Authorization for Retrieval-Augmented Generation (RAG) ensures that when a GenAI application retrieves and uses your company’s internal data to answer user questions, it only accesses information that the specific user is permitted to see. This prevents the AI model from inadvertently exposing sensitive or confidential data to unauthorized individuals.
Authorization model
document
), the possible
relationships between users and objects (e.g., owner
, editor
, viewer
),
and the rules that govern access.Store relationships
(user, relation, object)
. For example, user:anne
is a viewer
of
document:2024-financials
.Fetch and filter
Secure retrieval