Overview
Raily’s access control system provides fine-grained control over who can access your content, under what conditions, and with what permissions. Every access request is evaluated against your policies in real-time.How Access Works
When an AI system or application requests access to your content:- Request is sent to Raily with content ID and requester information
- Access policies are evaluated based on rules and conditions
- Decision is made to allow or deny access
- If allowed, a signed URL and access token are provided
- Content is accessed using the provided credentials
Access Policies
Define rules that control access to your content based on:- Requester identity - Who is requesting access
- Purpose - How the content will be used (inference, training, RAG, etc.)
- Time constraints - When access is allowed
- License requirements - Required licenses or subscriptions
- Rate limits - Maximum requests per time period
Permissions
Control what actions are allowed when access is granted:- Full access to complete content
- Preview or metadata only
- Commercial use rights
- Training or fine-tuning permissions
- Redistribution rights
Rate Limiting
Set limits on how frequently content can be accessed:- Requests per hour, day, or month
- Burst allowances for temporary spikes
- Per-requester or global limits
Best Practices
Default Deny
Start with deny-by-default and explicitly allow access
Least Privilege
Grant minimum necessary permissions
Monitor Access
Regularly review access logs for unusual patterns
Test Policies
Test policies before deploying to production