Personalization can enhance the person expertise of procuring, leisure, and information websites by utilizing our previous habits to suggest the merchandise and content material that finest match our pursuits. You may also apply personalization to conversational interactions with an AI-powered assistant. For instance, an AI assistant for worker onboarding might use what it is aware of about an worker’s work location, division, or job title to supply data that’s extra related to the worker. On this put up, we discover how Amazon Q Enterprise makes use of personalization to enhance the relevance of responses and how one can align your use instances and end-user knowledge to take full benefit of this functionality.
Amazon Q Enterprise is a completely managed generative AI-powered assistant that may reply questions, present summaries, generate content material, and full duties primarily based on the info and knowledge that’s unfold throughout your enterprise techniques. Amazon Q Enterprise supplies greater than 40 built-in connectors that make it easy to attach the most well-liked enterprise knowledge sources and techniques right into a unified and highly effective search index that the AI assistant can use to assist reply pure language questions out of your workforce. This enables end-users to search out the data and solutions they’re in search of rapidly, which ends up in elevated productiveness and job satisfaction. Amazon Q Enterprise preserves the entry permissions within the supply techniques in order that customers are solely in a position to entry the data by Amazon Q Enterprise that they’ve entry to straight inside these techniques.
Resolution overview
Responses are personalised by Amazon Q Enterprise by figuring out if the person’s question could possibly be enhanced by augmenting the question with identified attributes of the person and transparently utilizing the personalised question to retrieve paperwork from its search index. Person attributes, equivalent to work location, division, and job title, are made out there to Amazon Q Enterprise by the system used to authenticate person identities that’s configured with the Amazon Q Enterprise utility. Relying on the paperwork out there within the index, the personalised question ought to enhance the relevancy of the returned paperwork, which in flip can enhance the relevancy of the generated response primarily based on these paperwork. The method by which person attributes move to an Amazon Q Enterprise utility varies primarily based on the identification federation mechanism used to authenticate your workforce for the applying:
The next diagram illustrates the method by which person attributes move to Amazon Q Enterprise for each identification federation mechanisms.
The steps of the method are as follows:
- When a person accesses the Amazon Q Enterprise internet expertise or a customized consumer that integrates with the Amazon Q Enterprise API, they should be authenticated. If not already authenticated, the person is redirected to the IdP configured for the Amazon Q Enterprise utility.
- After the person authenticates with the IdP, they’re redirected again to the consumer with an authorization code. Then the Amazon Q Enterprise internet expertise or customized consumer makes an API name to the IdP with the consumer secret to alternate the authorization code for an ID token. When an IAM IdP is configured for the Amazon Q Enterprise utility, the ID token consists of the person attributes which might be configured within the IdP. In any other case, with IAM Id Middle, the person attributes are synchronized from the IdP to IAM Id Middle. This course of solely must be finished one time throughout the person’s session or when the person’s session expires.
- The person is now in a position to work together with the AI assistant by submitting a query.
- Earlier than the Amazon Q Enterprise internet expertise or customized consumer can ship the person’s query to the Amazon Q Enterprise ChatSync API, it should alternate the ID token for AWS credentials. If the Amazon Q Enterprise utility is configured with IAM Id Middle, the Amazon Q Enterprise utility or customized consumer calls the CreateTokenWithIAM API to alternate the ID token for an IAM Id Middle token. This token consists of the person attributes synchronized from the IdP to IAM Id Middle as described earlier. If the Amazon Q Enterprise utility is configured with an IAM IdP, this step is skipped.
- The final step to acquire AWS credentials is to name AWS Safe Token Service (AWS STS). If the Amazon Q Enterprise utility is configured with IAM Id Middle, the AssumeRole API is known as passing the IAM Id Middle token. For an Amazon Q Enterprise utility configured with an IAM IdP, the AssumeRoleWithSAML or AssumeRoleWithWebIdentity API is known as relying on whether or not SAML 2.0 or OIDC is used for the supplier. The credentials returned from AWS STS will be cached and reused till they expire.
- The Amazon Q Enterprise internet expertise or customized consumer can now name the ChatSync API with the credentials obtained within the earlier step utilizing AWS Signature Model 4. As a result of the credentials embody the person attributes configured within the IdP, they’re out there to Amazon Q Enterprise to personalize the person’s question.
Amazon Q Enterprise personalization use case
To exhibit how personalization works in apply, let’s take an instance of inner coaching made out there to workers of a multi-national firm. Think about you lead the coaching division for an enterprise firm and also you’re tasked with bettering the entry to coaching alternatives supplied to workers. You’ve finished an awesome job documenting this data for all places the place coaching is offered and printed it in your firm’s Microsoft SharePoint website, however the suggestions from workers is that they don’t know the place to search out the data. The confusion stems from the truth that your organization additionally publishes inner firm data and documentation on Confluence, Field, and a wiki. Moreover, your division makes use of ServiceNow for coaching assist, which has developed into one other supply of helpful however under-utilized data.
The primary problem to unravel is discoverability of the data unfold throughout these disparate and disconnected techniques. Via the connectors described earlier, Amazon Q Enterprise can deliver collectively the data in these techniques and supply a conversational person interface that enables workers to ask questions in pure language, equivalent to, “What coaching is accessible?”
With the discoverability problem solved, there may be nonetheless a chance to additional optimize the person expertise. That is the place personalization is available in. Take into account the fundamental query, “What coaching is accessible?” from a person who works out of the San Francisco, CA, workplace. Based mostly on this query, Amazon Q Enterprise can discover paperwork that describe the coaching lessons out there throughout all company places, however lacks the information of the person’s dwelling workplace location to be extra exact in its reply. Offering a solution primarily based on the situation, or perhaps a mix of a number of places, isn’t as correct as if the reply had been primarily based on the place the worker labored. The worker could possibly be extra specific of their query by together with their location, however the aim of AI assistants is to raised perceive the person’s intent and context to have the ability to present essentially the most correct data doable for even essentially the most primary questions. Figuring out key details about the person permits Amazon Q Enterprise to seamlessly personalize the retrieval of paperwork and subsequently result in a extra correct response. Let’s see the way it works in additional element.
On the core of Amazon Q Enterprise is a way known as Retrieval Augmented Technology (RAG). At a excessive degree, RAG entails taking a person’s request and discovering passages from a set of paperwork in a searchable index which might be most much like the request after which asking a big language mannequin (LLM) to generate a response that gives a solution utilizing the retrieved passages. Given the query, “What coaching is accessible?” and the variety of places for the corporate, the highest doc passages returned from the index and offered to the LLM might not even embody the person’s location. Due to this fact, the extra exact the question to the retrieval layer, the extra correct and related the final word response shall be. For instance, modifying the question to incorporate particulars on the person’s location ought to end in doc passages particular to the person being returned at or close to the highest of the checklist moderately than buried additional down the checklist.
Configure person attributes in your IdP
Let’s take a look at how you’ll configure your IdP to go alongside the attributes of your customers to your Amazon Q Enterprise utility. Whatever the identification federation mechanism configured on your Amazon Q Enterprise utility, attributes on your customers must be maintained in your IdP’s listing. The next is a partial screenshot of a few of the location-related fields out there within the profile editor for the Okta IdP.
In addition to the executive UI for enhancing particular person profiles, Okta additionally supplies mechanisms for updating profiles in bulk or by APIs. These instruments make it easy to maintain your person profiles synchronized with supply techniques equivalent to worker directories.
After your person profiles are up to date in your IdP, the method for making person attributes out there to your Amazon Q Enterprise utility varies primarily based on the identification federation configuration.
Federation with IAM Id Middle
When you configure your Amazon Q Enterprise utility with IAM Id Middle (beneficial) and you employ an exterior IdP equivalent to Okta or Entra ID to handle your workforce, you merely want to keep up person attributes in your IdP. As a result of IAM Id Middle helps the SCIM normal, you’ll be able to arrange person profiles and their attributes to be routinely synchronized with IAM Id Middle. After the customers and attributes are synchronized to IAM Id Middle, they are often accessed by Amazon Q Enterprise from both the online expertise or by a customized consumer integration as described earlier.
A much less widespread variation of utilizing IAM Id Middle with Amazon Q Enterprise that’s appropriate for primary testing is to make use of IAM Id Middle because the identification supply (with out an exterior IdP). On this case, you’ll add customers and handle their attributes straight in IAM Id Middle by the AWS Administration Console or the CreateUser and UpdateUser APIs.
Federation with IAM
When you configure your Amazon Q Enterprise utility to make use of IAM federation, person attributes are additionally maintained in your IdP. Nevertheless, the attributes are handed to your Amazon Q Enterprise utility out of your IdP utilizing both a SAML 2.0 assertion or an OIDC declare relying on the supplier kind that you simply arrange as your IAM IdP. Your IdP should be configured to go the precise attributes that you simply intend to reveal for personalization. How this configuration is finished relies upon once more on whether or not you’re utilizing SAML 2.0 or OIDC. For this put up, we describe how that is finished in Okta. The method ought to be comparable with different IdPs.
SAML 2.0 supplier kind
Once you create a SAML 2.0 utility in Okta for authenticating your customers, you’ve got the choice to create attribute statements. The attribute statements are included within the SAML 2.0 assertion that’s offered by Okta when a person authenticates. The primary three attribute statements proven within the following desk are required for SAML 2.0 authentication to work with Amazon Q Enterprise. The others are examples of how you’ll go elective attributes that can be utilized for personalization.
| Title | Title format | Worth |
| https://aws.amazon.com/SAML/Attributes/PrincipalTag:E mail | Unspecified | person.e-mail |
| https://aws.amazon.com/SAML/Attributes/Position | Unspecified | [WebExpRoleArn],[IdentityProviderArn] |
| https://aws.amazon.com/SAML/Attributes/RoleSessionName | Unspecified | person.e-mail |
| https://aws.amazon.com/SAML/Attributes/PrincipalTag:countryCode | Unspecified | person.countryCode != null ? person.countryCode : “” |
| https://aws.amazon.com/SAML/Attributes/PrincipalTag:metropolis | Unspecified | person.metropolis != null ? person.metropolis : “” |
| https://aws.amazon.com/SAML/Attributes/PrincipalTag:title | Unspecified | person.title != null ? person.title : “” |
| https://aws.amazon.com/SAML/Attributes/PrincipalTag:division | Unspecified | person.division != null ? person.division : “” |
The place the attribute assertion worth makes use of the Okta Expression Language, Okta resolves the worth expression with the precise worth for the person. For instance, person.e-mail resolves to the person’s e-mail handle, and person.metropolis != null ? person.metropolis : "" resolves to the person’s metropolis (as specified of their person profile) or an empty string if not specified. And since these values are handed within the SAML assertion, you may as well embody any customized attributes on your customers which might be particular to your small business or area that could be related to personalization.
For [WebExpRoleArn],[IdentityProviderArn], it’s essential to substitute [WebExpRoleArn] for the online expertise position ARN on your Amazon Q Enterprise utility and [IdentityProviderArn] for the IAM IdP ARN that you simply created in IAM for this SAML supplier.
OIDC supplier kind
Once you create an OIDC utility in Okta for authenticating your customers, the situation the place you configure the person attributes to incorporate within the OIDC declare is a bit totally different. For OIDC, it’s essential to add the person attributes you need to expose for personalization to the declare for the authorization server. AWS STS helps an entry token or ID token kind. On this put up, we exhibit the ID token kind. For extra particulars, see Construct non-public and safe enterprise generative AI functions with Amazon Q Enterprise utilizing IAM Federation.
Full the next steps:
- In Okta, select Safety, API within the navigation pane.
- Select the authorization server (which can be default) after which Claims.
- When you don’t see a declare kind of ID, select Add Declare to create one.
- For Declare identify, enter
https://aws.amazon.com/tags. - For Embody in token kind, select Entry Token or ID Token (we use ID Token on this put up).
- For Worth kind, select Expression.
- For Worth, enter a JSON doc that makes use of the Okta Expression Language to resolve attributes for the person. The complete expression is as follows:
- Select Create.
Once more, you aren’t restricted to simply these fields. You may also embody customized fields that apply to your use case and paperwork within the expression.
Allow personalization in Amazon Q Enterprise
After you’ve got your most well-liked authentication mechanism configured in your IdP, IAM, and Amazon Q Enterprise, you’re able to see the way it impacts responses in your Amazon Q Enterprise utility. Though personalization is enabled by default for Amazon Q Enterprise functions, you’ll be able to management whether or not personalization is enabled on the Replace International Controls settings web page on your Amazon Q Enterprise utility. If obligatory, choose Allow response personalization and select Save.
Amazon Q Enterprise personalization in motion
Now you’re able to see how Amazon Q Enterprise personalizes responses for every person. We proceed with the identical use case of asking Amazon Q Enterprise “What coaching is accessible?” The paperwork added to the Amazon Q Enterprise index embody inner coaching schedules out there to all workers as Phrase paperwork for 2 company workplaces: San Francisco and London. As well as, two customers had been created within the IdP, the place one person relies within the San Francisco workplace and the opposite relies within the London workplace. Town and nation fields had been populated in addition to every person’s title. The San Francisco worker is a software program programmer and the London worker is the Director of Advertising.
When signed in to the applying utilizing an incognito (non-public) window because the San Francisco worker, the query “What coaching is accessible?” produces the next response.
The response consists of content material on the coaching lessons being held on the San Francisco workplace. The quotation within the Sources part additionally confirms that the “September Coaching Curriculum at San Francisco” doc was used to generate the response.
We are able to shut the incognito window, open a brand new incognito window, check in because the London worker, and ask the identical query: “What coaching is accessible?” This time, the response supplies data on the coaching lessons being held on the London workplace and the quotation refers back to the London curriculum doc.
For one closing check, we disable personalization for the Amazon Q Enterprise utility on the Replace International Controls settings web page for the Amazon Q Enterprise utility, wait a couple of minutes for the change to take impact, after which ask the identical query in a brand new dialog.
This time, Amazon Q Enterprise consists of data on lessons being held at each workplaces, which is confirmed by the citations pulling in each paperwork. Though the query continues to be answered, the person should parse by the response to pick the parts which might be most related to them primarily based on their location.
Use instances for Amazon Q Enterprise personalization
Amazon Q Enterprise will be very efficient in supporting all kinds of use instances. Nevertheless, not all of those use instances will be enhanced with personalization. For instance, asking Amazon Q Enterprise to summarize a request for proposal (RFP) submission or evaluate bank card presents in a buyer assist use case aren’t prone to be improved primarily based on attributes of the person. Happily, Amazon Q Enterprise will routinely decide if a given person’s query would profit from personalizing the retrieval question primarily based on the attributes identified for the person. When eager about enabling and optimizing personalization on your use case, think about the provision of person attributes and the composition of knowledge in your Amazon Q Enterprise index.
Working backward from the personalization impact you need to implement, you first want to find out if the required person attributes on your use case exist in your IdP. This may increasingly require importing and synchronizing this knowledge into your IdP from one other system, equivalent to an worker listing or payroll system. Then you must think about the paperwork and knowledge in your Amazon Q Enterprise index to find out if they’re optimized for personalised retrieval. That’s, decide whether or not the paperwork in your index have content material that shall be readily discovered by the retrieval step given the person attributes in your IdP. For instance, the paperwork used for the coaching class instance on this put up have the town talked about within the doc title in addition to the doc physique. As a result of Amazon Q Enterprise boosts matches in opposition to the doc title by default, we’re benefiting from built-in relevance tuning to additional affect the paperwork that match the person’s metropolis.
On this put up, we targeted on the person’s work location and knowledge that was location-specific so as to add worth by personalization. In different phrases, we used the person’s work location to transparently discover what’s most related to them close by. One other helpful space of use instances to discover might use the person’s job title or job degree and discover content material that’s particular to their position. As you discover the chances, the intersection of person data and the composition of the info within the corpus of paperwork in your enterprise knowledge shops are the very best place to begin.
Conclusion
On this put up, we demonstrated how one can use personalization to enhance the relevancy and usefulness of the responses offered by an AI-powered assistant. Personalization will not be going to dramatically enhance each interplay with Amazon Q Enterprise, however when it’s thoughtfully utilized to make use of instances and knowledge sources the place it could ship worth, it could construct belief with end-users by offering responses which might be extra related and significant.
What use instances do you’ve got the place attributes on your customers and the data in your knowledge sources can permit Amazon Q Enterprise to ship a extra personalised person expertise? Check out the answer for your self, and go away your suggestions and questions within the feedback.
Concerning the Authors
James Jory is a Principal Options Architect for Amazon Q Enterprise. He has pursuits in generative AI, personalization, and recommender techniques and has a background in ecommerce, advertising know-how, and buyer knowledge analytics. In his spare time, he enjoys tenting and motor sports activities.
Nihal Harish is a Software program Improvement Engineer at AWS AI. He’s keen about generative AI and reinforcement studying. Outdoors of labor, he enjoys taking part in tennis, tending to his backyard, and exploring new culinary recipes.
Pranesh Anubhav is a Software program Improvement Supervisor for Amazon Personalize. He’s keen about designing machine studying techniques to serve prospects at scale. Outdoors of his work, he loves taking part in soccer and is an avid follower of Actual Madrid.
Gaurush Hiranandani is an Utilized Scientist at AWS AI, the place his analysis spans the fields of statistical machine studying, with a selected concentrate on desire elicitation and recommender techniques. He’s deeply keen about advancing the personalization of generative AI companies at AWS AI, aiming to boost person experiences by tailor-made, data-driven insights.
Harsh Singh is a Principal Product Supervisor Technical at AWS AI. Harsh enjoys constructing merchandise that deliver AI to software program builders and on a regular basis customers to enhance their productiveness.
