Grants
A grant is the authorization record an owner creates for a developer. It defines exactly what proxy capabilities that developer has.
Fields
| Field | Notes |
|---|---|
user_sub | Cognito sub of the granted developer |
allowed_models | Model IDs and/or *-latest aliases, e.g. ["claude-opus-4-7", "claude-sonnet-latest"] |
allowed_regions | Subset of eu-central-1, eu-central-2, us-east-1. Must not be empty. |
default_region | Overrides the tenant default for this user |
monthly_budget_usd | Hard cap in USD; null = no per-developer cap (tenant cap still applies) |
allowed_skills | Skill IDs the developer may invoke; ["*"] = all active skills |
status | active / revoked |
created_by | Sub of the owner who created it |
Enforcement rules
- A developer without a grant cannot use the proxy (403, “no grant found”).
- A revoked grant blocks immediately — no TTL, no grace period.
allowed_modelsis checked against the live model catalog at request time. A deprecated model still listed in a grant is silently skipped in theGET /anthropic/v1/modelsresponse.allowed_regionsmust be a non-empty subset of the supported regions; an empty list is rejected at the API layer.
PUT /v1/grants/{user_id} is idempotent — it creates the grant if
absent and updates it if present.
Last updated on