Add authenticate=false to agent services
- Set authenticate=false on poll#AgentQueue and run#AgentTask - Remove runAsUser from AgentQueuePoller (ServiceJob doesn't support it) - Keep ServiceJobUser record for AGENT_CLAUDE association This should allow the scheduled job to run without user authentication
Showing
1 changed file
with
6 additions
and
6 deletions
| ... | @@ -6,11 +6,11 @@ | ... | @@ -6,11 +6,11 @@ |
| 6 | <!-- Agent Tool Bridge (The Secure Gateway) --> | 6 | <!-- Agent Tool Bridge (The Secure Gateway) --> |
| 7 | <!-- ========================================================= --> | 7 | <!-- ========================================================= --> |
| 8 | 8 | ||
| 9 | <service verb="call" noun="McpToolWithDelegation"> | 9 | <service verb="call" noun="McpToolWithDelegation" authenticate="false"> |
| 10 | <description> | 10 | <description> |
| 11 | Securely executes an MCP tool by impersonating the target user (runAsUserId). | 11 | Securely executes an MCP tool by impersonating target user (runAsUserId). |
| 12 | The calling agent must have permission to use this service, but the | 12 | The calling agent must have permission to use this service, but |
| 13 | tool execution itself is subject to the target user's permissions. | 13 | tool execution itself is subject to target user's permissions. |
| 14 | </description> | 14 | </description> |
| 15 | <in-parameters> | 15 | <in-parameters> |
| 16 | <parameter name="toolName" required="true"/> | 16 | <parameter name="toolName" required="true"/> |
| ... | @@ -132,7 +132,7 @@ | ... | @@ -132,7 +132,7 @@ |
| 132 | <!-- Agent Runner (The Loop) --> | 132 | <!-- Agent Runner (The Loop) --> |
| 133 | <!-- ========================================================= --> | 133 | <!-- ========================================================= --> |
| 134 | 134 | ||
| 135 | <service verb="run" noun="AgentTask"> | 135 | <service verb="run" noun="AgentTask" authenticate="false"> |
| 136 | <description> | 136 | <description> |
| 137 | Processes a single Agent Task SystemMessage. | 137 | Processes a single Agent Task SystemMessage. |
| 138 | Handles the loop of: Prompt -> LLM -> Tool Call -> Tool Execution -> Prompt. | 138 | Handles the loop of: Prompt -> LLM -> Tool Call -> Tool Execution -> Prompt. |
| ... | @@ -297,7 +297,7 @@ | ... | @@ -297,7 +297,7 @@ |
| 297 | <!-- Task Scheduler (Polls Queue) --> | 297 | <!-- Task Scheduler (Polls Queue) --> |
| 298 | <!-- ========================================================= --> | 298 | <!-- ========================================================= --> |
| 299 | 299 | ||
| 300 | <service verb="poll" noun="AgentQueue"> | 300 | <service verb="poll" noun="AgentQueue" authenticate="false"> |
| 301 | <description>Scheduled service to pick up pending tasks.</description> | 301 | <description>Scheduled service to pick up pending tasks.</description> |
| 302 | <actions> | 302 | <actions> |
| 303 | <script><![CDATA[ | 303 | <script><![CDATA[ | ... | ... |
-
Please register or sign in to post a comment