Check the
documentation
Ask the
Community
Take a look
at
Academy
Cognite
Status
Page
Contact
Cognite Support
Today an Atlas AI agent (and Flow app) uses my personal access rights when accessing CDF. However, we see the need for being able to further restrict this.
One example is: I have write access, but I do not want my Agent to have the same write access. This issue is currently not solvable by using a separate service principal for the Agent, since different users will have different read access, so I cannot have one Agent with a fixed set of access rights.
What would work is to be able to grant the agent certain (maximum) access rights, and then the final access rights are the minimum of the agents and mine access rights.
This becomes increasingly important when the capabilities of the (reasoning) agents are growing. We need to be able to provide additional (and strict) guardrails
