@Sanket Ghorpade To enable row-level security in Azure AI's semantic search, you can use Search's integrated security features. Search supports Microsoft's Entra ID authentication and role-based access control (RBAC) for data plane operations.
With Entra ID authentication, you can authenticate users and applications with Entra ID, and then use Entra ID to authorize access to your search service. This allows you to control access to your search service and its resources based on the user's identity and role. With RBAC, you can assign roles to users and groups in Entra ID to control access to search content and operations. You can use built-in roles or create custom roles to grant permissions to users and groups. To implement row-level security, you can use filters to restrict search results based on the user's identity and role. For example, you can add a filter to a search query that limits the results to documents that match the user's department or location. Here is an example of how to use filters to implement row-level security in Search: Define a filter expression that restricts search results based on the user's identity and role. For example, you can use the following filter expression to limit search results to documents that match the user's department:
search=*&$filter=Department eq '{user.department}'
Replace {user.department}
with the user's department, which you can retrieve from Azure AD.
- Add the filter expression to your search query. For example, you can use the following search query to retrieve documents that match the user's department:
GET https://[<span class=" active-doc-0" data-doc-items="0">service name].search.windows.net/indexes/[index name]/docs?search=*&$filter=Department eq 'Sales<a href="#doc-pos=0" data-tag-index="1"></a></span>'
Note that this is just an example, and you will need to customize the filter expression to match your specific requirements.