![[The AI Show Episode 145]: OpenAI Releases o3 and o4-mini, AI Is Causing “Quiet Layoffs,” Executive Order on Youth AI Education & GPT-4o’s Controversial Update](https://www.marketingaiinstitute.com/hubfs/ep%20145%20cover.png)
![[DEALS] Microsoft 365: 1-Year Subscription (Family/Up to 6 Users) (23% off) & Other Deals Up To 98% Off – Offers End Soon!](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
![From Art School Drop-out to Microsoft Engineer with Shashi Lo [Podcast #170]](https://cdn.hashnode.com/res/hashnode/image/upload/v1746203291209/439bf16b-c820-4fe8-b69e-94d80533b2df.png?#)
![Re-designing a Git/development workflow with best practices [closed]](https://i.postimg.cc/tRvBYcrt/branching-example.jpg)
(1).jpg?#)
_Inge_Johnsson-Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![The Material 3 Expressive redesign of Google Clock leaks out [Gallery]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2024/03/Google-Clock-v2.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
![What Google Messages features are rolling out [May 2025]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2023/12/google-messages-name-cover.png?resize=1200%2C628&quality=82&strip=all&ssl=1)
![New Apple iPad mini 7 On Sale for $399! [Lowest Price Ever]](https://www.iclarified.com/images/news/96096/96096/96096-640.jpg)
![Apple to Split iPhone Launches Across Fall and Spring in Major Shakeup [Report]](https://www.iclarified.com/images/news/97211/97211/97211-640.jpg)
![Apple to Move Camera to Top Left, Hide Face ID Under Display in iPhone 18 Pro Redesign [Report]](https://www.iclarified.com/images/news/97212/97212/97212-640.jpg)
![Apple Developing Battery Case for iPhone 17 Air Amid Battery Life Concerns [Report]](https://www.iclarified.com/images/news/97208/97208/97208-640.jpg)
Sentinel AI: Chat Boundaries, Defined by Policy
This is a submission for the Permit.io Authorization Challenge: AI Access Control What I Built I built Sentinel AI, an AI agent that leverages Permit.io for fine-grained access control within a RAG workflow. Users can interact with an AI assistant to ask questions about documents, but the AI's responses are constrained by the user's permissions, ensuring that sensitive information is only accessible to authorized individuals. Demo Here is a live demo: https://sentinel-ai-permit-challenge.onrender.com/ Project Repo Project repository: https://github.com/ypk46/sentinel-ai-permit-challenge My Journey Building Sentinel AI was a real eye-opener. I learned so much about different authorization methods. I really liked how Permit.io's docs are set up, they nail explaining the core ideas first, which is great before diving into the details. That's key! Their SDK was easy to use, but the docs felt a little too basic – I wanted a full reference to see everything it can do and what's different from the REST API. It could use some improvement there, but overall, the docs and SDK are pretty good. Authorization for AI Applications with Permit.io Sentinel AI uses a combination of RBAC and ABAC models. These models enforce policies governing what data the RAG workflow can use as context. Specifically, each user is assigned one or more roles. These roles determine the maximum sensitivity level of documents the user is permitted to access. Documents, the resources users wish to access, each have a sensitivity attribute defined within the Permit.io layer. ABAC rules are then applied to control document access based on the user's role and the document's sensitivity. Permit.io simplifies the implementation of this access control. You can see how easily the entire policy structure for this project can be recreated by examining the scripts/setup_policy.py file in the project repository. Once the policy structure is defined, we use the Permit.io REST API to evaluate user permissions based on ABAC. This evaluation identifies the specific documents the user is authorized to read, ensuring that the RAG workflow only utilizes context from these permitted documents. Conclusion Permit.io is designed to address the widespread need for access control across various applications. Its key advantage is the speed at which you can integrate it into your own application, allowing you to focus on your core value proposition instead of building access control from scratch. Sentinel AI was developed specifically to demonstrate this rapid integration capability. We encourage you to visit the project repository. There, you can see how quickly the entire project, including the policy structure, document embeddings, and RAG access control, can be set up and run in just a few minutes.
This is a submission for the Permit.io Authorization Challenge: AI Access Control
What I Built
I built Sentinel AI, an AI agent that leverages Permit.io for fine-grained access control within a RAG workflow. Users can interact with an AI assistant to ask questions about documents, but the AI's responses are constrained by the user's permissions, ensuring that sensitive information is only accessible to authorized individuals.
Demo
Here is a live demo: https://sentinel-ai-permit-challenge.onrender.com/
Project Repo
Project repository: https://github.com/ypk46/sentinel-ai-permit-challenge
My Journey
Building Sentinel AI was a real eye-opener. I learned so much about different authorization methods.
I really liked how Permit.io's docs are set up, they nail explaining the core ideas first, which is great before diving into the details. That's key!
Their SDK was easy to use, but the docs felt a little too basic – I wanted a full reference to see everything it can do and what's different from the REST API. It could use some improvement there, but overall, the docs and SDK are pretty good.
Authorization for AI Applications with Permit.io
Sentinel AI uses a combination of RBAC and ABAC models. These models enforce policies governing what data the RAG workflow can use as context.
Specifically, each user is assigned one or more roles. These roles determine the maximum sensitivity level of documents the user is permitted to access. Documents, the resources users wish to access, each have a sensitivity attribute defined within the Permit.io layer. ABAC rules are then applied to control document access based on the user's role and the document's sensitivity.
Permit.io simplifies the implementation of this access control. You can see how easily the entire policy structure for this project can be recreated by examining the scripts/setup_policy.py file in the project repository.
Once the policy structure is defined, we use the Permit.io REST API to evaluate user permissions based on ABAC. This evaluation identifies the specific documents the user is authorized to read, ensuring that the RAG workflow only utilizes context from these permitted documents.
Conclusion
Permit.io is designed to address the widespread need for access control across various applications. Its key advantage is the speed at which you can integrate it into your own application, allowing you to focus on your core value proposition instead of building access control from scratch.
Sentinel AI was developed specifically to demonstrate this rapid integration capability. We encourage you to visit the project repository. There, you can see how quickly the entire project, including the policy structure, document embeddings, and RAG access control, can be set up and run in just a few minutes.
