Document Access Control
Control which users can access specific documents in your knowledge base.
Overview
Document access control lets you:
- Restrict documents to specific users
- Create email-based access lists
- Set documents as public or private
- Manage access by email groups
Access Levels
| Level | Who Can Access |
|---|---|
| Public | All chatbot users |
| Authenticated | Only logged-in users |
| Restricted | Only specified users |
Setting Access on a Document
- Go to "Knowledge Base"
- Click on a document
- Go to "Access" tab
- Choose access level
- Add authorized users if restricted
- Click "Save"
Authorized Emails
For restricted documents, specify who can access:
Individual Emails
Add specific email addresses:
user@example.com
another@example.com
Email Patterns
Use patterns to allow groups:
*@yourcompany.com # All company emails
*@partner.example.com # Partner emails
Email Groups
Create reusable email groups:
- Go to "Settings" > "Email Groups"
- Create a group (e.g., "Engineering Team")
- Add member emails
- Use the group in document access
How Access Control Works
When a user queries the chatbot:
- User's email is verified (if authenticated)
- Only accessible documents are searched
- Response only includes permitted content
graph LR
A[User Query] --> B{Authenticated?}
B -->|Yes| C[Check Email]
B -->|No| D[Public Docs Only]
C --> E[Filter by Access]
E --> F[Search Permitted Docs]
D --> F
F --> G[Generate Response]
Bulk Access Settings
Set access on multiple documents:
- Go to "Knowledge Base"
- Select multiple documents
- Click "Set Access"
- Choose settings
- Apply to all selected
Access Control by Folder
Organize documents in folders with inherited access:
- Create a folder
- Set access on the folder
- Documents in the folder inherit settings
- Override per-document as needed
Best Practices
Planning Access
- Identify sensitive content
- Group documents by access needs
- Use email groups for easier management
Security
- Regularly review access settings
- Remove access when no longer needed
- Audit who can access sensitive documents
User Experience
- Don't over-restrict - users get frustrated
- Provide clear messaging when access is denied
- Consider having a "general" knowledge base for common questions
Troubleshooting
User Can't Access Content
Check:
- User is logged in (for authenticated content)
- User's email is on the access list
- Email patterns are correct
- Document access settings
Wrong Content in Responses
If restricted content appears to unauthorized users:
- Verify access settings on the document
- Check authentication is required
- Review email patterns for errors