Security and governance are built into AI FDE, since it operates entirely under your identity and permissions. AI FDE is not a separate service account or bot; it acts on your behalf using your existing Foundry session. Every action it takes is subject to the same permission checks, governance controls, and audit logging as any manual action you perform in Foundry.
When you use AI FDE, all operations are executed using your authenticated Foundry session. There is no separate credential, service account, or escalated privilege involved.
AI FDE operates under the same permission constraints as your user account:
This applies to all capabilities, including OSDK application creation, ontology edits, dataset builds, and code repository operations.
Beyond server-side permission enforcement, AI FDE implements a tool approval system that requires explicit user confirmation before executing mutating operations. Defaults are maximally conservative; nothing that could impact production workflows is auto-approved. You can also approve specific tools for the duration of a session, scoped to a branch or project where relevant.
| Category | Examples |
|---|---|
| Requires approval every time | Executing ontology actions, creating applications or widgets, publishing, or creating tags. |
| Branch-aware approval | File edits and dataset builds auto-approve on feature branches, but require approval on protected branches. |
| Auto-approved | Read-only operations such as searching and reading definitions. |
You remain in control of what the agent does. AI FDE cannot perform write operations without your consent, whether consent is given per-action or granted upfront for the session.
All activity is fully auditable through standard Foundry audit logs. Because every API call carries your identity, Foundry's platform-level audit logging captures all operations attributed to you, exactly as it would for manual actions. This includes repository operations, ontology changes, dataset builds, and all other platform interactions.
LLM usage is also attributed to your individual user identity, ensuring that usage tracking and rate limiting apply per user.
| Control | Description |
|---|---|
| Identity | All actions are performed on your behalf using your credentials. There is no service account or separate identity. |
| Permissions | Standard Foundry permissions are enforced server-side on every operation. |
| User approval | Mutating actions require user consent, either confirmed per-action or through session-level pre-approval scoped to a branch or project. |
| Audit trail | Logging through both AI FDE session logs and standard Foundry audit logs are fully in effect. |
| LLM attribution | Model usage is tracked to your individual account. |
| Governance | Existing Foundry governance including permissions, branching controls, and audits apply without exception. |
AI FDE is a productivity tool within your existing Foundry session and cannot exceed your permissions. All actions are logged under your identity, and the standard governance model applies in full effect.