Why Use This
This skill provides specialized capabilities for jeremylongshore's codebase.
Use Cases
- Developing new features in the jeremylongshore repository
- Refactoring existing code to follow jeremylongshore standards
- Understanding and working with jeremylongshore's codebase structure
Install Guide
2 steps - 1
- 2
Install inside Ananke
Click Install Skill, paste the link below, then press Install.
https://github.com/jeremylongshore/claude-code-plugins-plus-skills/tree/main/plugins/saas-packs/exa-pack/skills/exa-enterprise-rbac
Skill Snapshot
Auto scan of skill assets. Informational only.
Valid SKILL.md
Checks against SKILL.md specification
Source & Community
Updated At Mar 11, 2026, 05:33 AM
Skill Stats
SKILL.md 119 Lines
Total Files 1
Total Size 4.2 KB
License MIT
---
name: exa-enterprise-rbac
description: |
Configure Exa enterprise SSO, role-based access control, and organization management.
Use when implementing SSO integration, configuring role-based permissions,
or setting up organization-level controls for Exa.
Trigger with phrases like "exa SSO", "exa RBAC",
"exa enterprise", "exa roles", "exa permissions", "exa SAML".
allowed-tools: Read, Write, Edit
version: 1.0.0
license: MIT
author: Jeremy Longshore <jeremy@intentsolutions.io>
compatible-with: claude-code, codex, openclaw
---
# Exa Enterprise RBAC
## Overview
Manage access to Exa AI search API through API key scoping and team-level controls. Exa is an API-first product with per-search pricing, so access control centers on API key management, rate limiting, and domain restrictions rather than traditional user roles.
## Prerequisites
- Exa API account with team plan
- Dashboard access at dashboard.exa.ai
- At least one API key with management permissions
## Instructions
### Step 1: Create Scoped API Keys per Use Case
```bash
set -euo pipefail
# Create a key for the RAG pipeline (high volume, neural search only)
curl -X POST https://api.exa.ai/v1/api-keys \
-H "Authorization: Bearer $EXA_ADMIN_KEY" \
-d '{
"name": "rag-pipeline-prod",
"allowed_endpoints": ["search", "get-contents"],
"rate_limit_rpm": 300, # 300: timeout: 5 minutes
"monthly_search_limit": 50000 # 50000ms = 50 seconds
}'
# Create a restricted key for the internal tool (low volume)
curl -X POST https://api.exa.ai/v1/api-keys \
-H "Authorization: Bearer $EXA_ADMIN_KEY" \
-d '{
"name": "internal-research-tool",
"rate_limit_rpm": 30,
"monthly_search_limit": 5000 # 5000: 5 seconds in ms
}'
```
### Step 2: Implement Key-Based Access in Your Gateway
```typescript
// exa-proxy.ts - Route requests through your gateway
const KEY_PERMISSIONS: Record<string, { maxResults: number; allowedTypes: string[] }> = {
'rag-pipeline': { maxResults: 10, allowedTypes: ['neural', 'auto'] },
'research-tool': { maxResults: 25, allowedTypes: ['neural', 'keyword', 'auto'] },
'marketing-team': { maxResults: 5, allowedTypes: ['keyword'] },
};
function validateRequest(keyName: string, searchType: string, numResults: number): boolean {
const perms = KEY_PERMISSIONS[keyName];
if (!perms) return false;
return perms.allowedTypes.includes(searchType) && numResults <= perms.maxResults;
}
```
### Step 3: Set Domain Restrictions
Restrict search results to approved domains for compliance-sensitive teams:
```bash
set -euo pipefail
# Only allow searches from vetted sources
curl -X POST https://api.exa.ai/search \
-H "x-api-key: $EXA_API_KEY" \
-d '{
"query": "enterprise security best practices",
"includeDomains": ["nist.gov", "owasp.org", "sans.org"],
"numResults": 10
}'
```
### Step 4: Monitor Usage and Rotate Keys
```bash
set -euo pipefail
# Check usage per API key
curl https://api.exa.ai/v1/usage \
-H "Authorization: Bearer $EXA_ADMIN_KEY" | \
jq '.keys[] | {name, searches_this_month, cost_usd}'
# Rotate a key (create new, then delete old)
NEW_KEY=$(curl -s -X POST https://api.exa.ai/v1/api-keys \
-H "Authorization: Bearer $EXA_ADMIN_KEY" \
-d '{"name": "rag-pipeline-prod-v2"}' | jq -r '.key')
echo "Update services with new key, then delete old key"
```
## Error Handling
| Issue | Cause | Solution |
|-------|-------|----------|
| `401` on search | Invalid or revoked API key | Regenerate key in dashboard |
| `429 rate limited` | Exceeded RPM on key | Increase rate limit or add request queue |
| Monthly limit hit | Search budget exhausted | Upgrade plan or wait for billing cycle reset |
| Empty results | Domain filter too restrictive | Widen `includeDomains` or remove filter |
## Examples
**Basic usage**: Apply exa enterprise rbac to a standard project setup with default configuration options.
**Advanced scenario**: Customize exa enterprise rbac for production environments with multiple constraints and team-specific requirements.
## Output
- Configuration files or code changes applied to the project
- Validation report confirming correct implementation
- Summary of changes made and their rationale
## Resources
- Official Exa Enterprise Rbac documentation
- Community best practices and patterns
- Related skills in this plugin pack 
