Pass current user's identity to Connector/LLM?

LeHeron · July 21, 2025, 12:20pm

Hello.
I’m working on implementing a native ML setup in OpenSearch, which involves a conversational agent linked to an external LLM (a custom one)
For our unique architectural needs, I need to pass along the OpenSearch user’s identity [ in the http header ] . I’m having trouble locating the correct variable (assuming there is one) to specify in the connector.

Versions OpenSearch 2.19

pablo · July 21, 2025, 6:47pm

@LeHeron I think the most universal way would be calling _plugins/_security/authinfo endpoint with authenticated user.
What type of authentication do you use?

nathhjo · July 22, 2025, 12:13am

Hi @LeHeron, we can specify API key or AWS credentials for the authentication when creating the connector. You can refer to this doc for more information Connectors - OpenSearch Documentation. Can you share more details about your use case, including the authentication method and the current connector request payload you’re using?

LeHeron · July 22, 2025, 10:08pm

Hello everyone,

Thank you for your responses and suggestions, @pablo and @nathhjo.

I believe there might be a slight misunderstanding regarding my need, and I apologize if my initial question lacked clarity.

My goal is not to authenticate the OpenSearch user to the external LLM. (authentication is already handled at a different architectural level and isn’t the issue here)

What I’m trying to do is pass the OpenSearch user’s identity (the “who” is making the request to the LLM) - undertone “who is using the Conversational Agent” - in the HTTP request sent to my custom LLM via the connector. In other words, I want the LLM to know which OpenSearch user originated the request, and I’m looking for the variable or method to retrieve this information within OpenSearch to include it in the connector’s request_payload.
As usage of Agent/Connector/Models/.. are already subject to permission management [cf. userroles, backendroles ], i guess this information already available somewhere. my point is to know if that one could be export

I hope this clarifies my request a bit better. Please let me know if you need more details.

system · September 20, 2025, 10:09pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Create a connector in order to Connecting to remote models OpenSearch	7	1188	April 27, 2024
LiteLLM Connector Support Machine Learning feature-request	2	80	November 23, 2025
Set Authent OpenID Opensearch gcp OpenSearch	0	349	November 16, 2021
Debugging remote connectors HTTP calls Machine Learning	9	329	February 4, 2025
[Feedback] Conversational Search and Retrieval Augmented Generation Using Search Pipeline - Experimental Release General Feedback discuss	12	1787	March 30, 2024

Pass current user's identity to Connector/LLM?

Related topics