Access Control
Overview
The Access Control dashboard gives you full governance over AI agent traffic. You can quickly understand the nature of inbound agentic activity, and define exactly what each agent is allowed to do on your platform.
Traffic Overview
At the top of the Access Control page, a traffic summary provides quick insight into agentic activity:
- Traffic is grouped by agent and intent, giving you an at-a-glance understanding of who is doing what on your platform.
- Use the filter and group-by controls to slice the data by agent or intent.
- Visualizations include:
- A multi-line timeline graph showing traffic volume over time
- A pie chart breaking down the share of traffic per agent or intent
Policy Configuration
DataDome ships with out-of-the-box recommended policies for all known AI agents, calibrated based on each agent's business relevance and overall trust level. These defaults are applied automatically. Most customers will not need any additional setup. Agentic Trust is designed to be plug and play.
When needed, policies can be customized at three levels of granularity:
Level 1: Default Policy (Agent-Level)
The default policy applies to all traffic sent by a given agent. It is displayed directly in the main Access Control table, one row per agent.
This is the right level for most use cases: set a blanket rule for how a given agent should be treated across your entire platform.
Level 2: Endpoint-Level Policy
For more granular control, click on an agent's policy to open its detailed view. Here, you can define per-endpoint policies, applying different rules depending on the type of action the agent is attempting.
Example: an agent may be authorized to browse products, add items to cart, and complete purchases, while being blocked from creating new accounts.
Level 3: Custom Rules
Within the agent's detailed view, you can define an unlimited number of custom rules. Each rule targets a specific subset of traffic, defined using a traffic filter built from more than 60 traffic characteristics, including:
- HTTP headers
- Geo-location
- GraphQL operations
- Traffic context
- Custom fields
Custom rules give you surgical control over agent behavior for any edge case or business requirement.
Available Policies
The following policies can be applied at any level:
| Policy | Description |
|---|---|
| Intent-Based | AI inspects and decides. Only requests identified as fraudulent are blocked, based on DataDome's intent detection models. |
| Allow | All requests from this agent are permitted. |
| Block | All requests from this agent are denied. |
| Rate Limit | Requests are throttled by volume. |
| Time-Box | Access is granted for a defined time window. |
| Monetize | Access is granted subject to payment via an activated monetization partner. |
Agent Detailed View
In addition to policy configuration, the agent detailed view provides:
- Last 1,000 requests: the full details of the most recent HTTP requests sent by the agent, including request metadata and DataDome's detection output.
- Latest user accounts: a recap of the user accounts that have been leveraging the agent. Available only when Account Protect is activated.
Updated 8 days ago