Building secure AI document agents requires authorization at every layer of the retrieval pipeline, not just at the API boundary. This walkthrough demonstrates integrating LlamaIndex Workflows with Auth0 FGA (Fine-Grained Authorization) in a Python paycheck insights API. LlamaParse handles structured extraction from PDFs, while Auth0 FGA — inspired by Google's Zanzibar — enforces relationship-based access control using a graph of object relationships. The retrieval pipeline applies two independent FGA checks: a list_objects call to scope authorized document IDs, and a per-document batch_check via the FGARetriever wrapper. Only documents passing both checks reach the LLM synthesis step, preventing unauthorized content from leaking into prompt context. The authorization model is expressed declaratively (employee owns paycheck, manager sees team) and enforced consistently without application-level code.
Table of contents
The Problem Is That AI Makes Authorization HarderRelationship-Based Access Control with Auth0 FGAStructured Extraction from Messy PDFs with LlamaParseAuthorization-Aware RAG Orchestration with LlamaIndex WorkflowsPutting It All TogetherWhy This Combination WorksGetting StartedLearn More About Auth0 and LlamaIndexSort: