{"id":29573148,"url":"https://github.com/auth0-samples/auth0-ai-smart-hr-assistant","last_synced_at":"2025-09-01T06:39:34.014Z","repository":{"id":274842094,"uuid":"924241966","full_name":"auth0-samples/auth0-ai-smart-hr-assistant","owner":"auth0-samples","description":null,"archived":false,"fork":false,"pushed_at":"2025-02-25T08:48:39.000Z","size":459,"stargazers_count":1,"open_issues_count":0,"forks_count":3,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-07-19T09:20:48.028Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/auth0-samples.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-01-29T17:00:42.000Z","updated_at":"2025-03-24T16:21:26.000Z","dependencies_parsed_at":"2025-01-29T18:23:19.185Z","dependency_job_id":"3af1f396-dea5-459c-855d-c89d107d1a9f","html_url":"https://github.com/auth0-samples/auth0-ai-smart-hr-assistant","commit_stats":null,"previous_names":["oktadev/auth0-ai-smart-hr-assistant","auth0-samples/auth0-ai-smart-hr-assistant"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/auth0-samples/auth0-ai-smart-hr-assistant","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/auth0-samples%2Fauth0-ai-smart-hr-assistant","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/auth0-samples%2Fauth0-ai-smart-hr-assistant/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/auth0-samples%2Fauth0-ai-smart-hr-assistant/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/auth0-samples%2Fauth0-ai-smart-hr-assistant/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/auth0-samples","download_url":"https://codeload.github.com/auth0-samples/auth0-ai-smart-hr-assistant/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/auth0-samples%2Fauth0-ai-smart-hr-assistant/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273082444,"owners_count":25042284,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-01T02:00:09.058Z","response_time":120,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-07-19T05:31:59.311Z","updated_at":"2025-09-01T06:39:33.974Z","avatar_url":"https://github.com/auth0-samples.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SmartHR Assistant - AI Agent with Fine-Grained Authorization\n\nA sample application demonstrating how to implement an AI agent with fine-grained authorization controls when accessing sensitive user data.\n\n\u003e For a CLI version of this application, please refer to the [cli-only-app](https://github.com/oktadev/auth0-ai-smart-hr-assistant/tree/cli-only-app) branch.\n\n## Overview\n\nSmartHR Assistant is an intelligent document management system that:\n\n1. Provides secure access to HR documents based on complex authorization rules:\n\n   - Salary information (viewable only by HR and the specific employee)\n   - Performance reviews (viewable by employee, their manager, and HR)\n   - Employee information (viewable by HR and the specific employee)\n   - Team documents (viewable by team members only)\n   - Company policies (public to all employees)\n\n2. Offers AI-powered capabilities:\n   - Answers questions about policies and procedures\n   - Generates document summaries\n   - Assists with document search\n\n## Data Categories with Different Authorization Levels\n\n### 1. Employee Information\n\n- Salary information\n- Performance reviews\n- Employee personal and public information\n\n### 2. Team Information\n\n- Team documents\n- Team members\n\n### 3. Company Information\n\n- Company policies\n- Company documents\n\n## Authorization Levels\n\n### 1. Employee Level\n\n- Full access to their own records\n- Limited access to other employees' public information\n- Full access to public company documents\n- Full access to their teams documents\n\n### 2. Manager Level\n\nEmployee Level +\n\n- Full access to their team members information\n- Full access to performance reviews of their team\n\n### 3. HR Level\n\nManager Level +\n\n- Full access to all employee information\n- Full access to all team information\n- Full access to all performance reviews\n\n### 4. Admin Level\n\n- Full access to all data\n\n## Future Enhancements\n\n- Integrate Auth0 and get the user information from Auth0\n- Add SQL DB for realtime data\n\n![SmartHR Assistant](./public/images/home-page.png)\n\n## How to run\n\n### Prerequisites\n\n- An Okta FGA account, you can create one [here](https://dashboard.fga.dev).\n- An OpenAI account and API key create one [here](https://platform.openai.com).\n\n### Setup\n\n1. Install the dependencies\n\n```sh\nbun install # or npm install\n```\n\n2. Create a `.env.local` file using the format below:\n\n   ```sh\n    # OpenAI\n    OPENAI_API_KEY=xx-xxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxx\n\n    # Okta FGA\n    FGA_STORE_ID=xxxxxxxxxxxxxxxxxxxxxxxxxxx\n    FGA_CLIENT_ID=xxxxxxxxxxxxxxxxxxxxxxxxxxx\n    FGA_CLIENT_SECRET=xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxx\n    # Required only for non-US regions\n    FGA_API_URL=https://api.xxx.fga.dev\n    FGA_API_AUDIENCE=https://api.xxx.fga.dev/\n   ```\n\n### Obtain OpenAI API Key\n\n[Use this page for instructions on how to find your OpenAI API key](https://help.openai.com/en/articles/4936850-where-do-i-find-my-openai-api-key). Once you have your key, update the `.env` file accordingly.\n\n### Configure Okta FGA\n\n1. **Create a client**\n\n   Navigate to _Settings_ and in the _Authorized Clients_ section click **+ Create Client** button. On the new page give your client a name and mark all three client permissions then click **Create**.\n\n2. Copy the information on the modal and update your `.env.local` file with the values you now have for `FGA_STORE_ID`, `FGA_CLIENT_ID`, and `FGA_CLIENT_SECRET`.\n3. Run the `bun run fga:init` script to initialize the FGA store with the model and tuples.\n\n### Run the application\n\n```sh\nbun start # or npm start\n```\n\n## Technical Stack\n\nThis application is built with TypeScript, Next.js, TailwindCSS, LlamaIndex, and OpenFGA.\n\n## Data Sources\n\nAll data will be in PDF and markdown files and will be loaded into an in-memory vector store on application startup.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fauth0-samples%2Fauth0-ai-smart-hr-assistant","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fauth0-samples%2Fauth0-ai-smart-hr-assistant","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fauth0-samples%2Fauth0-ai-smart-hr-assistant/lists"}