Confidence Scores
Confidence scores are the heart of Lelu's dynamic authorization model. They allow you to quantify the risk of an action and require human approval when the AI's confidence is too low.
How it Works
When an AI agent requests to perform an action, it must provide a confidence score between 0.0 and 1.0. This score represents the agent's certainty that the action is safe and correct.
High Confidence
Action is automatically approved and executed immediately.
Medium Confidence
Action is queued for human review. Execution is paused.
Low Confidence
Action is automatically denied. No human review required.
Defining Thresholds in Rego
You define the required confidence thresholds for different actions using Open Policy Agent (OPA) Rego policies. This allows you to set stricter requirements for sensitive actions.
package lelu.authz
default allow = false
default requires_approval = false
# Read actions are safe, require low confidence
allow {
input.action == "read"
input.confidence >= 0.5
}
# Write actions are sensitive, require high confidence
allow {
input.action == "write"
input.confidence >= 0.9
}
# If confidence is between 0.7 and 0.9 for a write, require human approval
requires_approval {
input.action == "write"
input.confidence >= 0.7
input.confidence < 0.9
}Providing Confidence via SDK
When using the Lelu SDK, your AI agent must provide its confidence score when requesting authorization.
import { LeluClient } from '@lelu/sdk';
const lelu = new LeluClient({ apiKey: 'your-api-key' });
// The AI agent determines it is 85% confident in this action
const response = await lelu.authorize({
agentId: 'agent-123',
action: 'delete_user',
resource: 'user:456',
confidence: 0.85, // 85% confidence
context: {
reason: 'User requested account deletion via support ticket #9921'
}
});
if (response.status === 'requires_approval') {
console.log('Action queued for human review. Request ID:', response.requestId);
}