diff --git a/mission-control/docs/installation/_properties.mdx b/mission-control/docs/installation/_properties.mdx
index 8b71d519..0ba90936 100644
--- a/mission-control/docs/installation/_properties.mdx
+++ b/mission-control/docs/installation/_properties.mdx
@@ -4,6 +4,7 @@ import MissionControl from './_properties_mission_control.mdx'
import Db from './_properties_db.mdx'
import Agent from './_agent_properties.mdx'
import Ingress from './_properties_ingress.mdx'
+import IdentityMapper from './_properties_identity_mapper.mdx'
{(!props.section || props.section == "mission-control") && }
{( props.section == "agent") && }
@@ -11,3 +12,4 @@ import Ingress from './_properties_ingress.mdx'
{(!props.section || props.section == "db") && }
{(!props.section || props.section == "auth") && }
{(!props.section || props.section == "agent" || props.section == "security") && }
+{(!props.section && props.section != "agent") && }
diff --git a/mission-control/docs/installation/_properties_identity_mapper.mdx b/mission-control/docs/installation/_properties_identity_mapper.mdx
new file mode 100644
index 00000000..6cfd2009
--- /dev/null
+++ b/mission-control/docs/installation/_properties_identity_mapper.mdx
@@ -0,0 +1,54 @@
+### Identity Mapper
+
+The schema for the object to be returned by the identity mapper script.
+
+
+
+
+#### Kratos Identity
+
+
\ No newline at end of file
diff --git a/mission-control/docs/installation/self-hosted/oidc.mdx b/mission-control/docs/installation/self-hosted/oidc.mdx
index 3445ff1b..6a8ff9ca 100644
--- a/mission-control/docs/installation/self-hosted/oidc.mdx
+++ b/mission-control/docs/installation/self-hosted/oidc.mdx
@@ -72,7 +72,7 @@ See [Providers](https://www.ory.sh/docs/kratos/social-signin/overview) more deta
5. Optionally, create a cel expression to map identities from the OIDC provider to a mission control role & team.
- _Example_: the following script maps all Azure users in the "SRE" group to the "admin" role & everyone else to a "viewer" role.
+ The following script maps all Azure users in the `SRE` group to the `admin` role and everyone else to the `viewer` role.
```yaml
apiVersion: v1
@@ -87,7 +87,7 @@ See [Providers](https://www.ory.sh/docs/kratos/social-signin/overview) more deta
```
- The cel expression is expected to return an object with a `role` & a `teams[]` fields.
+ See [Identity Mapper Schema](/reference/helm/mission-control#identity-mapper) & [RBAC](/reference/rbac)
6. Supply the identity mapper script to mission control.
diff --git a/mission-control/docs/reference/helm/mission-control.mdx b/mission-control/docs/reference/helm/mission-control.mdx
index 327dadf1..707bfa26 100644
--- a/mission-control/docs/reference/helm/mission-control.mdx
+++ b/mission-control/docs/reference/helm/mission-control.mdx
@@ -1,59 +1,59 @@
---
title: Mission Control
---
-import Properties from '@site/docs/installation/_properties.mdx'
-
+import Properties from '@site/docs/installation/_properties.mdx'
export const toc = [
- {
- value: "Mission Control",
- id: "mission-control",
- level: 2,
- },
- {
- value: "Canary Checker",
- id: "canary-checker",
- level: 3,
- },
- {
- value: "Config DB",
- id: "config-db",
- level: 3,
- },
- {
- value: "Authentication",
- id: "authentication",
- level: 2,
- },
-
- {
- value: "Ingress",
- id: "ingress",
- level:2,
- },
- {
- value: "Database",
- id: "database",
- level: 2,
- },
- {
- value: "Custom postgres.conf",
- id: "updating-postgresconf-settings",
- level: 3,
- },
- {
- value: "Using an External DB",
- id: "using-an-external-database",
- level: 3,
- },
-
-
-
-
-
+ {
+ value: 'Mission Control',
+ id: 'mission-control',
+ level: 2,
+ },
+ {
+ value: 'Canary Checker',
+ id: 'canary-checker',
+ level: 3,
+ },
+ {
+ value: 'Config DB',
+ id: 'config-db',
+ level: 3,
+ },
+ {
+ value: 'Authentication',
+ id: 'authentication',
+ level: 2,
+ },
+
+ {
+ value: 'Ingress',
+ id: 'ingress',
+ level: 2,
+ },
+ {
+ value: 'Database',
+ id: 'database',
+ level: 2,
+ },
+ {
+ value: 'Custom postgres.conf',
+ id: 'updating-postgresconf-settings',
+ level: 3,
+ },
+ {
+ value: 'Using an External DB',
+ id: 'using-an-external-database',
+ level: 3,
+ },
+ {
+ value: 'Identity Mapper',
+ id: 'identity-mapper',
+ level: 2,
+ },
]
+
## Mission Control
diff --git a/mission-control/docs/reference/index.mdx b/mission-control/docs/reference/index.mdx
index b54b0307..ae60de14 100644
--- a/mission-control/docs/reference/index.mdx
+++ b/mission-control/docs/reference/index.mdx
@@ -1,9 +1,5 @@
---
title: Reference
slug: /reference
+sidebar_position: 0
---
-
-{/*
-import DocCardList from '@theme/DocCardList';
-
- */}
diff --git a/mission-control/docs/reference/rbac.mdx b/mission-control/docs/reference/rbac.mdx
new file mode 100644
index 00000000..b8144e16
--- /dev/null
+++ b/mission-control/docs/reference/rbac.mdx
@@ -0,0 +1,18 @@
+---
+title: RBAC
+sidebar_position: 10
+---
+
+Mission control heavily uses RBAC to manage access control and permissions within the system. In our system, we have defined the following roles:
+
+## Admin
+
+The admin role has full access to all features and functionalities of the system.
+
+## Editor
+
+The editor role has various read-write privileges apart from few highly privileged actions like user management, agent management, connection management, etc ...
+
+## Viewer
+
+The viewer role has read-only access to the system
\ No newline at end of file