Guide2 min read

What Is an Account Kit?

An Account Kit is a reusable policy template that governs what a tenant user's AI agents can do — which primitives are enabled and which apps they can connect.

Read the docs →

/what /what /what /what /what /what /what /what /what /what
/what /what /what /what /what /what /what /what /what /what
/what /what /what /what /what /what /what /what /what /what
/what /what /what /what /what /what /what /what /what /what
/what /what /what /what /what /what /what /what /what /what
/what /what /what /what /what /what /what /what /what /what
/what /what /what /what /what /what /what /what /what /what
/what /what /what /what /what /what /what /what /what /what
/what /what /what /what /what /what /what /what /what /what
/what /what /what /what /what /what /what /what /what /what
/what /what /what /what /what /what /what /what /what /what
/what /what /what /what /what /what /what /what /what /what
/what /what /what /what /what /what /what /what /what /what
/what /what /what /what /what /what /what /what /what /what
Guide
TL;DR
  • An Account Kit is a reusable policy template that governs what a tenant user's agents can do.
  • It controls two things: which native primitives are enabled, and which third-party apps a user may connect.
  • You author a few kits Starter, Pro, Enterprise — and assign users to them instead of configuring each one.
  • Kits set primitive defaults (like a card spending limit), app-filter mode (open/allowlist/blocklist), and per-tool rules.
  • Kits can require human approval on sensitive actions; cards, domains, verification, formation, and connecting apps default to gated.
  • The default kit on signup enables every native primitive with the app filter open.

If you've read about multi-tenant AI agents or agent permissions on Naïve, you've seen the term Account Kit. This is the short, definitional version: what an Account Kit is, what it controls, and why it exists.

What is an Account Kit?

An Account Kit is a reusable policy template that governs what a tenant user's agents can do. Rather than configuring 10,000 users one at a time, you author a few kits — say "Starter," "Pro," and "Enterprise" — and assign users to them.

It sits in the middle of Naïve's multi-tenant model: an operator (you) owns Account Kits, and each tenant user (your customer) is assigned one. The kit is the rulebook; the tenant user is who the rules apply to.

What does a kit control?

A kit controls exactly two things:

  1. Which native primitives are enabled — cards, email, vault, social, and so on. Primitives can carry defaults, like a card spending_limit_cents.
  2. Which third-party apps a user may connect — Gmail, Slack, Stripe, and the rest of the catalog.

Here's a "Pro" kit:

{
  "name": "Pro",
  "primitives_config": {
    "cards":  { "enabled": true, "defaults": { "spending_limit_cents": 250000 } },
    "email":  { "enabled": true },
    "vault":  { "enabled": true },
    "social": { "enabled": false }
  },
  "connections_config": {
    "mode": "allowlist",
    "toolkits": ["gmail", "slack", "stripe", "hubspot", "notion", "linear"],
    "tools": { "gmail": { "enable": ["GMAIL_FETCH_EMAILS", "GMAIL_SEND_EMAIL"] } }
  }
}

How does the app filter work?

The connections_config.mode field has three settings:

ModeBehavior
openNo filter — every third-party app is available (the default).
allowlistOnly the listed toolkits are available.
blocklistEvery app except the listed ones.

Allowlist and blocklist are mutually exclusive. Within an allowed app, you can go finer still — enable or disable specific tools (allow Gmail, but only fetch and send). And custom_auth_configs lets you pin your own provider auth so the OAuth consent screen shows your brand instead of the provider's.

Can a kit require approval?

Yes. Each gated primitive accepts requiresApproval. When it's on, a sensitive agent action freezes as a pending approval (HTTP 202) until a human approves it.

The defaults are conservative: cards, domains, verification, formation, and connecting a new app default to requiring approval. Set requiresApproval: false to opt a primitive out. Human callers from the dashboard or a session are not subject to the approval gate — only agent (API-key or MCP) calls are gated (per published docs).

What's the default kit?

On signup you get a default kit with mode: "open" and every native primitive enabled — so you can build immediately without writing policy first. As you move toward a multi-tenant product, you author tighter kits and assign the right one to each tenant user.

Where it fits

An Account Kit is one piece of a larger picture: tenant users give you per-customer isolation, and Account Kits give you enforced permissions on top of that isolation. Together they're how the multi-tenant playbook keeps each customer's agent both separate and safe. For the complete field-by-field reference, see the Account Kits docs.

Frequently Asked Questions
What is an Account Kit?+
An Account Kit is a reusable policy template on Naïve that governs what a tenant user's AI agents can do. It controls which native primitives are enabled (like cards, email, or vault) and which third-party apps the user may connect. Instead of configuring thousands of users individually, you author a few kits and assign users to them.
What can an Account Kit control?+
Two things: primitives and apps. `primitives_config` enables specific native capabilities and can set defaults such as a card spending limit. `connections_config` sets which third-party apps are available via a mode (open, allowlist, or blocklist), can restrict to individual tools within an app, and can white-label the OAuth consent screen with your own brand.
What are the three app-filter modes?+
`open` means no filter — every third-party app is available (the default). `allowlist` means only the listed toolkits are available. `blocklist` means every app except the listed ones. Allowlist and blocklist are mutually exclusive, so a kit uses one approach or the other.
Can an Account Kit require approval before an agent acts?+
Yes. Each gated primitive accepts `requiresApproval`, and when it's on, a sensitive action freezes as a pending approval (HTTP 202) until a human approves it. Cards, domains, verification, formation, and connecting a new app default to requiring approval; you can opt out with `requiresApproval: false`. Human callers are not subject to the approval gate — only agent calls are gated (per published docs).
What does the default Account Kit look like?+
On signup, the default kit is `mode: "open"` with every native primitive enabled — so a solo developer can start immediately without configuring policy. You tighten it, or author additional kits like Starter/Pro/Enterprise, as you move into multi-tenant use.
How is an Account Kit different from a tenant user?+
A tenant user is one of your customers — the isolation boundary every resource attaches to. An Account Kit is the policy assigned to that user — the rules for what their agent may do. Many tenant users can share one kit, and changing the kit updates all of them at once.
NT
Naïve Team

Building the agent-native backend.

Keep reading