Three Readers, Three Views

lore beginner 3 min read

What this means for you

LORE has three readers, not one. The platform operator sees every organization, the org admin sees their own, and the viewer reads without writing. Same library, three opening views.

The pitch

Open LORE and the page already knows who you are. A platform operator lands on a cross-organization dashboard. An org admin lands on their own decision log. A viewer reads the same pages without an annotation form in sight.

Who it’s for

Teams running AI agents across more than one organization, where the people overseeing the work have different blast radius — a platform owner, an org owner, and a teammate who just wants to read.

Proof points

Three roles inherited from the auth layer: admin, operator, viewer — no fourth tier, no custom permissions to model
Admin-only routes: organization repo management and platform settings; everything else is shared
Write actions (annotate outcome, archive, trigger review) return a 403 for viewers — the form simply does not render

journey
  title What each LORE reader does on Monday
  section Platform operator
    Open cross-org dashboard: 5: Operator
    Compare success rates by team: 4: Operator
    Trigger a review cycle: 5: Operator
  section Org admin
    Open own org decision log: 5: OrgAdmin
    Annotate last week's outcomes: 4: OrgAdmin
    Archive the noisy ones: 4: OrgAdmin
  section Viewer
    Search by agent name: 5: Viewer
    Read the causality of one decision: 4: Viewer
    Share a filtered URL with the team: 5: Viewer

neighbors on the map

LORE RBAC & Airlock Auth Flow implementing authentication in a new LORE page