Configuring AI Governance

AI Governance is the control tower of your Prisme.ai environment. It allows administrators and IT leaders to monitor, secure, and govern the use of AI across all products and teams. You can manage:

Authentication and SSO providers
RBAC (role-based access control)
Workspace provisioning and quotas
Interface customization
User feedback and platform policies

Initialization

To enable AI Governance, you must generate a super admin token:

Step 1: Get your JWT token

Step 2: Generate the long-term token

Use the following command from inside the Prisme.ai internal network (or from a pod):

curl 'https://<API_URL>/v2/user/accessTokens' \
  -X POST \
  -H 'content-type: application/json' \
  -H "Authorization: Bearer <YOUR_JWT>" \
  --data-raw '{"name":"ai-governance","expiresAt":"2027-01-24T11:53:12.116Z"}'

Step 3: Inject the access token

In the AI Governance secrets, paste the token under the adminAccessToken field.

Step 4: Configure API access

Get your workspace ID from the browser and add:

WORKSPACE_OPS_MANAGER=https://<API_URL>/v2/workspaces/<WORKSPACE_ID>/webhooks/

This can be injected via Helm values under prismeai-console.workspace_ops_manager.

Interface Personalization

Customize Branding & Texts

Configure SSO Providers

To customize login options, define the following environment variable in prismeai-console and prismeai-pages :

ENABLED_AUTH_PROVIDERS='[{ "name": "local" }, { "name": "custom", "label": { "fr":"Connexion avec custom", "en":"Connect with custom" }, "icon":"http://logo.png"}]'

You can mix local and SSO authentication options.You can also disable local signup with the following environment variable :

DISABLE_LOCAL_SIGNUP='true'

Also add this variable to prismeai-api-gateway to disable the corresponding API.

Add Legal & Help Pages

Roles and Permissions

AI Governance uses RBAC to manage platform access:

Assign the PlatformAdmin role to users for full control
Use PlatformManager to delegate governance tasks
Refine access to each product under the Roles tab

Default roles include Admin, Builder, KnowledgeAdmin, User, etc. To give a user access to AI Governance:

Go to Users & Permissions
Assign the PlatformManager role in the Manager column

Best Practices

Centralize Security

Use AI Governance to enforce consistent authentication and SSO across all products.

Granular Access Control

Customize RBAC to fit your organizational structure using role templates and groups.

Audit Everything

Combine Governance and AI Insights to trace user actions, model usage, and data access.

Govern by Group

Automate workspace provisioning per group using initializeGroupProducts.

Overview

Cloud Providers

Docker & Kubernetes Deployment

Entreprise Services

AI Products

Operations

Configuring AI Governance

Initialization

Interface Personalization

Roles and Permissions

Best Practices

Centralize Security

Granular Access Control

Audit Everything

Govern by Group

Overview

Cloud Providers

Docker & Kubernetes Deployment

Entreprise Services

AI Products

Operations

​Initialization

​Interface Personalization

​Roles and Permissions

​Best Practices

Centralize Security

Granular Access Control

Audit Everything

Govern by Group

Initialization

Interface Personalization

Roles and Permissions

Best Practices