Book a demo

A 30-minute walkthrough on your real providers. We'll deploy CodeVector against your OpenAI or Anthropic key, configure Claude Code or Cursor live, and answer the questions your security team will ask. No slides.

Request deployment access

Tell us about your deployment and we will send Docker registry credentials for the private image and a license token for your environment.
Docs / Access Grants

Access Grants

Control which users and groups can use which Models in CodeVector. Grants are managed from user and group detail pages.

Your gateway URL

Pin your own gateway hostname and we'll rewrite the routes and curl examples on every docs page so you can click straight through to the live console. Stored locally in your browser.

Access grants control which Models a user or group can call through the gateway. Without a grant, requests return 403. Manage grants from the user or group detail page.

Granting access

Add access grant modal showing a search box and a list of Model rows with slug, display name, kind badge, and an Add button per row

The model picker on the user or group detail page. Search and click Add to grant a Model facade.

Open any user or group detail page and find the Model Access Grants card. Click Add grant to open a model picker.

Search by slug or display name, then click Add next to the model you want to grant. The grant takes effect immediately - the user can make requests to that model slug on the next gateway call.

Revoking access

Each grant in the list has a Revoke button. Revoking is immediate and cannot be undone. In-flight requests are not affected, but new requests will be rejected.

How grants merge

When a user belongs to groups, their effective access is the union of:

  • Personal grants assigned directly to the user
  • All grants assigned to every group the user belongs to

If any grant allows access to a model, the user can use it. There is no “deny” grant - access is allow-only.

Empty grants

If a user has no grants and belongs to no groups with grants, all gateway requests return:

{
  "error": "access_denied",
  "message": "You do not have access to this model"
}

Frequently asked questions

Can I grant access to a Provider Model directly?

No. Grants are always against Model facades. Users request a model slug, and the gateway routes to the appropriate backend.

What happens if a user has no grants?

Users with no grants cannot access any models. The gateway returns a 403 with an access_denied error.

Do group grants combine with user grants?

Yes. A user gets the union of their personal grants and all group grants they belong to.

  • Users. Manage user accounts and their direct grants.
  • Groups. Organize users and set group-level grants.
  • Models. The model facades that grants reference.