From c5d09e174d1866aebb2340558d708742f28eb4e2 Mon Sep 17 00:00:00 2001
From: "wuqingfu.528" <wuqingfu.528@bytedance.com>
Date: Thu, 22 Jan 2026 17:33:19 +0800
Subject: [PATCH 1/4] fix: fix agent authz callback

---
 veadk/tools/builtin_tools/agent_authorization.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/veadk/tools/builtin_tools/agent_authorization.py b/veadk/tools/builtin_tools/agent_authorization.py
index dc5db6c5..bda3b055 100644
--- a/veadk/tools/builtin_tools/agent_authorization.py
+++ b/veadk/tools/builtin_tools/agent_authorization.py
@@ -59,7 +59,7 @@ async def check_agent_authorization(
         role_id = actors[0]
 
         principal = {"Type": "user", "Id": user_id}
-        operation = {"Type": "action", "Id": "invoke"}
+        operation = {"Type": "Action", "Id": "invoke"}
         resource = {"Type": "agent", "Id": role_id}
         original_callers = [{"Type": "agent", "Id": actor} for actor in actors[1:]]
 

From 9966cb22f76ef829b028ac7e0a041cf20c722dd5 Mon Sep 17 00:00:00 2001
From: "wuqingfu.528" <wuqingfu.528@bytedance.com>
Date: Thu, 22 Jan 2026 19:09:42 +0800
Subject: [PATCH 2/4] fix: add namespace_name

---
 veadk/tools/builtin_tools/agent_authorization.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/veadk/tools/builtin_tools/agent_authorization.py b/veadk/tools/builtin_tools/agent_authorization.py
index bda3b055..43d83c17 100644
--- a/veadk/tools/builtin_tools/agent_authorization.py
+++ b/veadk/tools/builtin_tools/agent_authorization.py
@@ -59,7 +59,7 @@ async def check_agent_authorization(
         role_id = actors[0]
 
         principal = {"Type": "user", "Id": user_id}
-        operation = {"Type": "Action", "Id": "invoke"}
+        operation = {"Type": "action", "Id": "invoke"}
         resource = {"Type": "agent", "Id": role_id}
         original_callers = [{"Type": "agent", "Id": actor} for actor in actors[1:]]
 
@@ -68,6 +68,7 @@ async def check_agent_authorization(
             operation=operation,
             resource=resource,
             original_callers=original_callers,
+            namespace_name="wqf--test",
         )
 
         if allowed:

From 2c920b10732532e5f958a459f8277815aac1c9b5 Mon Sep 17 00:00:00 2001
From: "wuqingfu.528" <wuqingfu.528@bytedance.com>
Date: Thu, 22 Jan 2026 20:08:58 +0800
Subject: [PATCH 3/4] fix: add namespace_name

---
 veadk/tools/builtin_tools/agent_authorization.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/veadk/tools/builtin_tools/agent_authorization.py b/veadk/tools/builtin_tools/agent_authorization.py
index 43d83c17..dfd09920 100644
--- a/veadk/tools/builtin_tools/agent_authorization.py
+++ b/veadk/tools/builtin_tools/agent_authorization.py
@@ -68,7 +68,7 @@ async def check_agent_authorization(
             operation=operation,
             resource=resource,
             original_callers=original_callers,
-            namespace_name="wqf--test",
+            namespace="wqf--test",
         )
 
         if allowed:

From 6f8d8708d2f7ebd80b18bf74d0850fead6bee36d Mon Sep 17 00:00:00 2001
From: "wuqingfu.528" <wuqingfu.528@bytedance.com>
Date: Fri, 23 Jan 2026 10:50:26 +0800
Subject: [PATCH 4/4] fix: fix agent authorization and add user docs

---
 docs/docs/auth/permission-policy.md           | 42 +++++++++++++++++++
 docs/mkdocs.yml                               |  1 +
 .../builtin_tools/agent_authorization.py      |  7 +++-
 3 files changed, 48 insertions(+), 2 deletions(-)
 create mode 100644 docs/docs/auth/permission-policy.md

diff --git a/docs/docs/auth/permission-policy.md b/docs/docs/auth/permission-policy.md
new file mode 100644
index 00000000..31b76564
--- /dev/null
+++ b/docs/docs/auth/permission-policy.md
@@ -0,0 +1,42 @@
+# 权限策略
+
+Agent 权限策略基于 Cedar 声明式授权语言，提供了一套覆盖 User → Agent → Tool 全链路的权限管理方案。通过本指南，你将了解如何在智能体代码中启用权限校验，并通过控制台配置权限策略，确保智能体仅被授权用户访问。
+
+## 前置准备
+参考[使用文档](https://www.volcengine.com/docs/86848/2123355?lang=zh)，登录火山引擎智能体身份和权限管理平台，按以下步骤创建策略空间与权限策略：
+- 进入「权限管控 > 权限策略」，创建策略空间（填写空间名称、描述，选择所属项目和标签）；
+- 在目标策略空间内新建权限策略，可通过「可视化编辑」或「Cedar 语句编辑」定义规则（例如：允许指定用户调用某智能体）；
+- 使用「模拟权限校验」功能验证策略是否符合预期。
+
+## 代码实现
+
+在调用智能体之前，需在 [AgentKit Runtime](https://console.volcengine.com/agentkit/region:agentkit+cn-beijing/runtime) 控制台配置 `RUNTIME_IDENTITY_NAMESPACE` 环境变量指定策略空间（默认为 default），以确保权限校验能匹配到对应的策略规则：
+```bash
+# 设置策略空间名称（替换为你实际创建的策略空间名称）
+RUNTIME_IDENTITY_NAMESPACE="你的策略空间名称"
+```
+
+在初始化 Agent 时开启授权功能（enable_authz=True），即可触发权限校验流程。以下是部署到 [AgentKit Runtime](https://console.volcengine.com/agentkit/region:agentkit+cn-beijing/runtime) 的代码示例：
+
+```python title="agent.py"
+import asyncio
+
+from veadk import Agent, Runner
+
+# 待校验权限的用户ID
+user_id = "9d154b10-285f-404c-ba67-0bf648ff9ce0"
+
+# 初始化Agent并开启权限校验
+agent = Agent(enable_authz=True)
+
+runner = Runner(agent=agent)
+
+# 调用智能体并传入用户ID（权限校验的核心依据）
+response = asyncio.run(runner.run(messages="你好", user_id=user_id))
+
+print(response)
+```
+
+运行结果：
+- 授权通过：若用户在策略空间中拥有调用该智能体的权限，代码会正常执行并返回智能体的响应结果；
+- 授权失败：若用户未被授权访问该智能体，会抛出权限异常，错误信息示例：`Agent <agent role> is not authorized to run by user 9d154b10-285f-404c-ba67-0bf648ff9ce0.`
diff --git a/docs/mkdocs.yml b/docs/mkdocs.yml
index ddd66a88..eaf6d653 100644
--- a/docs/mkdocs.yml
+++ b/docs/mkdocs.yml
@@ -67,6 +67,7 @@ nav:
       - OAuth2 用户联邦出站认证: auth/oauth2-user-federation-outbound.md
       - OAuth2 M2M 出站认证: auth/oauth2-m2m-outbound.md
       - Trusted MCP 出站认证: auth/trusted-mcp-outbound.md
+      - 权限策略: auth/permission-policy.md
     - 可观测:
       - 开启观测: observation/tracing.md
       - 在火山引擎观测: observation/ve-tracing.md
diff --git a/veadk/tools/builtin_tools/agent_authorization.py b/veadk/tools/builtin_tools/agent_authorization.py
index dfd09920..65dd789d 100644
--- a/veadk/tools/builtin_tools/agent_authorization.py
+++ b/veadk/tools/builtin_tools/agent_authorization.py
@@ -12,6 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+import os
 from typing import Optional
 
 from google.genai import types
@@ -59,16 +60,18 @@ async def check_agent_authorization(
         role_id = actors[0]
 
         principal = {"Type": "user", "Id": user_id}
-        operation = {"Type": "action", "Id": "invoke"}
+        operation = {"Type": "Action", "Id": "invoke"}
         resource = {"Type": "agent", "Id": role_id}
         original_callers = [{"Type": "agent", "Id": actor} for actor in actors[1:]]
 
+        namespace = os.getenv("RUNTIME_IDENTITY_NAMESPACE", "default")
+
         allowed = identity_client.check_permission(
             principal=principal,
             operation=operation,
             resource=resource,
             original_callers=original_callers,
-            namespace="wqf--test",
+            namespace=namespace,
         )
 
         if allowed: