SupportDeveloper Docs

Getting started with the Copilot

BalkanID Copilot is an intelligent AI assistant designed to help you navigate and manage access governance tasks efficiently. The platform combines natural language processing with powerful query capabilities to provide insights, generate reports, and automate security workflows. The technology behind BalkanID Copilot features a knowledge-graph system that facilitates fast querying and deep analytical capabilities. It also utilizes large language models to interact with the user. All our data is sourced from the BalkanID App.

Key Features

  • Interactive Chat Interface: Ask questions in natural language and get intelligent data-rich responses

  • Advanced Reporting: Easily create custom reports with templates and variables

  • Take Actions using the Copilot: Use the BalkanID MCP to perform actions on the BalkanID Platform, or connect other platforms to the Copilot by adding an MCP

  • Automated Playbooks: Generate security automation workflows

  • Real-time Data Analysis: Query your identity data with AI assistance

  • Customizable LLM Models: Choose from various AI models for different use cases

Getting Started

Prerequisites

  • Ensure that you have access to a set-up tenant BalkanID Platform

  • Ensure that the tenant(s) you want to use the Copilot with, have Copilot enabled for them. If Copilot is not enabled, please contact [email protected]

Interface Overview

The main interface consists of:

  • Header Navigation:

    • Copilot Logo (Navigate home)

    • Link to Playbook generation interface

    • Tenant Picker

    • Tenant configuration and User preference settings

  • Sidebar:

    • Chat history

    • Report generation history

    • Options for each chat history item and report generated

  • Main Content (In Chat mode):

    • Dialogues in a chat that may contain text, tables, visualizations, or other information

    • Chat box for the user to input new messages

    • Model selection and MCP selection interfaces

  • Main Content Area (In Report Viewer mode):

    • Report details that may contain text, tables, visualizations, or other information

    • Report template details, which can be used to generate a report

Quick Start Guide

Your First Query

  1. Start a New Chat: Go to the homepage of the BalkanID Copilot, and type any question to start a new chat with the Copilot

  2. Ask a Question: Type a natural language question such as:

    • "Show me all users with admin privileges"

    • "Who has access to the HR application?"

    • "Find users without MFA enabled"

  3. Review Results: The AI will:

    • Generate appropriate queries

    • Display results in tables

    • Provide insights and analysis

    • Suggest follow-up questions

Understanding Responses

AI responses include:

  • Natural Language Explanations: Human-readable answers

  • Data Tables: Structured results with pagination and sorting

  • Cypher Queries: The actual database queries used (viewable in query dialogs)

  • Insights and Findings: Highlighted security issues or notable patterns

  • Follow-up Suggestions: Related questions you might want to ask

Using Mentions and Autocompletion

When typing queries, you can:

  • Use @ mentions: Type @ to see available entities (users, applications, roles)

  • Autocomplete: The system suggests relevant entities as you type

  • Entity Selection: Click suggested entities to include them in your query

Tips for Success

Effective Querying

  • Be Specific: More detailed questions yield better results

  • Use Natural Language: Ask questions as you would to a colleague

  • Iterate: Build on previous questions for deeper analysis

  • Context Matters: Reference previous results in follow-up questions

Best Practices

  • Start Broad, Then Narrow: Begin with general queries, then drill down

  • Use Suggestions: Click on suggested follow-up questions

  • Use Annotations: Type "@" to refer to specific entities or types of entities in your questions

  • Save Important Results: Download data or create reports for future reference

  • Explore Features: Try different question types to understand capabilities

Troubleshooting

Common Issues

  • No Results: Ensure your tenant is selected and you have appropriate permissions

  • Slow Responses: Check network connectivity and try simpler queries

  • Error Messages: Contact your administrator if persistent errors occur

Getting Help

  • Use the FAQ button (?) in the bottom-right corner

  • Check with your system administrator for access issues

  • Refer to the troubleshooting guide for common problems

What are the typical questions that one can ask?

The BalkanID Copilot is a discovery tool that can answer questions regarding a company’s employees, their identities, connections, resources, permissions and the integrated applications. It can also answer questions regarding access reviews, requests and campaigns, IAM risks and findings, BalkanID generated Roles and BalkanID Just-In-Time Purpose-Based Access Control (JITPBAC). While answering these questions, we also flag useful insights like SoD violations, privileged entities and terminated employees. This data is sourced from the entitlements and reviews data on the BalkanID app.

Here are some questions that you could try on the BalkanID App, and then ask follow ups on:

  • What identities are members of privileged groups in AWS?

  • Show me all employees, their departments, and job titles.

  • What applications have been integrated?

  • List all applications and the number of unmapped identities they contain.

  • Which user has the highest number of connections?

  • How many resources does each application contain?

  • List all terminated employees and their connections.

  • Show me terminated employees who have access to resources in applications.

  • List all the campaigns and their progress.

  • What campaigns target terminated employees?

  • Show me all the privileged permissions.

  • List all identities that were reviewed, along with the campaign name and application details.

  • List all reviewed items in the last 90 days — identities, connections, and resources — along with application and review details.

  • List all unreviewed items in the last 90 days — identities, connections, and resources — along with application and review details.

  • What campaigns are overdue?

  • Who has created the most number of requests?

  • List all grant requests over the past 3 months that were approved. Who are the reviewers?

  • What purposes are defined and who is eligible for them?

  • Who gained access via purposes this week?

  • What purposes are set to expire before the end of the month?

  • List the accesses via purposes that are not least privileged. Also list the applications and identities who have the accesses.

Questions around Playbooks

  • Create a joiner playbook for new employees

  • Create a playbook to revoke access for terminated employees who have active identities in AWS

Who can view my interactions with BalkanID Copilot?

Your interactions with BalkanID Copilot are private and secure. Only authorized personnel within BalkanID may access this information to ensure correctness and better user experience.

Does BalkanID Copilot share any information with OpenAI or other LLMs?

The BalkanID Copilot does not send PII to OpenAI or any other LLMs for its primary functionality. However, aggregated statistical data from query results is sent to OpenAI or other LLMs to generate summaries that make it easy for the user to interpret the result. This is not the case when the BalkanID Copilot is self-hosted (or hosted in a contained environment dedicated to the customer), which is an option provided to run BalkanID Copilot.

What is BalkanID's AI policy in general?

Here you can find our overall AI Policy FAQ.

Can BalkanID Copilot run alongside my existing IGA tools such as Sailpoint or IAM tools like Okta or Azure AD?

BalkanID Copilot can be deployed on top of existing existing Identity Security, IGA, PAM, IAM, Service Desk type tools like Okta, Microsoft Entra, Jira, SailPoint, etc.

What use cases does BalkanID Copilot support with existing tools?

Copilot enhances and complements your current IGA and IAM solutions in several ways, including:

  • Serving as an analytics and custom reporting tool

  • Feeding intelligence into IGA and IDP systems to boost workflows, such as:

    • Generating and feeding RBAC roles, policies, and recommendations during access request lifecycle and access review certification

    • Providing actionable insights and playbooks

To enable BalkanID Copilot on your tenant, contact your customer success representative or email [email protected] at any time to discuss options.

PreviousAutomated entitlement data upload playbook with AWS Lambda & S3NextCopilot Chat

Last updated

Was this helpful?