Project-based access control & authentication support in Archon

[nlgupta-systango]

I have a couple of questions regarding Archon’s access control features: (using stable branch)

• Does Archon support project-based access control?
  Currently, all users can see and access all projects. Is there a way to restrict visibility or permissions per project?

• Does the Archon MCP server provide authentication?
  At the moment, if the server is exposed publicly, anyone with the URL can access it. Is there built-in authentication, or recommended best practices for securing the server?

Thanks!

[txhno]

From what I can see in the stable branch, I do not think Archon has project-based access control in the web app yet. I’m not finding per-project visibility/permission logic there, so if multiple users can reach the same Archon instance, they effectively share the same project list.

For the MCP/server side: I also do not think there is built-in public-facing auth at the server layer. The repo’s security docs explicitly recommend putting a public deployment behind Caddy auth instead of exposing it directly.

One nuance: some adapters do support user whitelists (GitHub, Slack, Telegram, Discord), but that is adapter-level access control, not per-project RBAC in the web UI.