBAC)](#role-based-access-control-rbac)
 - [Installation & Setup](#installation--setup)
 - [Usage](#usage)
 - [API Endpoints](#api-endpoints)
 - **FastAPI Docs**: `http://localhost:8000/docs`
 - **Next.js Frontend** (optional): `cd frontend && npm install && npm run dev` → `http://localhost:3000`
+> **Security Note:** REST requests that hit protected endpoints must include both `x-tenant-id` and `x-user-role` headers. Roles (`viewer`, `editor`, `admin`, `owner`) determine which actions—such as document ingestion, rule uploads, or analytics access—the caller may perform.
 ---
 ## Features
 Most endpoints require:
 - `x-tenant-id`: Tenant identifier for multi-tenant isolation
+- `x-user-role`: Caller role for RBAC enforcement (`viewer`, `editor`, `admin`, or `owner`)
 - `Content-Type: application/json`: For POST requests with JSON payloads
 ### Example Request