PERMISSION-AWARE
AGENTIC AI.
Not a chatbot — a LangGraph agent that runs the whole EHS platform. Intent detection routes each request to RAG search, text-to-SQL, or one of 25+ live tool APIs, and every action is permission-checked first. 500+ concurrent users. No caching possible.
— THE PROBLEM
ONE AGENT.
EVERY TOOL.
EVERY ACTION
PERMISSION-
CHECKED.
Each user has a unique profile drawn from 250+ granular permissions and any subset of 750+ courses. The assistant has to do far more than answer questions: read live data, run reports, create and edit records — but only what that user is allowed to touch. Traditional caching is impossible, and a static index cannot model this.
The system is a LangGraph state machine over LangChain tool-calling agents. Intent detection classifies each turn, then routes it to the right capability: vector RAG search, Postgres text-to-SQL, one of ~10-15 filtered data-fetch APIs, or one of ~10-15 CRUD APIs (create user, update record, and so on). A permission-filtering layer runs before any tool fires.
- Intent + routing. Every turn is classified, then dispatched to RAG, text-to-SQL, a filtered fetch API, or a CRUD action — wired together as an explicit LangGraph graph.
- Permission gate. A Milvus permission index (top-30) cross-referenced against PostgreSQL lets GPT-4o decide full access, none, or partial (compound requests split) — re-validated every turn.
- 25+ tools. The platform's data-fetch and CRUD endpoints are exposed as LangChain tools, so the agent fetches live data and triggers workflows end-to-end without ever exceeding the user's rights.