Open Data Infrastructure
AI-Ready Data Entitlement Graphs
How entitlement graphs connect identities, roles, policies, data products, purpose limits, and agent-readable access decisions.
AI agents do not need more data access. They need access that can explain itself before and after every answer.
Agents need explainable access
Catalogs such as DataHub and OpenMetadata document policies, roles, ownership, and metadata assets. Open Policy Agent provides policy-as-code for decisions over structured data. Those pieces become more important when an agent is the consumer.
An entitlement graph connects identities, roles, groups, data products, policies, purposes, environments, and allowed actions. The goal is not a prettier access-control diagram. The goal is a decision path an agent platform can inspect.
Entitlements are relationships
Flat permissions do not explain enough. An agent may have access because a user delegated a task, a role allows a data product, a purpose matches a policy, and a catalog tag permits a masked view. Each of those relationships matters.
The graph should answer allowed, denied, why, for what purpose, for how long, and under which policy version. That makes entitlement data useful for tool selection, retrieval filtering, audit, and incident review.
Core idea: AI-ready access is not a yes or no flag. It is a graph of reasons.
The ODI access model
Open Data Infrastructure keeps the entitlement graph close to the data layer instead of scattering it across applications. Agents can then call tools that inherit catalog policy, lineage, and ownership rather than rebuilding access logic in every prompt.
For adjacent context, read access control in Open Data Infrastructure, why agents need governed data access, and context graphs for data access decisions.
What breaks first
- Agents inherit user access without purpose limits or task boundaries.
- Policy decisions are logged as allowed or denied without the graph path that produced them.
- Catalog permissions and application permissions drift apart.
- Retrieval filters apply labels but not ownership, lineage, or policy version.
Questions to ask
Ask which relationships determine access, where they live, and how an agent receives the decision. Ask whether every answer can be traced to identity, purpose, data product, policy version, and denial reason when applicable.
If the agent can not explain why it could see the data, the platform is not ready for agentic access.
Sources to start with
These primary sources anchor the technical claims in this guide.
- DataHub access policies documentation
- OpenMetadata roles and policies documentation
- Open Policy Agent documentation
- Model Context Protocol tools specification
Access is AI-ready when the reason travels with the permission.