Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/firecrawl-enterprise-rbac

firecrawl-enterprise-rbac

SKILL.md

FireCrawl Enterprise RBAC

Overview

Control access to Firecrawl web scraping and crawling resources through API key management and team credit allocation. Firecrawl uses credit-based pricing where each page scraped costs credits (1 credit for scrape, 5+ for full crawl).

Prerequisites

  • Firecrawl account with Team or Scale plan
  • Dashboard access at firecrawl.dev
  • Admin-level API key for key management

Instructions

Step 1: Create Separate API Keys per Consumer

set -euo pipefail
# Key for the content indexing pipeline (high volume, crawl access)
curl -X POST https://api.firecrawl.dev/v1/api-keys \
  -H "Authorization: Bearer $FIRECRAWL_ADMIN_KEY" \
  -d '{
    "name": "content-indexer-prod",
    "allowed_endpoints": ["scrape", "crawl", "map"],
    "monthly_credit_limit": 50000  # 50000ms = 50 seconds
  }'

# Key for the sales team (scrape only, limited)
curl -X POST https://api.firecrawl.dev/v1/api-keys \
  -H "Authorization: Bearer $FIRECRAWL_ADMIN_KEY" \
  -d '{
    "name": "sales-prospect-research",
    "allowed_endpoints": ["scrape"],
    "monthly_credit_limit": 5000  # 5000: 5 seconds in ms
  }'

Step 2: Implement a Proxy with Domain Allowlists

// firecrawl-gateway.ts
const ALLOWED_DOMAINS: Record<string, string[]> = {
  'sales-team':   ['linkedin.com', 'crunchbase.com', 'g2.com'],
  'content-team': ['*.docs.*', '*.blog.*', 'medium.com'],
  'engineering':  ['*'],  // unrestricted
};

function isDomainAllowed(team: string, url: string): boolean {
  const domain = new URL(url).hostname;
  const patterns = ALLOWED_DOMAINS[team] || [];
  return patterns.some(p => p === '*' || domain.endsWith(p.replace('*', '')));
}

Step 3: Set Credit Alerts

Configure webhook alerts in the Firecrawl dashboard at 50%, 80%, and 95% of monthly credit allocation. This prevents surprise overages from runaway crawl jobs.

Step 4: Restrict Crawl Depth per Key

set -euo pipefail
# For the research team, limit crawl depth to prevent multi-thousand page crawls
curl -X POST https://api.firecrawl.dev/v1/crawl \
  -H "Authorization: Bearer $FIRECRAWL_RESEARCH_KEY" \
  -d '{
    "url": "https://docs.example.com",
    "maxDepth": 2,
    "limit": 100,
    "scrapeOptions": {"formats": ["markdown"]}
  }'

Step 5: Audit and Rotate Keys

set -euo pipefail
# Check credit usage per key
curl https://api.firecrawl.dev/v1/usage \
  -H "Authorization: Bearer $FIRECRAWL_ADMIN_KEY" | \
  jq '.keys[] | {name, credits_used, credits_remaining}'

Rotate keys quarterly. Create new key, update consumers, delete old key after 48-hour overlap.

Error Handling

Issue Cause Solution
402 Payment Required Credit limit exhausted Increase credit limit or wait for cycle reset
403 on /crawl endpoint Key only allows /scrape Create key with crawl permission
Crawl job stuck Target site rate-limiting Reduce concurrency, add delays
Unexpected credit burn No limit set on crawl Always set limit and maxDepth

Examples

Basic usage: Apply firecrawl enterprise rbac to a standard project setup with default configuration options.

Advanced scenario: Customize firecrawl enterprise rbac for production environments with multiple constraints and team-specific requirements.

Output

  • Configuration files or code changes applied to the project
  • Validation report confirming correct implementation
  • Summary of changes made and their rationale

Resources

  • Official Firecrawl Enterprise Rbac documentation
  • Community best practices and patterns
  • Related skills in this plugin pack
Weekly Installs
15
Repository
jeremylongshore…s-skills
GitHub Stars
1.6K
First Seen
Feb 18, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
Installed on
mcpjam15
claude-code15
replit15
junie15
windsurf15
zencoder15