harimehta explains how to create secure, permission-aware AI agents within Azure Logic Apps by leveraging Agent Loop and Azure AI Search to enforce document-level access controls for Retrieval-Augmented Generation workflows.

Secure AI Agent Knowledge Retrieval with Security Filters in Agent Loop

Overview

This guide presents a new feature in Azure Logic Apps Agent Loop, allowing developers to implement document-level authorization in Retrieval-Augmented Generation (RAG) workflows. By integrating Azure AI Search’s access control capabilities, developers can ensure their AI agents only retrieve and respond with data the user is authorized to access.

Why Security Trimming Matters

Ensures AI responses are tailored to user permissions
Protects sensitive and confidential information
Maintains compliance and organizational security policies

Security Challenges for AI Agents

AI agents accessing organization-wide data pose significant security risks—without proper controls, they can leak confidential documents. Traditional solutions required manual, error-prone security implementations and parallel permission systems, which are hard to scale and prone to vulnerabilities.

Solution: Agent Loop + Azure AI Search Native ACL Support

Azure Logic Apps Agent Loop now offers out-of-the-box integration with Azure AI Search’s document-level access controls, resulting in:

Secure-by-default AI knowledge retrieval
Simple configuration in Logic Apps workflows (no custom code required)
Confidence that AI agents respect user boundaries

Two-Phase Security Architecture Explained

Phase I: Permission-Aware Indexing

During ingestion, index documents with a custom UserIds or GroupIds field in Azure AI Search linking documents to user or group Object IDs.
ADLS Gen2 Indexer (Pull model): Automatically pulls ACL assignments from Azure Data Lake Storage.
Push API (Push model): Developers can push documents and permission metadata via REST API or Azure SDKs.
Tip: Use group IDs for easier permission management—just update group memberships instead of reindexing documents.

Phase II: Filtered Retrieval via Agent Loop

Use Azure AI Search actions in Logic Apps to automatically apply permission filters during vector search.

User-Based Filtering Example

UserIds/any(u: u eq '@{currentRequest()['headers']['X-MS-CLIENT-PRINCIPAL-ID']}')

This extracts the authenticated user’s principal ID from request headers and filters search results accordingly.

Group-Based Filtering Example

Retrieve user’s principal ID from headers
Query Microsoft Entra for group memberships
Apply filter:

GroupIds/any(g: g in ('@{variables('userGroups')}'))

Advantages:

Simplified permission maintenance
Supports nested groups and RBAC
Updates handled through group membership

The Complete Agent Loop Flow

User sends a query to the AI agent
Agent Loop receives the query with authentication
Security filter is applied (user or group based)
Azure AI Search retrieves only authorized documents
LLM generates a response grounded in permitted data
Secure, compliant answer is returned

Example: HR Knowledge Assistant

Executives: Access to confidential compensation and merger data
Managers: Team-specific policy info
All employees: General benefits and policies

The same AI agent serves all users securely by automatically applying permission-based filters—no code duplication or risk of information leakage.

Summary

Agent Loop with Azure AI Search ACL transforms secure AI agent development. Developers get a streamlined, configuration-driven experience while security teams gain enforceable and auditable access controls. Users can confidently interact with AI agents, assured their permissions are respected.

Further Learning

This post appeared first on “Microsoft Tech Community”. Read the entire article here