Use Case · LangGraph

LangGraph pipelines need scoped access. Not blanket read permissions.

LangGraph makes it easy to build multi-step pipelines. Civic makes sure each step only accesses what it should.

use case / langgraph

The RAG pipeline indexed the HR folder. All of it.

Just imagine, one day…

You build a LangGraph pipeline to help your team search internal docs. The retrieval step connects to the shared drive with read access. Nobody scopes which folders it can see.

The pipeline indexes everything. Engineering docs, sales decks, and, buried 3 levels deep in a shared parent folder, the entire HR directory. Performance reviews, salary bands, termination letters. Someone asks the chatbot “what’s the average salary for a senior engineer?” and gets an answer citing specific people.

Read access without scope isn't a feature. It's a problem you don't notice until someone asks the wrong question.

Without scoped access, your pipeline reads everything.

It does things you did not intend

You asked it to index engineering docs. It indexed the entire shared drive, including HR records, salary data, and termination letters.

You cannot prove what happened

Which folders were indexed? When? What queries returned sensitive data? Without audit logs, you can't answer the compliance team.

You cannot stop it fast enough

The data is already in the vector store. Deleting the pipeline doesn't delete the embeddings. The sensitive content is still searchable after the agent is gone.

It gets confused and you never know

A document titled “Engineering Standards.docx” in the HR folder. The pipeline indexes it because it looks like engineering content. It's actually a salary spreadsheet.

LangGraph calls Civic. Civic scopes every retrieval step.

Connectivity

One MCP endpoint for Google Drive, Confluence, Notion, and PostgreSQL. Your LangGraph pipeline connects to all data sources through Civic.

Guardrails

Read /docs/engineering. Nothing else. The pipeline physically can't see folders outside its scope. Not hidden, invisible.

Auditability

Every file read, every query executed, every embedding created, all logged with the pipeline step that triggered it. Compliance reviews take minutes.

Revocation

Revoke the pipeline’s access and every data source goes dark. No stale connections. No cached credentials.

Connect LangGraph through Civic in three steps

LangGraph Agent

Add Google Drive and Confluence.

Scope Drive to /docs/engineering only.

Make /docs/hr and /docs/finance invisible.

Done. 2 tools connected:

✓ Google Drive — /docs/engineering only

✓ Confluence — engineering-space only

Your MCP URL and token are ready to copy.

Read the docs

The same scenario. Different outcomes.

Without Civic, the pipeline indexes everything it can see. With Civic, it only sees what you scoped.

$ python run_pipeline.py --index

[langgraph] connecting to shared drive...

[drive:read] indexing /docs/engineering — 342 files

[drive:read] indexing /docs/sales — 128 files

[drive:read] indexing /docs/hr — 891 files

[drive:read] ✘ salary_bands.xlsx indexed

$ # HR data in the search index. anyone can query it.

$ python run_pipeline.py --index

[langgraph] connecting to shared drive via Civic...

[drive:read] indexing /docs/engineering — 342 files

[nexus] drive:read:/docs/sales requested

[nexus] ✘ BLOCKED — /docs/sales not in scope

[nexus] drive:read:/docs/hr requested

[nexus] ✘ BLOCKED — /docs/hr not in scope

$ # only engineering docs indexed. HR invisible.

Your pipeline reads data. Civic helps you scope which data.

You built the RAG pipeline. Spend 10 minutes scoping it so an intern’s chatbot query doesn't surface salary data.

Start building Read the docs