Describe the bug
A message policy assigned to a group is not enforced with Azure or Amazon Bedrock models. Even though the user belongs to the configured group, the policy fails to block the action. This issue appears specific to certain model providers, as the same policy works correctly with OpenAI and Anthropic models.
Pre Req - Have an auth provider that supports groups (I have the JumpCloud auth provider enabled).
Have the default model set to a model served from Azure or Amazon Bedrock model provider.
To Reproduce
Steps to reproduce the behavior:
- As an admin user, create a Message Policy that has access to a group, say
group1.
- Log in as a user who is part of
group1, Launch agent.
- Chat with it and ask to delete an email from the Gmail inbox.
This results in the email being deleted without the Message Policy created in step1 taking effect and blocking the message.
Note - Message Policy that is assigned to group work as expected with models served from OpenAI and Anthropic model providers.
Expected behavior
The message policy assigned to the group should block the message.
Describe the bug
A message policy assigned to a group is not enforced with Azure or Amazon Bedrock models. Even though the user belongs to the configured group, the policy fails to block the action. This issue appears specific to certain model providers, as the same policy works correctly with
OpenAIandAnthropicmodels.Pre Req - Have an auth provider that supports groups (I have the
JumpCloudauth provider enabled).Have the default model set to a model served from
AzureorAmazon Bedrockmodel provider.To Reproduce
Steps to reproduce the behavior:
group1.group1, Launch agent.This results in the email being deleted without the Message Policy created in step1 taking effect and blocking the message.
Note - Message Policy that is assigned to group work as expected with models served from
OpenAIandAnthropicmodel providers.Expected behavior
The message policy assigned to the group should block the message.