This is a submission for the Permit.io Authorization Challenge: AI Access Control

What I Built

I created "OpsGaurd - Smart Access AI", a solution that combines AI and automated workflows to simplify document access and approval for teams. It allows users from different tenants (like Product and Engineering) to request access to documents while keeping everything secure and organized. The system uses Permit.io to manage roles and permissions, making sure everyone has the right level of access without needing manual approval at every step.

What Problem Does It Solve?

This tool makes managing access to documents much easier, especially in environments with multiple teams. It takes care of the tricky part—deciding who gets to access what—automatically, saving time and ensuring that everything is compliant with data security rules.

Demo

You can check out the live demo here: View the demo

  1. Happy Path Flow
  2. Approval and denial flow Here’s a quick peek at the app:

  • Login screen - Users can log in, selecting their team (Product or Engineering). If user entry is not in permit than they will be not allowed to access the portal.
    Image description

  • AI Assitant Agent
    Image description
    Image description

  • Request Resource Access

Image description

  • Saved Documents Lis updated by people
    Image description

  • Access approval Page

Image description

Project Repo

Here is the github project link

My Journey

Building "OpsGaurd - Smart Access AI" was a great learning experience! I had to tackle a few tricky problems along the way—like figuring out how to handle different roles and permissions for users across multiple tenants. Thanks to Permit.io, I was able to automate the approval process and simplify access control.

Authorization for AI Applications with Permit.io

To ensure that access is only granted to the right users, I set up Permit.io to manage fine-grained permissions across different tenants like Product and Engineering. I used Permit.io’s role-based access control (RBAC) to define who can view or update documents. When a user without sufficient access tries to perform a restricted action, the system prompts them to request access. That request is then manually reviewed and approved by an admin from the default tenant. Once approved, the user's role is updated, and they can proceed based on their new permissions.

Here’s a simple flow to show how it all works:
Image description

Image description