No fine-grained protection to the AI services per developer.

pvnsphani Public · Apr 29 2025

Idea Summary
Currently in the latest apex releases(23.2 or 24.1 or 24.2) where we can leverage AI services, we don't have any fine-grained protection to these AI services per developer.

Use Case
Say, I have created a Generative AI Service in Shared Components using Azure Open AI, Any developer in the workspace (with the right APEX Builder access) can see and use it unless controlled. In case of development environment where I utilized my azure account to create this Gen AI service, this would not restrict other developers from using it in the apex workspace. I want the possibility to restrict since this comes with a cost.

APEX itself does not offer role-based restrictions inside "Generative AI Services" yet (like we have with REST Data Sources or Web Credentials). So inside APEX, there’s no built-in fine-grained protection yet for AI services per developer. Even Azure RBAC on the resource itself will not help because that affects creation/modification in Azure Portal, not API usage.

We reviewed this idea carefully, and while it was interesting, we concluded that due to all the internal implications we need to take into account, it is unlikely to make its way into APEX.

1 Voters

No fine-grained protection to the AI services per developer.

Feature