Inspector, Settings · Attribution policy (Markdown)

<!--
  Full-page Markdown export (rendered HTML → GFM).
  Source: https://neotoma.io/ur/inspector/settings/attribution-policy
  Generated: 2026-04-27T12:48:45.303Z
-->
# Inspector, Settings · Attribution policy

Attribution policy controls how Neotoma reacts to writes from agents at different trust tiers. The Inspector renders the [AAuth](/aauth) contract as a live operator console: pick a global mode, set a minimum tier, override per path, and watch the resolved decision update against the last 100 requests.

inspector.neotoma.io/settings#attribution

Inspector

Neotoma

Dashboard

Conversations

Turns

Compliance

Activity

Feedback

Entities

Observations

Sources

Relationships

Graph Explorer

Schemas

Timeline

Interpretations

Agents

Agent grants

Settings

Global mode & minimum tier

Global mode

allowwarnreject

Active: warn

Min tier

hardwaresoftwareunverified\_client

Active: software

Per-path overrides

<table class="w-full text-[12px]"><tbody><tr class="border-b border-border/40 last:border-0"><td class="py-1.5 font-mono text-muted-foreground">/observations</td><td class="py-1.5 text-right">reject</td></tr><tr class="border-b border-border/40 last:border-0"><td class="py-1.5 font-mono text-muted-foreground">/relationships</td><td class="py-1.5 text-right">warn</td></tr><tr class="border-b border-border/40 last:border-0"><td class="py-1.5 font-mono text-muted-foreground">/timeline</td><td class="py-1.5 text-right">warn</td></tr><tr class="border-b border-border/40 last:border-0"><td class="py-1.5 font-mono text-muted-foreground">/sources</td><td class="py-1.5 text-right">allow</td></tr></tbody></table>

Decision (last 100 requests)

Verified sigs

94

94%

Promoted (HW)

12

attestation OK

Rejected

3

anonymous → /observations

Attribution policy panel, global mode, minimum tier, per-path overrides, and a decision summary that mirrors the env-var contract.

## Global mode

-   allow Accept writes at every tier, including `anonymous`. Suitable for personal-use mode and sandbox.
-   warn Accept writes but emit an `attribution_decision warn` log line whenever the request lands below the minimum tier. Useful while rolling AAuth out across an existing fleet of agents.
-   reject Refuse writes below the minimum tier with a structured 401 error. The recommended setting for shared/server installs once your agents are signing.

◆

## Minimum tier

Requests above the configured floor are accepted (subject to global mode); requests below it are warned or rejected. The four tiers, in descending strength:

1.  `hardware`, verified AAuth signature with hardware-backed attestation (TPM 2.0, Apple Secure Enclave, Yubikey).
2.  `software`, verified AAuth signature without an attested hardware backing.
3.  `unverified_client`, recognisable `clientInfo` but no signature.
4.  `anonymous`, neither signature nor recognisable client.

◆

## Per-path overrides

Per-path overrides let you tighten policy on the highest-risk endpoints (typically `/observations` and `/relationships`) while leaving read paths permissive. A per-path `reject` always wins over a global `allow`; this is enforced both at the server and surfaced in the UI badge for the row.

◆

## Resolution & environment variables

Policy can be set three ways, in increasing precedence:

1.  Inspector UI (this panel), writes through to the local config.
2.  `NEOTOMA_ATTRIBUTION_POLICY` / `NEOTOMA_MIN_ATTRIBUTION_TIER` / `NEOTOMA_ATTRIBUTION_POLICY_JSON`, env vars at server start.
3.  Per-request override headers (signed admission tokens; see [AAuth](/aauth)).

The decision summary at the top of the panel reports which source won, so an env-var override on a server is never silently in effect.

◆

## Per-agent grants

Tier-based policy is the wide net. For fine-grained `(operation, entity_type)` allow-lists per signing identity, use [Agents & grants](/inspector/agents) , those layer on top of the global policy and apply to a single thumbprint.