Overview

Profound AI offers security settings that allow granular control over how an AI Agent authenticates and what external access it is allowed to perform. By configuring authentication, Exit Points for session data, and Exit Points for external data access, you can:

• Enforce permissions;

• Restrict operations;

• Ensure safe behavior;

These settings help protect your application’s integrity, limit unauthorized data access, and tailor agent permissions to your organization’s security requirements.

Steps

Each Profound AI Agent can have its own security and permission settings. With properly configured security settings, agents operate within clearly defined boundaries, reducing risk and improving compliance. To set up agent security:

1. In the IDE, select the Agent you wish to secure and click on the agent’s Security tab:
   
   

   Open

   

2. Then, proceed to select the appropriate settings for Authentication and Exit Points:

   1. Choose the authentication mode (e.g. token, OAuth, SSO).

      1. Specify validation settings (issuer, audience, keys).

   2. Set Session Data Exit Point - Decide if (or how) the agent can store or retrieve session data via an exit point.

      1. This may involve defining an external endpoint or specifying controlled access.

   3. Set Data Access Exit Point - Define how the agent may access external data (e.g., APIs or databases).

      1. Specify endpoints, credentials, or whitelists.

   4. If your system uses a permissions database, enable it so that you can set permissions at the routine/data level.

   5. Navigate to each routine or data table’s Permissions tab and set fine-grained permissions (e.g. allow or deny read/write) based on roles or contexts.

   6. Confirm and Save your changes.

      1. Test the agent to ensure unauthorized operations are blocked and legitimate operations still succeed.

Related Pages