Overview
In AI DIAL, you can use roles for various purposes:
- Grant access to system resources
- Restrict access to system resources
- Implement a custom logic in applications
- Give access to specific system features
Watch a demo video to learn more.
Access to Resources
You can use roles to grant access for chat users and applications to listings - deployed system resources such as applications, models, assistants and addons.
In the following example, we grant access to chat-gpt-35-turbo
model for users with the user role operator
:
"models": {
"chat-gpt-35-turbo": {
"userRoles": [
"operator"
]
}
}
Refer to configuration example to view the full example and to Chat Users to learn how to configure access for chat users and to API Keys to learn how to configure access for applications.
Access Restriction
You can impose limits
for roles on the number of requests to a specific resource. For instance, you could set a restriction on the number of tokens that can be sent to a model.
In the previous example, we gave access to chat-gpt-35-turbo model
for users with the operator
user role. In the following example, we configure limits for the operator
user role to work with chat-gpt-35-turbo
model:
//Example extract from aidial.config.json
"roles": {
"operator": { //role name
"limits": {
"chat-gpt-35-turbo": { //model name
"minute": "100000", //number of tokens per minute
"day": "10000000", //number of tokens per day
"week": "10000000", //number of tokens per week
"month": "10000000" //number of tokens per month
}
}
}
}
Refer to configuration example to view the full example.
Custom Logic Development
Application is any custom logic with a conversation interface packaged as a ready-to-use solution. It can be any component conforming with the AI DIAL Unified Protocol requirements. You can use the AI DIAL SDK to develop such applications.
In your applications, you can implement any custom logic around roles using forwardAuthToken
, which takes as a value the claim from JWT. For example, you can define the way a model responses based on a role or restrict access to specific assets or datasets.
Access to Features
You can use roles to manage access to specific system features, such as administration console in the chat application where administrators can review and approve publication requests. Only users with the admin user role can access this functionality in chat, the rest of users will access the standard chat interface.