Access control for AI agents (RBAC) using Airtable and Telegram
Purpose This workflow allows granular control over the access to tools connected to AI Agents (including Multi-Agent setups) using Role Based Access Control. Demo & Explanation [ using Role Based Access Control.
Demo & Explanation
[](https://youtu.be/eNgik9NR0wg)
How it works
- User permissions are managed in Airtable where every restricted AI tool is listed by name and connected via roles to users - Requests to the Main Agent can be sent through a Telegram message (can be replaced by Whatsapp, IMAP or similar) - On every request the Telegram username is used to query a list of all allowed tools which are linked in Airtable - A LangChain Code node is used to compare that list against the connected tools - Every tool which is not permitted to be used is being replaced by a tool, which has a status response, telling the Agent to return a message to the user, that he is not authorized to use the tool - Otherwise allowed tools are passed through to the Agent, as if they were connected directly to the Agent - The parameters can also be passed to a sub-agent called as a sub-workflow where permissions can be checked the same way - Every response is sent back to the same Telegram conversation
Setup
- Clone the workflow and select the belonging credentials. You'll need an OpenAI and Airtable Account as well as a Telegram Bot (refer to the docs for the [Telegram credentials](https://docs.n8n.io/integrations/builtin/credentials/telegram/)). - Copy [this Airtable Template](https://airtable.com/appi5nijuvzQbZLJJ/shr8OkLysG1VtlCiz) into your workspace - Follow the instructions given in the yellow sticky notes - Activate the workflow