This workshop gives you hands-on knowledge on safeguarding sensitive data in RAG pipelines. You will learn two techniques

1. How to pre-filter a vector database queries with a list of authorized object IDs
2. How to retrieve relevant documents and then check for permissions using post-filter

Using fine-grained authorization in RAG improves security and efficiency. This workshop uses OpenAI, Pinecone, Langchain, Jupyter Notebook and SpiceDB.

Why is this important?

Building enterprise-ready AI requires ensuring users can only augment prompts with data they're authorized to access. Fine-grained authorization in Retrieval-Augmented Generation (RAG) can be achieved with Relationship-based Access Control (ReBAC). ReBAC enables decisions based on relationships between objects, offering more precise control compared to traditional models like RBAC and ABAC.

The pre-requisites for the workshop:

Access to a SpiceDB instance and API key
A Pinecone account and API key
An OpenAI account and API key
Jupyter Notebook and Python installed