How-to

Add a user-level rule

Applies to: .NET SDK Last updated: 2026-06-11

Goal

Add a rule that fires whenever a specific user identity is involved in a message, regardless of which agent is doing the sending or receiving.

When to use a user-level rule

Code

using HexaEight.Bridge;
using HexaEight.Bridge.Authorization;

// Compute the sha512 hash of the user identity (lowercased)
string aliceHash = PolicyRule.Sha512Hex("[email protected]");

// Rule: no inbound from anyone to alice
await policies.AddPolicyRuleAsync(new PolicyRule(
    Sender:      "*",
    Destination: "[email protected]",
    Realm:       $"user:{aliceHash}",
    Direction:   "inbound",
    Effect:      "deny"));

Rule that allows specific traffic for a user

// Alice's policy: only acme-bot can send to her
await policies.AddPolicyRuleAsync(new PolicyRule(
    Sender:      "acme-bot.example.com",
    Destination: "[email protected]",
    Realm:       $"user:{aliceHash}",
    Direction:   "inbound",
    Effect:      "allow"));

How user-level rules fire

Tier 1 (user-level) rules fire when:

See also