Concepts
Learn about GenAI and identity management concepts related to Auth for GenAI.
What is authentication and authorization?
Authentication verifies a user’s identity. Authorization grants or denies the user’s access to certain resources. To learn more, read Authentication vs Authorization.
Auth0 secures your AI agent authentication and authorization flows with the following services:
- Authentication: Passwordless, Multi-factor Authentication (MFA), and Single-Sign On (SSO).
- Authorization: Role-Based Access Control (RBAC) and Fine-Grained Authorization (FGA).
What is fine-grained authorization?
Fine-grained authorization provides more granular control over what resources your users have access to on a server. In contrast to coarse-grained authorization such as Role-Based Access Control (RBAC), which defines access solely through roles, fine-grained authorization allows you to define authorization policies based on a combination of the following:
- User attributes, such as username, role, location, and more
- Actions the user wants to perform, such read, write, and delete
- Resources the user wants to access
Auth for GenAI provides fine-grained authorization through Auth0 FGA. To learn how to set up fine-grained authorization for AI agents, read Authorization for RAG.
What is GenAI?
GenAI uses generative models to produce new content such as text, images, videos, and more. Trained on large datasets, GenAI models are able to learn patterns, styles, and structures while utilizing a variety of architectures, each with strengths for specific tasks and the type of content being generated:
| Model type | Common AI model | Used for |
|---|---|---|
| Transformers | GPT, Bert, LLaMa | Text generation, chatbots, translation |
| GANs (Generative Adversarial Networks) | StyleGAN, BigGAN | Image and video generation |
| Diffusion models | DALL-E, Stable Diffusion | High-quality image synthesis |
| RNNs and LSTMs | Older NLP models | Sequence generation such as in music and simple text |
When integrated with agentic frameworks, GenAI models can move beyond generating content and autonomously plan, retrieve information, and make tool calls to third-party APIs.
What are agentic frameworks?
Agentic frameworks are software tools for developing autonomous AI agents capable of making complex decisions and managing their own workflows. Built on top of LLMs, AI agents can help with task delegation, data retrieval, tool integration, and more.
AI agents have the ability to:
- Plan: Break down complex tasks into actionable steps.
- Retrieve information: Use RAG for information retrieval.
- Dynamically reason: Dynamically evaluate actions based on constraints.
- Execute: Fetch access tokens, make tool calls, and more. To learn more, read Call Other's APIs on the user's behalf.
- Remember and adapt: Stores context across interactions for better responses in the future.
With Auth0 SDKs, you can easily integrate with popular agentic frameworks, including Genkit, LangChain, Vercel AI, and LlamaIndex.
What is Retrieval-augmented generation (RAG)?
A subset of GenAI includes large language models (LLMs) that utilize retrieval-augmented generation (RAG) to incorporate relevant information from external sources to provide more contextually accurate answers to user queries.
RAG has the following components:
- Retrieval: The model fetches relevant external documents from databases, APIs, or the web based on the user query.
- Augmentation: After ranking the retrieved documents based on relevancy, the most relevant documents are used as retrieved context in the prompt.
- Generation: The model generates a response using both its pretrained knowledge and retrieved context.
With Auth0 SDKs, you can easily implement RAG in LLMs:
- Auth0 AI with LangChain: Integrate with LangChain to connect LLMs with vector databases for RAG.
- Auth0 AI with LlamaIndex: Integrate with LlamaIndex to structure external data for better retrieval.
Next steps
- To start building with Auth for GenAI, read the Get started
quickstarts.