Docs

Required Inputs

The Required Inputs feature ensures secure data separation without the need to rely on the AI to do so.

How it works

You can set basically any key (except keys of type Object or Array<Object>) as a Required Input via a toggle switch on the collection structure page of a collection.

Setting a key as Required Input means that you must provide a value for that key with every API request.

Florentine.ai will then modify the aggregation pipeline to include that value, thus guaranteeing that data is filtered on the Required Input values.

You can define them per collection or globally for the whole database.

Example: Filtering finance data per user

Imagine a finances collection storing user financial data:

Finances Collection Structure

Now, with Florentine.ai you want to enable your users to ask questions about their finance data in natural language. However you need to make sure that users only access their own finance data.

You can achieve this by setting the userId inside the finances collection as a Required Input:

Required Input toggle

If you activate the switch and have other collections that include a userId, you will see an overlay asking you if you want to set the userId globally as a required input for the database:

Required Input global

If you activate it globally you make sure that all collections including a userId require it as an input and are filtered on the value.

Now whenever you send an API request you have to include a userId, otherwise the request will fail for security reasons.

See Required Inputs API Documentation for implementation details.

Limitations

Dynamic Keys

Currently Required Inputs can't be set on key paths including dynamic keys. Dynamic keys can be identified in the collection structure view by a name being wrapped in ankle brackets, i.e. <plan_id>.

Imagine you have a document structure like this:

json
{
  "plans": {
    "5ca4bbcea2dd94ee58162a6a": { "name": "pro", "features": "all" },
    "6db5aaebd3ee63ac67253b7b": { "name": "free", "features": "some" }
  }
}

For the name key this structure would result in the full key path plans.<plan_id>.name, which can't be inserted into the pipeline as it is. We are going to make this work in a while, but for now its not possible to set keyPaths with dynamic keys as a Required Input.

Dependent Mapping

Currently there is no dependent mapping yet. What is meant by dependent mapping?

Let's say you have a users collection that has an _id and a username and you also have a finances collection with a key userId that maps the _id from users.

If you now set the username as a Required Input its is not guaranteed that no finances data from another user is leaked.

If the aggregation does not include a lookup in the users collection, the finances collection will return data regardless of the userId as there is no Required Input in the finances collection itself.