Skip to main content
An actor allowlist is a catalog resource that names a reusable set of usernames — grouped by identity provider — who may steer agents through externally-sourced events such as pull request comments, reviews, and issue or PR triggers. A steering policy references one or more allowlists; an author in the union of their usernames is admitted regardless of the policy’s association tier. This is how you let an approved bot or a trusted outside contributor drive an agent without granting them an organization role. Usernames are grouped by provider so the right namespace is matched against the event’s author — a GitHub login is matched in the GitHub OAuth provider, not against an organization or service identity. Matching is case-insensitive. In the dashboard, actor allowlists are managed under Organization Settings → Actor Allowlists.

Fields

NameTypeRequiredDescription
namestringyesUnique identifier within the tenant. DNS label format: [a-z][a-z0-9-]{0,62}. Names starting with murmur- are reserved for platform builtins.
descriptionstringnoHuman-readable description shown in the dashboard. Maximum 1024 bytes.
entriesActorAllowlistEntry[]noAllowlisted usernames, grouped by identity provider. Each provider may appear at most once.

Entry fields

Each entry in entries groups usernames under one identity provider.
NameTypeRequiredDescription
providerenumyesThe actor’s identity provider. Must be a user namespace — PROVIDER_GITHUB_OAUTH for a GitHub login. Organization and service namespaces (PROVIDER_GITHUB_APP, PROVIDER_SERVICE_PROFILE) are rejected: they never name a person, so an entry keyed on them would match no event author.
usernamesstring[]yesUsernames within the provider, matched case-insensitively against the event author. For GitHub, the login (e.g. octocat, dependabot[bot]). Each entry must be non-empty.

How it is used

An actor allowlist does nothing on its own — it is referenced by a steering policy’s allowlists field. When a gated event arrives (a PR comment, review, issue-opened, PR-opened, or PR-labeled trigger), the policy admits the author if either:
  • The author’s repository association meets the policy’s tier, or
  • The author appears in the union of usernames across the policy’s referenced allowlists, matched within the event’s provider.
An allowlist is what makes a bot account or a trusted outside collaborator able to steer an agent under a tier they would otherwise fail.

Examples

Allowlist a bot and an outside contributor

name: trusted-actors
description: "Bots and outside collaborators allowed to steer agents"
entries:
  - provider: PROVIDER_GITHUB_OAUTH
    usernames:
      - dependabot[bot]
      - octocat

cat <<'EOF' | murmur set actor-allowlist trusted-actors
name: trusted-actors
description: "Bots and outside collaborators allowed to steer agents"
entries:
  - provider: PROVIDER_GITHUB_OAUTH
    usernames:
      - dependabot[bot]
      - octocat
EOF

Listing actor allowlists

murmur get actor-allowlist

NAME              DESCRIPTION
trusted-actors    Bots and outside collaborators allowed to steer agents

Reading a single actor allowlist

murmur get actor-allowlist trusted-actors

Errors

CodeMeaningWhat to do
INVALID_ARGUMENTname is requiredProvide a name.
INVALID_ARGUMENTname must match [a-z][a-z0-9-]{0,62}Use lowercase letters, digits, and hyphens, starting with a letter.
INVALID_ARGUMENTdescription exceeds 1024 byte limitShorten the description to 1024 bytes or fewer.
INVALID_ARGUMENTentries[N]: provider is requiredSet a provider on every entry.
INVALID_ARGUMENTentries[N]: unknown provider <value>Use a valid provider — PROVIDER_GITHUB_OAUTH.
INVALID_ARGUMENTentries[N]: provider PROVIDER_GITHUB_APP is an org/service namespace, not an individual actor; use a user namespace such as PROVIDER_GITHUB_OAUTHAllowlist entries name people. Use a user-namespace provider.
INVALID_ARGUMENTentries[N]: duplicate provider <value>Merge usernames for a provider into a single entry.
INVALID_ARGUMENTentries[N].usernames[M]: empty usernameRemove the empty username or fill it in.
FAILED_PRECONDITIONcannot delete actor-allowlist: referenced by steering-policyA steering policy still names this allowlist. Update or delete the policy first.
  • steering-policy — references actor allowlists to admit authors regardless of tier
  • service-profile — the identity that automated agents commit under
  • Events — the webhook events steering gates
  • murmur set — CLI command for creating and updating catalog resources
  • murmur get — CLI command for reading catalog resources