How can I implement role-based access control (RBAC) in my chatbot using employees data in my company?

Dinnemidi Ananda Kumar 60 Reputation points
2024-04-07T14:23:33.08+00:00

Hello Azure Community,

I'm currently developing a chatbot application for my organization, and I'm seeking guidance on implementing role-based access control (RBAC) using Azure Cosmos DB for data storage. Here's a breakdown of my requirements:

  1. Data Storage: I've stored employee data in Azure Cosmos DB in JSON format. if not in azure cosmos db where can we store the employees data and in which format we should store?
  2. Authentication: Users will log in to the chatbot, and based on their role (e.g., employee, assistant manager, manager, CTO &CEO), they should only have access to specific data.
  3. Access Control Requirements:

Employees should only be able to view their personal data.

Assistant managers should be able to access their own data and the data of employees reporting to them.

Managers should have access to their data, data of assistant managers reporting to them, and the data of employees under those assistant managers.

CTO & CEO should have access over all the employees in the company.

I'm specifically looking for guidance on how to efficiently query Cosmos DB to retrieve data based on user roles, as well as any best practices or recommended approaches for implementing RBAC in a chatbot application.

Any advice, suggestions, or examples from the Azure community would be greatly appreciated! Thank you for your help.

Azure Cosmos DB
Azure Cosmos DB
An Azure NoSQL database service for app development.
1,639 questions
Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
809 questions
{count} votes

1 answer

Sort by: Most helpful
  1. ShaktiSingh-MSFT 15,311 Reputation points
    2024-04-08T08:00:23.02+00:00

    Hi Dinnemidi Ananda Kumar •,

    Welcome to Microsoft Q&A forum.

    As I understand, you want some design related knowledge.

    You can use below documentation to add authentication to your Bot :

    https://learn.microsoft.com/en-us/azure/bot-service/bot-builder-authentication?view=azure-bot-service-4.0&tabs=userassigned%2Caadv2%2Ccsharp

    For RBAC in Azure Cosmos DB refer https://learn.microsoft.com/en-us/azure/cosmos-db/role-based-access-control

    Since, your question involves multiple Azure services, we recommend you to ask separate questions on each service with correct tags so that dedicated service team can support you or can go for support case so that engineer can assist you better.

    Hope this helps.

    Thanks.

    1 person found this answer helpful.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.