Multi-tenant Architecture

Cognee’s multi-tenant system uses file-based database isolation with Kuzu (graph database) and LanceDB (vector database) to ensure complete data separation between users and datasets.

Key Features

Complete Data Isolation

Zero Data LeakageEach context gets separate graph and vector stores with file-based database isolation.

Dataset-Level Permissions

Fine-grained ControlGranular access control with read, write, delete, and share permissions per dataset.

Hierarchical Permissions

Organized StructureSupport for tenants, roles, and users with inherited permission management.

File-Based Isolation

Maximum SecurityUses Kuzu and LanceDB for completely separate database instances per user per dataset.

Quick Setup

Enable Permissions

Set the environment variable to activate the multi-tenant permissions system.

Start Backend

Run the Cognee backend server with permissions enabled.

Create Users

Manage Permissions

Grant dataset-specific permissions to control access.

Configuration

To enable Cognee’s multi-tenant permissions system, set the following environment variable:

ENABLE_BACKEND_ACCESS_CONTROL=True

Important: When this is enabled, Cognee will:

Ignore user-configured graph and vector database settings
Enforce the use of Kuzu (file-based graph db) and LanceDB (file-based vector db)
Deploy completely separate database instances per user per dataset

This approach ensures complete data isolation and prevents any possibility of data leakage between contexts.

Permission Hierarchy

The multi-tenant system follows a clear hierarchical structure:

Tenant
├── Users (belong to tenant)
├── Roles (defined within tenant)
└── Datasets
    ├── Data (documents/files)
    └── Permissions (read, write, delete, share)

Tenants

Users

Roles

Datasets

Database Isolation Architecture

The system creates separate database directories for each user-dataset combination, ensuring complete data isolation:

.cognee_system/
├── databases/
│   ├── user_1/
│   │   ├── dataset_a/
│   │   │   ├── kuzu_graph/      # Separate graph database
│   │   │   └── lancedb_vectors/ # Separate vector database
│   │   └── dataset_b/
│   │       ├── kuzu_graph/
│   │       └── lancedb_vectors/
│   └── user_2/
│       └── dataset_a/
│           ├── kuzu_graph/
│           └── lancedb_vectors/

This file-based isolation ensures that each user-dataset combination gets completely separate database instances, preventing any possibility of data leakage between contexts.

Permission Types

Cognee supports four types of permissions for fine-grained access control:

Read

View AccessView and search dataset contents. Required for all query operations.

Write

Modify AccessAdd new data to the dataset. Required for data ingestion and cognify operations.

Delete

Remove AccessRemove documents from the dataset. Required for data cleanup operations.

Permission ManagementGrant permissions to other users. Required to manage access to datasets.

Permission Management Rules

Dataset Creation

Permission Sharing

Access Control Enforcement

Permission Inheritance

ACL (Access Control List) Structure

Permissions are managed through a relational database with the following key tables:

Database Schema

Permission Resolution

Performance Optimization

API Integration

Programmatic Access

import cognee
import os

# Enable permissions
os.environ["ENABLE_BACKEND_ACCESS_CONTROL"] = "True"

# Set user context
cognee.set_user("user_123")

# Operations are automatically scoped to user permissions
await cognee.add("data", dataset_id="dataset_a")  # Requires write permission
await cognee.cognify()  # Requires write permission
results = await cognee.search("query")  # Requires read permission

Best Practices

Security First

Secure Defaults

Start with minimal permissions and grant as needed
Use roles for common permission patterns
Regularly audit user permissions
Monitor access patterns for anomalies

Performance

Optimize Access

Cache permission lookups for frequently accessed datasets
Use role-based permissions to reduce direct grants
Monitor database performance with large user bases
Consider permission inheritance for efficiency

User Management

Organized Structure

Group users into tenants for organizational boundaries
Use descriptive role names and clear permission sets
Document permission policies for your organization
Implement user onboarding workflows

Data Governance

Compliance Ready

Maintain audit logs of permission changes
Implement data retention policies per tenant
Use dataset-level permissions for compliance boundaries
Regular permission reviews and cleanup

Troubleshooting

Permission Denied Errors

Access IssuesCommon causes and solutions:

Missing read permission: User cannot search datasets
- Solution: Grant read permission to the user or their role
Missing write permission: User cannot add data or cognify
- Solution: Grant write permission for data operations
Missing share permission: User cannot grant permissions to others
- Solution: Grant share permission to enable permission management

# Check user permissions
curl -X GET "http://localhost:8000/api/user/permissions" \
  -H "Authorization: Bearer <token>"

Database Isolation Issues

Data Separation ProblemsVerification steps:

Confirm ENABLE_BACKEND_ACCESS_CONTROL=True is set
Check that separate database directories exist
Verify Kuzu and LanceDB are being used (not custom databases)

# Check database structure
ls -la .cognee_system/databases/

# Should show separate user directories
user_1/
user_2/

Performance Issues

Slow Permission ChecksOptimization strategies:

Enable permission caching for frequently accessed datasets
Use role-based permissions instead of many direct grants
Monitor database query performance
Consider permission inheritance optimization

# Enable permission caching
cognee.configure_permissions({
    "cache_enabled": True,
    "cache_ttl_seconds": 300,
    "max_cache_size": 1000
})

Next Steps

User Permissions Guide

Complete TutorialDetailed step-by-step guide with screenshots for setting up and testing the permissions system.

REST API Server

API IntegrationSet up REST API endpoints for multi-tenant applications with authentication.

Configuration

Advanced SetupConfigure advanced multi-tenant settings and performance optimizations.

Deployment Guide

Production DeploymentDeploy multi-tenant Cognee applications in production environments.

Getting Started

Core Concepts

Examples

CLI

Python SDK

UI

Key Features

Complete Data Isolation

Dataset-Level Permissions

Hierarchical Permissions

File-Based Isolation

Quick Setup

Configuration

Permission Hierarchy

Database Isolation Architecture

Permission Types

Read

Write

Delete

Share

Permission Management Rules

ACL (Access Control List) Structure

API Integration

Best Practices

Security First

Performance

User Management

Data Governance

Troubleshooting

Next Steps

User Permissions Guide

REST API Server

Configuration

Deployment Guide

Getting Started

Core Concepts

Examples

CLI

Python SDK

UI

​Key Features

Complete Data Isolation

Dataset-Level Permissions

Hierarchical Permissions

File-Based Isolation

​Quick Setup

​Configuration

​Permission Hierarchy

​Database Isolation Architecture

​Permission Types

Read

Write

Delete

Share

​Permission Management Rules

​ACL (Access Control List) Structure

​API Integration

​Best Practices

Security First

Performance

User Management

Data Governance

​Troubleshooting

​Next Steps

User Permissions Guide

REST API Server

Configuration

Deployment Guide

Key Features

Quick Setup

Configuration

Permission Hierarchy

Database Isolation Architecture

Permission Types

Permission Management Rules

ACL (Access Control List) Structure

API Integration

Best Practices

Troubleshooting

Next Steps