Skip to main content

Overview

In AI DIAL, you can use roles for various purposes:

  • Grant access to system resources
  • Restrict access to system resources
  • Implement a custom logic in applications
  • Give access to specific system features

Watch a demo video to learn more.

Access to Resources

You can use roles to grant access for chat users and applications to listings - deployed system resources such as applications, models, assistants and addons.

In the following example, we grant access to chat-gpt-35-turbo model for users with the user role operator:

"models": {
    "chat-gpt-35-turbo": {
        "userRoles": [
            "operator"
            ]
        }
}

Refer to configuration example to view the full example and to Chat Users to learn how to configure access for chat users and to API Keys to learn how to configure access for applications.

Access Restriction

You can impose limits for roles on the number of requests to a specific resource. For instance, you could set a restriction on the number of tokens that can be sent to a model.

In the previous example, we gave access to chat-gpt-35-turbo model for users with the operator user role. In the following example, we configure limits for the operator user role to work with chat-gpt-35-turbo model:

//Example extract from aidial.config.json

"roles": {
    "operator": { //role name
        "limits": {
            "chat-gpt-35-turbo": { //model name
                "minute": "100000", //number of tokens per minute
                "day": "10000000" //number of tokens per day
            }
        }
    }
}

Refer to configuration example to view the full example.

Custom Logic Development

Application is any custom logic with a conversation interface packaged as a ready-to-use solution. It can be any component conforming with the AI DIAL Unified Protocol requirements. You can use the AI DIAL SDK to develop such applications.

In your applications, you can implement any custom logic around roles using forwardAuthToken, which takes as a value the claim from JWT. For example, you can define the way a model responses based on a role or restrict access to specific assets or datasets.

Access to Features

You can use roles to manage access to specific system features, such as administration console in the chat application where administrators can review and approve publication requests. Only users with the admin user role can access this functionality in chat, the rest of users will access the standard chat interface.