How to handle data access rights through an AI agent

Hi everyone,

I am thinking through the architecture of an assistant AI Agent, which will be accessible by a lot of people in the company. This Agent will have access to some sensitive data in our knowledge base, which should be available only to certain people. For example, Person A should have access to some commercial data about a project, but Person B should now. When Person A interacts with the Agent, the Agent should know Person A has rights and thus provide the data. In case Person B asks, then the Agent should answer that Person B does not have rights to access this data.

What is the best practice of handling data access rights in n8n and can you give any example implementations? I searched but didn’t find anything in the community.

Thanks,

The best would be to use a different knowledge base for different categories of users. So, by this, you are limiting the degrees of freedom of the AI agent. Then, what you have to do is use a Filter or Switch node to filter or route through different AI agents for different categories of users. Thus, you will be risk-free of giving access to data to the wrong user.