Link Menu Expand (external link) Document Search Copy Copied

How to Create and Configure an AI Agent

What is an AI Agent?

In Zenphi AI Studio, an AI agent is a custom-built, conversational assistant tailored to handle specific tasks, processes, and user groups. These agents work on behalf of your users by retrieving approved data and running workflows based on natural language requests.

When you build an agent, you define its exact purpose, set behavioral guidelines, and grant it configurable access to your Flows (so it can take action) and Tables (so it can read and provide data). Once configured, your target audience can access and interact with the agent through various Zenphi Assistant channels, including Zenphi Assistant and Google Chat.

Note: For a high-level overview of how this fits into your workspace, please check our guide: What is Zenphi AI Studio?.



Accessing AI Studio

AI Studio is available only to users with the Designer or Admin role.

  1. Sign in to your Zenphi workspace.
  2. In the left-hand navigation menu, click on AI Studio.

AI Studio icon

Don’t see AI Studio?

AI Studio may not be enabled for your workspace yet. To request access, contact us at [email protected] or open a chat with the Zenphi Support team directly from the application.



Strategic Architecture: Why Create Multiple Agents?

When getting started, you might wonder: “Why not just create one single master agent, connect all my tables and flows to it, and let everyone use it?”

Building a single global agent creates significant security and operational risks. Instead, you should always create separate, purpose-built agents (e.g., an “Expense Agent,” an “IT Support Agent,” and an “HR Agent”) for three key reasons:

  • Strict Access Control: You can apply visibility filters to individual agents so they only appear for specific departments or roles. For example, you can ensure a “Manager Approval Agent” is visible only to users with the “Manager” attribute, keeping it completely hidden from standard employees. A single master agent cannot differentiate visibility in this way.
  • Data Segregation: Agents pull answers directly from the Zenphi Tables you connect them to. If you connect an HR Salary table and an IT Helpdesk table to the same agent, you risk standard employees querying sensitive HR data through a generic IT request. Splitting them up guarantees the IT agent never even has access to the HR table.
  • Targeted AI Behavior: An agent performs significantly better when it has a clear, singular identity. An agent instructed specifically to “Act as a strict finance reviewer and check policy rules” will handle expense requests far more accurately than a generalized agent trying to juggle HR, IT, and Finance personas simultaneously.

Learn More: For detailed instructions on how to restrict exactly who can see an agent and what data the agent can access, please check our guide on Managing Agent Access & Permission Trimming.



Configuration Settings

When you create a new agent (by clicking + Add Agent [2] on your dashboard [1]) or edit an existing one, you will land on the main configuration screen. The configuration follows a logical sequence across three primary implementation steps.

Step 1: Agent Identity & Channels

  • 3. Agent Name: This is the public-facing title that end-users see in their Zenphi Assistant menu. Choose a clear, action-oriented name so employees instantly know what the agent does (e.g., use “Expense Request Agent” instead of “Finance Bot V2”).
  • 4. Selecting Interaction Channels: Select the platforms where your users will interact with this agent. You can enable a single channel or select multiple channels simultaneously:

    • Zenphi Assistant: A secure, native interface provided by Zenphi, available at https://zenphi.ai/. It provides a centralized experience for interacting with your organization’s AI agents.
    • Google Chat: Integrates Zenphi directly into your team’s Google Workspace environment. Users can interact with the agent and trigger workflows right from their everyday Google Chat window without switching contexts.
    • Looking Ahead: Zenphi is continuously expanding its ecosystem, with native support for additional platforms like Microsoft Teams and Slack currently on the horizon.
  • 5. Agent Description: This field defines what the agent helps users achieve and the specific scenarios where it should be used. This outlines the AI’s core responsibilities.

    • Example: “The Expense Agent simplifies the reimbursement process by allowing you to quickly submit your business expenses and track their approval.”
    • 5.1 ZAIA Prompt Builder: You do not need to write this description from scratch. Type a few rough keywords, click the ZAIA button, and Zenphi’s built-in AI will generate an optimized, professional description for you.
  • 6. Behavioral Guidelines: While the description defines what the agent does, the guidelines dictate how it acts. Specify its tone (e.g., “Be polite and professional like an HR representative”), how it should make decisions, and rules for validating user inputs before completing an action.

    • 6.1 ZAIA Prompt Builder: Click the ZAIA button within this section to automatically generate optimal behavioral rules based on the specific tables and flows you connect in the next steps.
    • Important Security Note: Do not use behavioral guidelines to restrict access to sensitive data (e.g., writing “Do not show salaries to standard staff”). Guidelines only influence conversational style. To truly secure data, you must use the hard boundaries of Row Filters and Column Visibility.

Step 2: Knowledge & Actions

This is the operational core of your agent, where you equip it with the live enterprise data and tools it needs to execute tasks.

  • 7. Selecting Spaces: Agents operate within the boundaries of the Workspaces and Spaces you connect. If you have an HR Space containing leave tables and an IT Space containing software request flows, and you want a single agent to manage both, simply add both Spaces to this field.
  • 8. Adding Tables: Click Add Table to connect a Zenphi Table, grounding the agent in your corporate data and reducing the risk of unsupported answers.
  • 9. Configuring Table Security & Data Trimming: Once a table is attached, you have precise control over establishing visibility settings:

    • Column Exposure: Uncheck specific columns (such as internal system IDs, passwords, or salary bands) to hide them from the user interface. The AI can still utilize these columns in the background for its processing logic, but it will never display them to the user in the chat window.

    • Row-Level Filtering (Conditions): Apply strict rules to limit which data rows a user can query. You can use operators (Equals, Not Equal, Contains) linked to dynamic variables, and stack rules using AND/OR logic.

    • Dynamic Matches: Go beyond simple email matching (Employee Email Equals User Email). You can filter by Department-Level (Department Equals User Department), Role/Governance (Is Super Admin Equals True), or Time Boundaries (limiting results to the current fiscal quarter or year).

    Important: Always configure row-level filters to ensure end users can only access records that belong to them. For example, set Employee Email Equals User Email to prevent users from viewing other employees’ records.

CRITICAL SECURITY WARNING: Skipping row-level filtering means any user who interacts with the agent can query the entire connected table. Always implement strict security conditions to protect internal data integrity. For a full technical breakdown, see Managing Agent Access & Permission Trimming.

  • 10. Adding Flows: Click Add Flow to grant the agent permission to trigger automated processes on a user’s behalf.

    • AI Studio is optimized to run workflows using Zenphi Form triggers and On-Demand triggers. When a user requests an action in natural language, the agent will dynamically interview the user to gather the required parameters in chat, then seamlessly execute the connected Zenphi Form in the background.

Step 3: Access Control & Deployment

  • 11. Visibility Filter: This provides ultimate governance over agent deployment. It allows you to set strict conditional rules detailing exactly who can see the agent in their Zenphi Assistant menu based on User ID/Email or specific User Attributes (e.g., Department = HR, Level = Manager). If a user does not meet the conditions, the agent remains entirely invisible to them.
  • 12. Test, Save, and Publish Panel: Located at the top and bottom of the configuration screen, this panel controls your deployment lifecycle:

    • Save: Stores your configuration progress as a draft without making changes live.
    • Test: Opens a live simulator window directly inside the Studio. Use this to chat with the agent, test its conversational boundaries, verify data retrieval accuracy, and confirm that flows trigger correctly before going live.
    • Publish: Pushes the finalized configuration to production, making the agent instantly available to authorized users across all enabled interaction channels.



Real-World Walkthrough: The “Regional IT Support” Agent

To see how these configuration elements work together, let’s look at how an administrator configures a high-security internal IT agent.

The Setup Profile

  1. Access & Creation: A Workspace Admin logs into the dashboard, navigates to AI Studio, and clicks + Add Agent.
  2. Agent Name: They name the agent “Regional IT Support” so it appears clearly in the user’s agent list.
  3. Selecting Interaction Channels: They enable both Zenphi Assistant and Google Chat so users can interact with the agent from either platform.
  4. Agent Description: They enter a summary detailing that the agent is meant to look up regional records and manage system access.
  5. Behavioral Guidelines: They provide strict instructions to the agent to always be concise and to explicitly require a “YES” confirmation before changing any account settings.
  6. Selecting Spaces: They connect the core IT and security work environments to give the agent context.
  7. Adding Tables: They link the central data sheet named Server_Logs to the agent.
  8. Configuring Table Security & Data Trimming:

    • Column Exposure: Sensitive fields like passwords and internal network addresses are unchecked and excluded so private data is completely blocked from view.
    • Row-Level Filtering (Conditions): They apply two strict safety rules:

      • Data_Center_Region Equals Viewer_Region (Automatically checks who is asking and only shows records matching that specific person’s assigned region).
      • Asset_Tier Equals Executive (Limits the agent strictly to high-priority corporate data; standard or lower-level records are hidden).
  9. Adding Flows: They attach an automated “Account Lockdown” workflow so the agent has the actual power to freeze an account when commanded.
  10. Visibility Filter: They set the visibility rule to Is_SuperAdmin Equals True so the agent remains completely hidden from standard employees.
  11. Test, Save, and Publish Panel: The setup is tested in a mock chat simulator, saved, and then published to go live.



The End-User Experience in Action

When an authorized IT Manager interacts with a newly published agent saying: “Show me recent critical logs and lock down John’s account,” the system executes the backend configuration sequentially:

  • User Input: The IT Manager submits a compound conversational request to simultaneously retrieve data and trigger a system action.

  • Security & Governance Check: The system evaluates the user’s structural attributes (e.g., Role: SuperAdmin) to verify agent visibility and confirm execution permissions.

  • Data Integration & Trimming: The system queries the Server_Logs table and instantly applies hard data restrictions before passing data to the model:

    • Column Exposure: Filters out sensitive fields such as passwords and internal IP addresses.
    • Row-Level Filtering: Restricts rows to the manager’s assigned geographic region and limits visibility strictly to the Executive Asset Tier.
  • Behavioral Guideline Compliance: The AI processes the isolated data and applies its prompt instructions to generate a concise, safe summary for the user.

  • Action Routing & Guardrails: The system detects the intent to trigger the account lockdown workflow. Because it is classified as a sensitive action, the agent holds the execution and creates a confirmation checkpoint: “Please type ‘YES’ to confirm account lockdown.”



Conclusion & Next Steps

You have now mastered the configuration workflow required to build smart, secure, and actionable AI agents. By carefully balancing identity guidelines with rigid table filters and automated flows, you can safely deploy powerful AI tools tailored to your organization’s exact governance structure.

To further extend your expertise, explore our targeted deep-dives: