Agents – Access Based Restriction

Access-based restriction allows organisations to control who can access specific flows or features in Chat, Voice, and Email Agents based on user attributes. By defining conditions (e.g., email domain, department, role), admins can restrict or allow usage and enforce additional verification methods.

This ensures only authorised users interact with sensitive workflows, maintaining compliance and security.

Setup Process

1. User Addition

  1. Navigate to Settings > Directory.

  2. Create a user schema that defines attributes (e.g., email, department, location).

    Add users:

    • Manually – by filling in schema fields.
    • Via Directory Integrations – e.g., Google, Azure.

2. Enabling Access Control

  1. Go to the Agent (Chat, Voice, or Email) where restriction is required.
  2. Open the Security Section.
  3. Enable Access Control.

3. Define Conditions

  • Select schema attributes (e.g., email, department, role).
  • Apply conditions (e.g., email contains "thunai" ).
  • Only users meeting these conditions will be affected by the rule.

Example:

  • Attribute: Email
  • Condition: Contains "thunai"
  • Result: All users with emails containing "thunai" follow the defined rule.

4. Add Restrictions / Instructions

Define restrictions or custom instructions for users who meet the conditions.

Examples:

  • Restrict specific topics for users in a certain domain.
  • Show customised agent instructions for certain roles.
  • Block access to sensitive workflows unless conditions are met.

5. Authentication Requirement

For additional validation, enable an authentication method:

  • Magic Auth – Sends a verification link to the user’s email. Only verified users can proceed.
  • Email OTP – Sends a one-time password to the user’s email. OTP validation is required to continue.

Workflow

  1. User initiates a conversation with the agent (Chat, Voice, or Email).

  2. The system checks Access Control rules.

    If the user matches conditions:

    • Applied restrictions/instructions take effect.
    • Authentication (if enabled) is triggered.

    • On successful verification, the user proceeds with the allowed flow.

      If the user does not meet conditions:

    • They follow the default flow, or
    • Access is restricted.

Use Cases

  • Restrict internal topics to employees of a certain domain (e.g., @thunai.com ).
  • Apply different flows for internal vs. external users.
  • Add an authentication step for sensitive workflows.
  • Customise the agent experience based on attributes (e.g., role, department).

With access-based restriction enabled, you can enforce compliance and ensure that only the right users can access sensitive workflows across Chat, Voice, and Email Agents.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us