# Knowledge Management Permissions (Query Metadata) Overview ## Feature Description When implementing an AI dialogue system, detailed control over the available scope of "Knowledge Base / AI Assistant / Chat Platform" is usually needed due to different user permissions and usage requirements. In MaiAgent, you can use Query Metadata attached to different conversation/identity levels to determine "what content this person/conversation can reference". ### What is Query Metadata? Query Metadata is a set of dynamic conditions that limit the query scope, specifying what "Knowledge Base, FAQ, documents matching tag conditions" and other data content users can query under a certain chat platform. It doesn't replace roles or contacts, but rather makes these identities "work conditionally", implementing conversation-level least privilege control. > **Roles/Contacts/Conversations are containers, Query Metadata is the actual condition settings that control visible scope** {% hint style="info" %} Learn more through these articles: * [**Contact Integration Steps**](https://docs.maiagent.ai/tech/maiagent-tech-en/authorization-integration/contacts) * [**Differences between Roles and Contacts**](https://docs.maiagent.ai/tech/maiagent-tech-en/authorization-integration/role-vs-contact) {% endhint %} ## Permission Level Concept Before service construction, Agent confirms all available knowledge bases through Query Metadata at different levels, with permission levels referenced in the following order: ``` AI Assistant > Chat Platform > User (Message/Contact/Role) > query_metadata > Query Permissions ``` You can specify permissions at each level using either graphical interface or JSON format > Reference these documents for operation: > > 1. [Graphical Interface Operation Guide (Contact, Internal Q\&A Settings)](https://docs.maiagent.ai/tech/maiagent-tech-en/authorization-integration/zhi-shi-guan-li-quan-xian-query-metadata-cha-xun-yuan-zi-liao-zong-lan/graphical-interface) > 2. [JSON Interface Configuration Guide (Contact, Web Chat Embedding Settings)](https://docs.maiagent.ai/tech/maiagent-tech-en/authorization-integration/zhi-shi-guan-li-quan-xian-query-metadata-cha-xun-yuan-zi-liao-zong-lan/json-interfaces) {% @mermaid/diagram content="flowchart TB subgraph Identity Layer Message --> Identity\[Identity Information] Contact --> Identity Role --> Identity end subgraph Query Condition Layer Identity --> QM\[query\_metadata conditions] QM --> KB\[Knowledge Base] QM --> Chatbot\_file\[File Documents] QM --> FAQ\[FAQ] QM --> Label\[Tags] ``` KB --> Filter1[Filter Available Knowledge Bases] Chatbot_file --> Filter2[Filter Available File Documents] FAQ --> Filter3[Filter Available FAQs] Label --> Filter4[Filter Tag Conditions] ``` end subgraph Response Layer Filter1 --> Chatbot\[AI Assistant Response Content] Filter2 --> Chatbot Filter3 --> Chatbot Filter4 --> Chatbot end" %} * Contact/Role are identity containers * Message corresponds to controlling which knowledge bases to use during internal conversations through filtering * `query_metadata` is the "filter condition set" actually executed during conversations ### Document Filter Condition Decision Levels The open filtering logic is: {% @mermaid/diagram content="flowchart TB %% Knowledge Base Level KB\["Knowledge Base"] ``` %% Document Level Docs["Documents under Knowledge Base"] %% Tag Filtering Level Tags["Filter available documents from opened documents by tags"] %% Final Result Result["Final Available Documents"] %% Connections KB --> Docs Docs --> Tags Tags --> Result %% Style Settings classDef kbBox fill:#e3f2fd,stroke:#1976d2,stroke-width:2px,color:#000000 classDef docBox fill:#f3e5f5,stroke:#7b1fa2,stroke-width:2px,color:#000000 classDef tagBox fill:#e8f5e8,stroke:#388e3c,stroke-width:2px,color:#000000 classDef resultBox fill:#fff3e0,stroke:#f57c00,stroke-width:2px,color:#000000 class KB kbBox class Docs docBox class Tags tagBox class Result resultBox" %} ``` Through layer-by-layer transmission, Query Metadata becomes the actual decision basis for AI response logic ## Practical Application Scenarios
IdentityInput Conditions (query_metadata)Response Result
VisitorKnowledge Base: General
File Documents: None
Tags: Visitor
FAQ: 1, 2		Get documents with Visitor tag from General knowledge base and FAQ 1, FAQ 2
Regular MemberKnowledge Base: General
File Documents: A, B, C
Tags: None
FAQ: None		Get documents A, B, C from General knowledge base and all FAQs
Customer ServiceKnowledge Base: Employee
File Documents: None
Tags: CS
FAQ: None		Get documents tagged as CS from Employee knowledge base and all FAQs
Internal EmployeeKnowledge Base: Employee
File Documents: A, B
Tags: None
FAQ: None		Get documents A, B from Employee knowledge base and all FAQs
AdministratorKnowledge Base: Employee, General
File Documents: None
Tags: None
FAQ: None		Get all document content and FAQs from Employee and General knowledge bases
*** ## Summary: The Value of query\_metadata for Enterprises 🎯 **Multi-dimensional Identity Cross-Control** (Role + Region + Product Line) 🎯 **Real-time Query Control**: No need to copy assistants, just change conditions to adapt to different scenarios 🎯 **Flexible Large Knowledge Base Management**: Tags and knowledge bases can be split and authorized according to scenarios > **It is recommended to incorporate query\_metadata into the core product architecture, allowing enterprises to achieve maximum authorization flexibility with minimum settings,**\ > **ensuring knowledge security while improving conversation experience and operational efficiency.**