OpenAI securely connects enterprise knowledge with ChatGPT by using AuthZed
Learn how OpenAI built connectors to process and search billions of documents for over 5 million business users while respecting existing data permissions using AuthZed’s authorization infrastructure.
With nearly 700 million weekly active users, OpenAI has transformed how people interact with AI. But serving enterprise customers comes with more stringent expectations: Connectors in ChatGPT that can access internal company knowledge while respecting existing permissions.
Connectors for ChatGPT integrate internal knowledge sources and third-party applications like Google Drive, Microsoft OneDrive, and Box directly into ChatGPT. The challenge? Ensuring that when employees ask questions, they only see documents they’re authorized to access, even as permissions change in real-time across countless documents.
The challenge — scaling enterprise permissions for AI-powered knowledge discovery
OpenAI needed to solve a problem that’s especially critical for business users: incorporate vital but sensitive company data with ChatGPT while preventing oversharing of that information. Additionally, they needed to support connectors for a wide range of applications, accommodate the usage scale of a rapidly growing business user base, and launch quickly to meet the demand for ChatGPT workplace productivity tools.
The connectors team identified three critical technical requirements for an authorization system to meet the challenge:
- Replicate complex permission models from third-party platforms
- Handle massive write volumes from continuous document ingestion
- Scale to billions of documents each with their own unique permissions without performance degradation
Traditional authorization systems couldn’t handle the permission complexity or request volume scale across platforms – each has different access control models, and permissions change constantly as employees join projects, leave teams, or update document access.
Initially, the team considered building a custom authorization system. However, given their product launch timeline, they quickly pivoted to a buy-versus-build approach.
We decided to buy instead of build early on. This is an authorization system with established patterns. We didn’t want to reinvent the wheel when we could move fast with a proven solution.
Member of Technical Staff, OpenAI
The solution — AuthZed Dedicated for enterprise-grade authorization infrastructure
OpenAI prioritized proven authorization technology built for modern scale requirements and evaluated authorization solutions against their critical requirements for connectors. They chose AuthZed Dedicated, which is designed for scalably storing and querying fine-grained authorization data.
Through their evaluation process, they discovered that AuthZed Dedicated:
Flexible Permission Modeling
Supports modeling third-party application’s permission models using a schema language without requiring authorization code changes for each new Connector.
Massive Write Performance
Handles massive write volumes from document ingestion and permission updates from all connected data sources while maintaining responsive read performance.
Billion-Document Scale
Scales performance to billions of documents each with unique fine-grained permissions.
AuthZed Dedicated emerged as the right choice, offering both the flexibility to model any third-party permission system and the infrastructure performance required for the scale of OpenAI.
Our product needs to replicate authorization from any possible third parties we want to connect to. Some are fairly complicated, like Google Drive. Others are simpler. But we need something flexible enough to expand to more third-party connections without re-architecting.
Member of Technical Staff, OpenAI
The results — successful connectors in ChatGPT launch
OpenAI met their ambitious timeline and successfully launched connectors for ChatGPT to their 5 million business users with AuthZed handling authorization. Since launch, the system has processed over 37 billion documents while maintaining permission accuracy—all running on AuthZed’s authorization infrastructure.
We’re ingesting billions of documents from our customers, and every single document needs its own very fine-grained permission. The volume of data we are materializing is very, very high.
Member of Technical Staff, OpenAI
The decision to use AuthZed Dedicated has allowed the connectors team to delegate the operational overhead for their authorization system and utilize AuthZed’s support team for technical guidance, unblocking and freeing their engineering resources to focus on improving existing and building new connector integrations.
Especially the SRE work [that product teams] have to do—it’s usually pretty large during the launch phase. But with [AuthZed Dedicated], it’s almost all gone.
Member of Technical Staff, OpenAI
With AuthZed, OpenAI is achieving:
Authorization system that evolves with new platform integrations and business requirements
Billions of documents ingested with fine-grained access controls maintained in real-time
Authorization systems that perform consistently and reliability under demanding conditions
Significant reduction in SRE workload after adopting AuthZed Dedicated
Faster onboarding of new third-party applications without custom authorization development
