ABAC (Attribute-Based Access Control) is an Enterprise feature for managing fine-grained access control. If you are interested in this feature, contact our sales team. Other plans default to using the Admin role for all users.
Roles and resource tags can be managed via the UI or API. ABAC policies are configurable via the API. Once configured, policies are automatically enforced in both the API and the UI.
Before you begin
- Set up resource tags in your workspace.
- ABAC currently only supports
resource_tag_keyas anattribute_namein policies, for evaluating against resource tags. No other attributes are supported yet.
Enable ABAC for self-hosted deployments
-
ABAC requires a self-hosted LangSmith deployment running Helm chart 0.11.28 or later (application version 0.12.1). Once you’ve upgraded, use one of the following options to enable ABAC:
-
Enable for a specific organization: Run the following against your LangSmith PostgreSQL database, replacing
<organization_id>with the ID copied from the organization settings page in the UI: -
Enable for all organizations: Add the following environment variable to
commonEnvin yourvalues.yaml:This environment variable has no effect on personal organizations, because RBAC is not enabled for personal organizations.
-
Enable for a specific organization: Run the following against your LangSmith PostgreSQL database, replacing
-
Set up authentication. To manage access policies via the API, you need a Personal Access Token (PAT) from an Organization Admin user, or an organization-scoped service key with Organization Admin permissions. Set the following environment variables before running any scripts:
Access policy structure
An access policy defines conditions under which access is granted or denied. Here’s the structure:Effect
Theeffect determines what happens when conditions match:
allow- Grant access when conditions matchdeny- Block access when conditions match
Deny policies always take precedence. If both an allow and deny policy match, access is denied.
Condition groups
Thecondition_groups array contains one or more condition groups. Multiple condition groups are evaluated with OR logic - if any group matches, the policy applies.
Each condition group specifies:
permission- The permission this group applies toresource_type- The resource type to matchconditions- Array of conditions (evaluated with AND logic within the group)
Resource types and permissions
Runs don’t have their own tags. Run permissions (
runs:read, runs:create, runs:share, runs:delete) are evaluated against the parent project’s tags.Conditions
Each condition in theconditions array specifies:
attribute_name- Currently onlyresource_tag_keyis supportedattribute_key- The tag key to match (e.g.,Environment,Team)operator- The comparison operatorattribute_value- The value to compare against
Operators
_if_exists variants
Each operator has an _if_exists variant that matches by default when the tag key is absent, or evaluates the condition normally when the tag exists:
Roles
Therole_ids array specifies which workspace roles the policy applies to. When a user with that role accesses a resource, the policy conditions are evaluated.
Policies can be attached to roles when creating the policy, or attached later via the API.
Managing access policies
Access policies are managed via the LangSmith API by Organization Admins. Before creating policies, set up resource tags in your workspace.How ABAC works with RBAC
RBAC permissions and ABAC policies are both considered when determining access to resources:- ABAC deny policies override RBAC permissions
- ABAC allow policies can grant access even without RBAC permissions
- If no ABAC policies match, the system falls back to RBAC
Policy evaluation outcomes
Feature combinations:
When both RBAC and ABAC are enabled:
Example scenarios
1. Annotator team assignment
Allow annotators to only access datasets tagged for their team:2. Block sensitive data
Deny access to datasets containing PII. Since deny policies override allow policies, this blocks access even for users with RBAC permissions:3. Application-based access with wildcards
Allow engineers to access projects for any application in the “chatbot” family using glob patterns:4. Client and purpose isolation (AND logic)
Grant access only if both conditions are met - dataset is for training AND belongs to a specific client:5. Client data plus resources without a Client tag using _if_exists
Consultants don’t have RBAC datasets:read permission, but this policy grants them access to datasets tagged Client=Acme-Corp, as well as datasets that don’t have a Client tag at all. Datasets tagged with a different client (e.g., Client=Other-Corp) remain blocked:
Tag resources at creation time
When ABAC policies are active, resources are access-controlled based on their tags. To make sure a resource is protected as soon as it is created, you can supply tags directly in the creation request using thetag_value_ids parameter.
This is supported on project, dataset, and prompt creation endpoints (including fork and clone operations). Tags are applied atomically in the same database transaction as resource creation.
For full details and examples, see Tag a resource at creation time in the resource tags guide.
If you rely on the LangSmith SDK to auto-create tracing projects during trace ingestion, the
tag_value_ids parameter is not available on that auto-create path. To ensure ABAC policies apply from the start, pre-create the project via POST /api/v1/sessions with the desired tag_value_ids before starting your trace session.Troubleshooting
Access unexpectedly denied?- Check if a deny policy is matching (deny always takes precedence)
- Check if the user has RBAC permissions or a matching allow policy
- Verify the resource has the expected tag and value
- Deny policies with
_if_existsoperators block resources missing that tag key - For case-sensitive operators (
equals,not_equals), check for case mismatches - With multiple conditions in a group, all must match (AND logic)
- Review RBAC permissions (users may have access via their role)
- Check if an allow policy is too broad (e.g., using wildcards)
_if_existsoperators match resources missing that tag key
- Confirm the policy is attached to the correct role
- Verify the user has that role in the workspace
- Check that
resource_typeandpermissionmatch the resource being accessed
Connect these docs to Claude, VSCode, and more via MCP for real-time answers.

