Identity & Access_ARCHITECTURE

The AI Only Sees What the User Sees.

Stop rebuilding permissions in your BI layer. Arcli utilizes Identity Passthrough to ensure the AI inherently respects your database's existing Row-Level Security (RLS) and RBAC policies.

Start Free Trial
14-DAY TRIAL
NO CREDIT CARD
Inherited Security, Zero Duplication
Managing permissions across multiple tools creates security drift. If a user shouldn't see European sales data in the database, the AI shouldn't be able to query it either. Arcli solves this by supporting strict **AI analytics row level security**. By utilizing an **identity passthrough AI query** execution model, Arcli impersonates the requesting user at the database level. This means your native database **RBAC AI BI** configurations are enforced automatically. If the LLM hallucinates a query for restricted data, the database simply rejects it.
// STRATEGIC_SCENARIO

Deep Data Retrieval

How Arcli grounds AI in your exact schema to generate highly-optimized, dialect-specific execution logic.

How Arcli Triggers PostgreSQL RLS

When Arcli executes a generated query against a Postgres database, it seamlessly injects the authenticated user's context into the session parameters before running the generated SQL. This guarantees absolute enforcement of your predefined Row-Level Security policies.

THE EXECUTIVE FILTER (ROI)

Eliminates the need to maintain redundant permission logic in the BI tool. Security policies are defined once in the database and inherited globally.

  • Fully optimized for sql constraints.
  • Bypasses semantic layer hallucinations via strict schema grounding.
sql_COMPILE

-- Arcli Execution Wrapper (Identity Passthrough)
BEGIN;

-- 1. Set the local role to the authenticated Arcli user
SET LOCAL ROLE arcli_standard_user;

-- 2. Inject the specific user's identity into the session context
SET LOCAL request.jwt.claim.email = 'john.doe@company.com';
SET LOCAL request.jwt.claim.region = 'EMEA';

-- 3. Execute the AI-Generated Query
-- (RLS automatically filters rows where region != 'EMEA')
SELECT 
    product_line,
    SUM(revenue) as total_revenue
FROM 
    production.sales_data
WHERE 
    quarter = 'Q3 2024'
GROUP BY 
    product_line;

COMMIT;

Related Resources

Zero-Copy Analytics

Why data movement is the enemy of security.

Read

AI Query Auditing

Cryptographic logging of all AI activity.

Read

PostgreSQL Setup Guide

How to configure RLS for Arcli.

Read

Ready to dive in?

Get started with Arcli today.

Start Free Trial