From deepgram-pack
Configure enterprise role-based access control for Deepgram integrations. Use when implementing team permissions, managing API key scopes, or setting up organization-level access controls. Trigger with phrases like "deepgram RBAC", "deepgram permissions", "deepgram access control", "deepgram team roles", "deepgram enterprise".
How this skill is triggered — by the user, by Claude, or both
Slash command
/deepgram-pack:deepgram-enterprise-rbacThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
- [Overview](#overview)
Implement role-based access control for enterprise Deepgram deployments with five roles (Admin, Developer, Analyst, Service, Auditor), scoped API keys, team management, permission middleware, and automated key rotation.
Create five roles with mapped Deepgram scopes: Admin (manage:, listen:, usage:, keys:), Developer (listen:, usage:read), Analyst (usage:read), Service (listen:), Auditor (usage:read, keys:read).
Implement user API key creation with role-based scopes. Keys are scoped to team projects with expiration dates (90 days for service accounts, 365 for users). Store key references, not keys themselves.
Create Express middleware that checks user permissions before route handlers. Return 401 for unauthenticated, 403 for unauthorized requests.
Create teams linked to Deepgram projects. Add/remove members with role assignment. Auto-provision/revoke API keys on membership changes.
Scan for keys expiring within 7 days. Revoke old key, create new key with same scopes, notify user. Run as scheduled job.
Log all key creation, revocation, role changes, and permission denials with timestamps and actor IDs.
See detailed implementation for advanced patterns.
| Issue | Cause | Solution |
|---|---|---|
| Permission denied | Wrong role | Request role upgrade from admin |
| Key expired | No rotation | Enable auto-rotation job |
| Team not found | Deleted team | Verify team exists before operations |
| Scope mismatch | Role change | Revoke and recreate key on role update |
| Scope | Description | Roles |
|---|---|---|
listen:* | All transcription | Admin, Developer, Service |
manage:* | All management | Admin |
usage:read | View usage | Admin, Developer, Analyst, Auditor |
keys:read | View API keys | Admin, Auditor |
keys:write | Create/delete keys | Admin |
| Action | Admin | Developer | Analyst | Service | Auditor |
|---|---|---|---|---|---|
| Transcribe | Yes | Yes | No | Yes | No |
| View usage | Yes | Yes | Yes | No | Yes |
| Manage keys | Yes | No | No | No | No |
| View audit | Yes | No | No | No | Yes |
npx claudepluginhub bulozb/claude-code-plugins-plus-skills --plugin deepgram-packGuides collaborative design exploration before implementation: explores context, asks clarifying questions, proposes approaches, and writes a design doc for user approval.
Creates structured, bite-sized implementation plans from specs or requirements before writing code. Useful for breaking down multi-step tasks into testable steps with file structure and task boundaries.
Synthesizes the current conversation into a structured spec (PRD) and publishes it to the project issue tracker with a ready-for-agent label, without interviewing the user.
4plugins reuse this skill
First indexed Jul 11, 2026