LangSmith Fleet, a platform for building and managing agents, introduces two authorization models for LLM agents, addressing different needs for access control and security.

"On-Behalf-Of" Authorization

This model involves the agent operating on behalf of a specific user. For example, an onboarding agent with access to Notion and Rippling should show Alice only information about Alice in Rippling and the Notion pages that Alice has access to. The agent should not allow Alice to access Bob's private information.

To implement this model, you need to identify the user interacting with the agent and map the user ID to the authentication credentials needed to access the tools.

"Claws" Authorization

With this approach, the agent uses the credentials provided by the creator. For example, Alice creates an agent and exposes it to others through different channels (text, email, Twitter). When others interact with the agent, it uses the authorization that Alice has granted it.

In some cases, it may be Alice's credentials, but this may not always be desirable. To control data access, you can create dedicated accounts in Notion, Rippling, etc., specifically for the agent. In this way, all users interacting with the agent use the same set of credentials.

Assistants and Claws in LangSmith Fleet

LangSmith Fleet supports both types of agents:

  • Assistants: act "on-behalf-of" the end user.
  • Claws: have their own fixed credentials.

The platform also includes the concept of channels (Slack, Gmail, Outlook, and Teams) and agent sharing. Assistants and Claws support different channels. To share assistants, you need to map the end user in the channel (e.g., their Slack user ID) to their LangSmith ID.

Managing channels and authorization types highlights the need for human-in-the-loop control. If you create an agent with fixed credentials and expose it through a channel, it is important to protect potentially dangerous or sensitive actions.

Concrete Examples

  • Onboarding Agent: Assistant. Has access to Slack and Notion and uses the end user's Slack and Notion credentials.
  • Email Agent: Claw. Responds to incoming emails, checks the calendar, and sends invites, with human oversight for sensitive actions.
  • Product Agent: Claw. Monitors competitors and answers product questions, using a dedicated Notion account and exposed via a custom Slack bot.