IBM
diff --git a/‎CHANGELOG.md‎
Lines changed: 7 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎docker-compose.yml‎
Lines changed: 1 addition & 1 deletion b/‎docker-compose.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/docs/manage/rbac.md‎
Lines changed: 13 additions & 23 deletions b/‎docs/docs/manage/rbac.md‎
Lines changed: 13 additions & 23 deletions
@@ -212,6 +212,13 @@ This release **tightens production defaults** and adds **defense-in-depth contro
 * **C-20**: Gateway sync endpoints now enforce explicit RBAC and scoped ownership checks with normalized token-team semantics
 * **C-35**: Server usage SSE now validates server existence and fails closed for missing IDs in scoped checks
 * **C-39**: Import flow strips untrusted ownership/team/visibility fields for scoped entities
+* **A-04**: Request logging masking now covers normalized key variants (snake/camel/kebab/case changes) while preserving non-sensitive metadata fields
+* **C-06 / C-26**: Token scoping now applies consistently for cookie and header auth paths, and normalizes `APP_ROOT_PATH` prefixes before route permission matching
+* **C-31 / C-40 / C-41**: LLM chat config, provider config secrets, and sensitive tool headers now use at-rest protection with response-time masking and backward-compatible read handling
+* **C-34 / L-13**: Permission fallback paths now rely on explicit constants and canonical permission mappings across decorators, validation, and role checks, with default non-admin roles receiving explicit `teams.read` and token self-management permissions
+* **C-36 / C-37**: Server team reassignment now validates target-team ownership membership, and import defaults prefer scoped visibility for safer tenant defaults
+* **O-08 / O-12 / O-13**: SSO/OAuth flows now require `email_verified: true` claims for login acceptance (including existing users), enforce trusted-domain policy consistently, and use opaque server-side OAuth state mapping
+* **U-02 / U-03 / U-04**: Admin UI now enforces CSRF tokens/origin checks for state-changing flows, sanitizes dynamic DOM insertions, and uses pinned integrity-checked external assets
 * **Token helpers**: Rich-token generation now distinguishes omitted teams from explicit `teams: null` to preserve intended scope semantics
 * Health diagnostics endpoint now follows standard bearer-token validation.
 * JSON-RPC and REST logging controls now use aligned permission checks.
 
@@ -360,7 +360,7 @@ services:
       - JSON_SCHEMA_VALIDATION_STRICT=true
       - CORRELATION_ID_ENABLED=false
       - LLMCHAT_ENABLED=true
-      - OBSERVABILITY_ENABLED=false
+      - OBSERVABILITY_ENABLED=true
       # ═══════════════════════════════════════════════════════════════════════════
       # Database Connection Pool Configuration
       # ═══════════════════════════════════════════════════════════════════════════
 
@@ -63,10 +63,10 @@ Logical groups that:
 | Role | Scope | Permissions |
 |------|-------|-------------|
 | `platform_admin` | global | `["*"]` (all permissions) |
-| `team_admin` | team | admin.dashboard, gateways.read, gateways.create, gateways.update, gateways.delete, servers.read, servers.create, servers.update, servers.delete, teams.read, teams.update, teams.join, teams.delete, teams.manage_members, tools.read, tools.create, tools.update, tools.delete, tools.execute, resources.read, resources.create, resources.update, resources.delete, prompts.read, prompts.create, prompts.update, prompts.delete, a2a.read, a2a.create, a2a.update, a2a.delete, a2a.invoke, llm.read, llm.invoke |
-| `developer` | team | admin.dashboard, gateways.read, gateways.create, gateways.update, gateways.delete, servers.read, servers.create, servers.update, servers.delete, teams.join, tools.read, tools.create, tools.update, tools.delete, tools.execute, resources.read, resources.create, resources.update, resources.delete, prompts.read, prompts.create, prompts.update, prompts.delete, a2a.read, a2a.create, a2a.update, a2a.delete, a2a.invoke, llm.read, llm.invoke |
-| `viewer` | team | admin.dashboard, gateways.read, servers.read, teams.join, tools.read, resources.read, prompts.read, a2a.read, llm.read |
-| `platform_viewer` | global | admin.dashboard, gateways.read, servers.read, teams.join, tools.read, resources.read, prompts.read, a2a.read, llm.read |
+| `team_admin` | team | admin.dashboard, gateways.read, gateways.create, gateways.update, gateways.delete, servers.read, servers.create, servers.update, servers.delete, teams.read, teams.update, teams.join, teams.delete, teams.manage_members, tools.read, tools.create, tools.update, tools.delete, tools.execute, resources.read, resources.create, resources.update, resources.delete, prompts.read, prompts.create, prompts.update, prompts.delete, a2a.read, a2a.create, a2a.update, a2a.delete, a2a.invoke, llm.read, llm.invoke, tokens.create, tokens.read, tokens.update, tokens.revoke |
+| `developer` | team | admin.dashboard, gateways.read, gateways.create, gateways.update, gateways.delete, servers.read, servers.create, servers.update, servers.delete, teams.read, teams.join, tools.read, tools.create, tools.update, tools.delete, tools.execute, resources.read, resources.create, resources.update, resources.delete, prompts.read, prompts.create, prompts.update, prompts.delete, a2a.read, a2a.create, a2a.update, a2a.delete, a2a.invoke, llm.read, llm.invoke, tokens.create, tokens.read, tokens.update, tokens.revoke |
+| `viewer` | team | admin.dashboard, gateways.read, servers.read, teams.read, teams.join, tools.read, resources.read, prompts.read, a2a.read, llm.read, tokens.create, tokens.read, tokens.update, tokens.revoke |
+| `platform_viewer` | global | admin.dashboard, gateways.read, servers.read, teams.read, teams.join, tools.read, resources.read, prompts.read, a2a.read, llm.read, tokens.create, tokens.read, tokens.update, tokens.revoke |
 
 !!! info "Default Role Assignment"
     **New users automatically receive up to two roles upon creation:**
@@ -458,34 +458,24 @@ Permissions are defined in the `Permissions` class and control what actions user
 │ Permission Aggregation      │ ← Collect permissions from roles
 │ - Include inherited perms   │   (role inheritance supported)
 │ - Check for wildcard (*)    │
-└─────────────────────────────┘
-    │
-    ▼
-┌─────────────────────────────┐
-│ Fallback Permission Check   │ ← Implicit permissions (see below)
 └─────────────────────────────┘
     │
     ▼
   GRANT or DENY
 ```
 
-### Fallback Permissions
-
-The system grants implicit permissions without explicit role assignment. These are **not** shown in `/rbac/my/permissions` but are effective:
+### Explicit Team/Token Defaults
 
-| User Context | Implicit Permissions |
-|--------------|---------------------|
-| Any authenticated user | teams.create, teams.read |
-| Team member | teams.read (for their teams) |
-| Team owner | teams.read, teams.update, teams.delete, teams.manage_members |
-| Any authenticated user | tokens.* (for own tokens only) |
+Team and token management behavior is now controlled through explicit role permissions, not implicit fallback checks.
 
-!!! info "Why Fallback Permissions Exist"
-    Fallback permissions enable basic functionality without requiring explicit role assignment:
+| Role | Explicit Baseline Grants |
+|------|--------------------------|
+| `team_admin` | `teams.read`, `tokens.create`, `tokens.read`, `tokens.update`, `tokens.revoke` |
+| `developer` | `teams.read`, `tokens.create`, `tokens.read`, `tokens.update`, `tokens.revoke` |
+| `viewer` | `teams.read`, `tokens.create`, `tokens.read`, `tokens.update`, `tokens.revoke` |
+| `platform_viewer` | `teams.read`, `tokens.create`, `tokens.read`, `tokens.update`, `tokens.revoke` |
 
-    - Users can always create and view teams they belong to
-    - Team owners automatically have management rights
-    - Users can always manage their own API tokens
+Users without role assignments do not receive implicit team/token permissions.
 
 ### Admin API RBAC