The Privacy-Aware RAG Bot (Focus: Auth0 FGA)
The Privacy-Aware RAG Bot (Focus: Auth0 FGA)
Challenge
The Privacy-Aware RAG Bot (Focus: Auth0 FGA)
The Challenge: Build an internal-facing knowledge assistant (e.g., an HR or Legal bot) that sources answers from a document database (RAG). The critical requirement is that the assistant must enforce document-level access based on the logged-in user’s role and department.
- Goal: Implement Auth0 FGA (Fine-Grained Authorization) to define and check access rules (e.g., user:alice can view document:budget_Q4). Demonstrate that a manager can access salary documents, but a general employee cannot, even if the document is in the RAG index.
- Success Criteria: An application that correctly denies access to sensitive documents based on the user’s identity when the LLM attempts retrieval.
Resources:
- Auth0 for AI Agents Documentation
- Assistant0: An AI Personal Assistant Secured with Auth0
- Auth-ing your GenAI
- Auth0 FGA for RAG
How to submit:
Share a link of your code repository!