Ir para o conteúdo

Jitterbit Security RFI Agent

Overview

The Jitterbit Security RFI Agent (Security RFI Agent) is an AI agent provided through Jitterbit Marketplace that automates the end-to-end processing of Security RFI (Request for Information) requests. This agent uses the Retrieval-Augmented Generation (RAG) technique, which combines LLM reasoning with access to external tools and data sources. The agent accepts RFI questionnaires submitted via Slack, applies product-aware routing to select the appropriate internal knowledge base, and uses AI to generate structured answers. Final responses are delivered to the user as submission-ready Word and Excel documents.

When a user sends an RFI request in Slack, the agent immediately acknowledges the message and begins processing. It extracts intake data from the user's message, downloads the attached RFI document, and indexes its questions in Azure AI Search. For each question, the agent retrieves relevant excerpts from the configured knowledge base and sends them to an LLM to draft a grounded answer. When all questions are answered, the agent calls Azure Functions to generate the final Word or Excel document, stores the file in Azure Blob Storage, and delivers it to the user in Slack. The agent can also look up Salesforce account details and create a Salesforce case for the RFI submission. Knowledge bases are maintained by ingesting content from Google Drive and Confluence into Azure AI Search.

The agent performs the following tasks:

  • Receives RFI requests and attached questionnaire files from users in a Slack channel.
  • Extracts structured intake data from the user's message, including partner name, risk tier, due date, and product type.
  • Downloads the RFI document from Slack and indexes its questions in Azure AI Search.
  • Retrieves relevant knowledge base excerpts for each RFI question using AI-powered search.
  • Drafts answers for each question using only the retrieved knowledge base content.
  • Generates submission-ready Word and Excel documents via Azure Functions.
  • Stores generated documents in Azure Blob Storage and delivers them to the user via Slack.
  • Looks up Salesforce account details and creates a Salesforce case for each RFI submission.
  • Ingests knowledge base content from Google Drive and Confluence into Azure AI Search.

This document explains how to set up and operate this AI agent. It covers architecture, prerequisites, agent prompts that show what the agent can do, and steps to install, configure, and operate the AI agent.

AI agent architecture

This AI agent operates as a conversational Slack bot that processes RFI questionnaires end-to-end. A typical RFI request is handled as follows:

  1. A user sends a message in the configured Slack channel, attaches an RFI questionnaire file (Word or Excel), and provides intake information such as the partner name, risk tier, and submission due date.
  2. Slack sends a POST request to the agent's custom API endpoint. The Acknowledge Slack Request operation returns a 200 response immediately to prevent Slack timeouts, and the Slack Bot Request Handler operation begins processing the payload.
  3. The Process Security RFI Document operation calls the Main - AI Agent Logic workflow, which sends the user's message to the LLM to extract structured intake fields (partner name, risk tier, due date, and product type). The product type is used to select the appropriate Azure AI Search knowledge base.
  4. The agent downloads the attached file from Slack and uploads it to Azure Blob Storage. The Azure AI Search Index Doc operation then indexes the document's content, making its questions searchable.
  5. The LLM normalizes the RFI questions extracted from the document.
  6. For each question, the agent queries Azure AI Search to retrieve the most relevant knowledge base excerpts, then sends those excerpts to the LLM to draft a grounded answer. Answers are based exclusively on the retrieved content.
  7. The Azure Function Generate Document operation calls the configured Azure Functions endpoint, which assembles the structured answers into a Word or Excel document.
  8. The generated document is stored in Azure Blob Storage and uploaded to Slack. The agent posts the file in the original channel thread so the user can download it.
  9. The Create Salesforce Case operation creates a Salesforce case for the RFI submission.

Workflow diagram

The following diagram shows the main request-handling workflow for the Security RFI Agent.

--- config: flowchart: padding: 20 nodeSpacing: 80 --- flowchart LR classDef default fill:white, stroke:black, stroke-width:3px, rx:15px, ry:15px SLK[fab:fa-slack
Slack] JSP@{ shape: hex, label: "
Security RFI
Agent" } LLM[fas:fa-brain
LLM] SEARCH[Azure AI Search] BLOB[Azure Blob Storage] FUNC[Azure Functions] SF[fab:fa-salesforce
Salesforce] SLK -->|1. RFI request| JSP JSP <-->|2. Extract intake data,
draft answers| LLM JSP <-->|3. Index and retrieve
knowledge| SEARCH JSP <-->|4. Store and retrieve
document| BLOB JSP -->|5. Generate document| FUNC JSP -->|6. Deliver document| SLK JSP -->|7. Create case| SF

Prerequisites

You need the following components to use this AI agent.

Harmony components

You must have a Jitterbit Harmony license with access to the following components:

Supported endpoints

The AI agent connects to the following endpoints. You can accommodate other systems by modifying the project's endpoint configurations and workflows.

Large language model (LLM)

The agent uses Azure OpenAI as the LLM provider for extracting intake data, normalizing questions, and drafting answers. You must have an Azure subscription with an Azure OpenAI resource and a deployed model (for example, gpt-4.1).

Slack

The agent receives RFI requests and delivers generated documents through a Slack bot. You must have a Slack workspace and a Slack app with a valid Bot User OAuth Token and the permissions required to read and post messages and upload files.

The agent indexes RFI document content and retrieves knowledge base excerpts using Azure AI Search. You must have an Azure AI Search resource with a search index and an indexer configured for the knowledge base documents.

Azure Blob Storage

The agent stores uploaded RFI files and generated output documents in Azure Blob Storage. You must have an Azure storage account with a container and a Shared Access Signature (SAS) token that has read and write permissions.

Azure Functions

The agent calls an Azure Functions endpoint to generate Word and Excel documents from structured RFI response data. You must have an Azure Function app deployed with a function key for authentication.

Salesforce

The agent queries account details and creates case records using the Salesforce REST API. You must have a Salesforce account with a username, password, security token, and permission to read accounts and create cases.

Google Drive

The agent ingests knowledge base documents from Google Drive into Azure Blob Storage for indexing. You must have a Google Cloud project with a service account that has read access to the configured Drive folder.

Confluence

The agent ingests wiki pages from Confluence into Azure AI Search as knowledge base content. You must have a Confluence account with credentials that have read access to the configured space.

Agent prompts

The Security RFI Agent receives all requests as messages sent to the configured Slack channel. This section describes the rules for effective prompts and provides example prompts.

Prompt guidelines

Follow these guidelines when sending messages to the agent:

  • Include the partner or customer name in your message.
  • Specify the risk tier using "Low", "Medium", or "High".
  • Include the submission due date in an unambiguous format (for example, "July 31, 2026" or "2026-07-31").
  • Attach the RFI questionnaire as a Word or Excel file in the same Slack message.
  • Optionally specify the product the RFI covers: Studio, API Manager, EDI, or App Builder. If no product is specified, the agent defaults to the Studio knowledge base.

Example prompts

The following example prompts show the types of messages the agent can handle. Replace placeholder values in angle brackets with your actual values.

Submit an RFI for processing

Send the RFI questionnaire file as a Slack attachment in the same message.

Prompts

  • Please process this security RFI for <partner name>. Risk tier: High. Due date: <YYYY-MM-DD>.
  • Complete the attached questionnaire for <partner name>, medium risk, deadline <date>.
  • Process this RFI for <partner name> covering our API Manager product. Risk: Low. Due <date>.

Look up account details

Prompt

  • Get account details for <customer name>.

Installation, configuration, and operation

Follow these steps to install, configure, and operate this AI agent:

  1. Download and install the project
  2. Obtain Azure OpenAI credentials
  3. Configure the Slack bot
  4. Configure project variables
  5. Test connections
  6. Deploy the project
  7. Create the Jitterbit custom API
  8. Review project workflows
  9. Trigger the project workflows

For troubleshooting guidance, see Troubleshooting.

Download and install the project

Follow these steps to install the Studio project for the AI agent:

  1. Log in to the Harmony portal at https://login.jitterbit.com and open Marketplace.

  2. Locate the AI agent named Jitterbit Security RFI Agent. To locate the agent, use the search bar or, in the Filters pane under Type, select AI Agent to limit the display to AI agents.

  3. Click the agent's Documentation link to open its documentation in a separate tab. Keep the tab open to refer back to after starting the project.

  4. Click Start Project to open a configuration dialog.

    Note

    If you have not yet purchased the AI agent, Get agent is displayed instead. Click it to open an informational dialog, then click Submit to have a representative contact you about purchasing the AI agent.

  5. In the Create a New Project dialog, select an environment where the Studio project will be created, then click Create Project.

  6. After the progress dialog indicates the project is created, use the dialog link Go to Studio or open the project directly from the Studio Projects page.

Obtain Azure OpenAI credentials

To use Azure OpenAI as the LLM provider, you must have an Azure OpenAI resource with a deployed model:

  1. In the Azure portal, create or open your Azure OpenAI resource.

  2. Under Resource Management, select Keys and Endpoint and retain the API key and base endpoint URL for use in the Azure OpenAI project variables.

  3. In Azure AI Foundry, open your Azure OpenAI resource and navigate to Deployments. Note the deployment name of the model you intend to use (for example, gpt-4.1).

Configure the Slack bot

Follow these steps to configure Slack for receiving RFI requests and delivering documents:

  1. In your Slack workspace, create a Slack app at https://api.slack.com/apps. If you already have an app to use, open it.

  2. Under OAuth & Permissions, add the following Bot Token Scopes:

    • chat:write to post messages and upload files to channels.
    • files:read to download files shared by users.

  3. Install the app to your workspace and retain the Bot User OAuth Token for use in the Slack project variables.

  4. After the project is deployed and the custom API is published (see Create the Jitterbit custom API), configure your Slack app's Event Subscriptions or Slash Commands to point to the published service URL.

Configure project variables

In the Studio project installed from Marketplace, set values for the following project variables.

To configure project variables, use the project's actions menu and select Project Variables to open the configuration drawer.

Slack

Variable name Description
bot_oauth_user_token The Bot User OAuth Token used by the Slack bot to authenticate API requests for messaging and file uploads.
Slack_Files_Base_URL Base URL used to access Slack file upload APIs for delivering generated documents (default: https://files.slack.com).

Azure OpenAI

Variable name Description
azure_openai_base_url Base endpoint URL for the Azure OpenAI service (for example, https://<account>.openai.azure.com).
azure_openai_api_key API key used to authenticate requests to Azure OpenAI.
Azure_OpenAI_Deployment_Name Name of the Azure OpenAI model deployment used to generate RFI responses (for example, gpt-4.1).
Max_Output_Tokens Maximum number of tokens the model can generate in a single response (default: 32768).

Azure AI Search

Variable name Description
azure_ai_search_url Endpoint URL for Azure AI Search (for example, https://<search-service-name>.search.windows.net).
azure_ai_search_api_key API key used to authenticate requests to Azure AI Search.
azure_ai_search_index Name of the Azure AI Search index used to retrieve knowledge base content for RFI responses.
azure_ai_search_indexer Name of the indexer responsible for populating the Azure AI Search index from external sources.
azure_ai_search_api_version API version used when making requests to Azure AI Search (for example, 2025-09-01).

Azure Blob Storage

Variable name Description
azure_blob_base_url Base URL of the Azure Blob Storage account (for example, https://<account>.blob.core.windows.net).
Azure_Blob_Container_Name Name of the Azure Blob container where knowledge bases and output documents are stored.
azure_blob_sas_token SAS token used to securely access Azure Blob Storage.
Source_Path Base path used by the integration to locate or reference source files during processing (default: /).

Azure Functions

Variable name Description
Azure_Function_Base_URL Base endpoint URL for the Azure Function responsible for generating RFI documents (for example, https://<function>.azurewebsites.net/api/).
Azure_Function_Key Authentication key required to invoke the Azure Function.

Salesforce

Variable name Description
SF_Login_URL Salesforce authentication endpoint (for example, https://login.salesforce.com/).
SF_User_Name Salesforce username used to authenticate API requests.
SF_Password Password for the Salesforce user account.
SF_Security_Token Security token required alongside the Salesforce username and password for API authentication.

Google Drive

Variable name Description
Google_Project_ID Identifier of the Google Cloud project hosting the service account used to access Google Drive.
Google_Client_Email Service account email used to authenticate and access Google Drive resources.
Google_Private_Key Private key associated with the Google Cloud service account used for authentication.
Google_Oauth_Scopes OAuth scopes defining access permissions for Google Drive APIs (default: https://www.googleapis.com/auth/drive).
Google_Drive_ID Identifier of the Google Drive folder containing knowledge base documents.
Google_Drive_Default_Modified_Date Default timestamp used as the starting point for incremental file ingestion from Google Drive (for example, 2026-04-14T00:00:00).

Confluence

Variable name Description
Confluence_Wiki_BaseUrl Base URL of the Confluence instance (for example, https://<account>.atlassian.net/wiki).
Confluence_Wiki_UserName Username used to authenticate API requests to Confluence.
Confluence_Wiki_Password Password or API token used to authenticate access to Confluence.
Confluence_Wiki_Space Key of the Confluence space from which pages are retrieved.
Confluence_Wiki_Last_Modified_Date Timestamp used to filter Confluence pages for incremental ingestion (for example, 2025-01-01 00:00).
Confluence_Wiki_Exclude_Label Label used to exclude specific Confluence pages from ingestion.

Test connections

Test the endpoint configurations to verify connectivity using the defined project variable values.

To test connections, go to the design component palette's Project endpoints and connectors tab, hover over each endpoint, and click Test.

Deploy the project

Deploy the Studio project.

To deploy the project, use the project's actions menu and select Deploy.

Create the Jitterbit custom API

Create a custom API using API Manager to expose the agent's Slack bot entry point.

Configure and publish the API with the following parameters:

Setting Value
Path /
Operation Slack Bot Request Handler
Method POST
Response type System Variable

After publishing, retain the service URL. Use it to configure your Slack app's event subscription or slash command endpoint so that Slack routes incoming events to the agent.

Review project workflows

The Studio project contains nine workflows that implement the Security RFI Agent functionality, organized into three functional groups.

RFI processing

Workflow Description
Main Entry - Slack API Request Handler Receives incoming Slack events and orchestrates the end-to-end RFI processing pipeline.
Main - AI Agent Logic Manages the LLM interaction cycle for each turn of the RFI workflow.
Main Entry - Slack API Request Handler

This workflow handles all incoming Slack events via the custom API endpoint. The Acknowledge Slack Request operation returns an immediate 200 response to prevent Slack timeouts. The Slack Bot Request Handler operation parses the event payload, validates the request, and initiates processing. The Process Security RFI Document operation orchestrates the full RFI pipeline by coordinating calls to the Main - AI Agent Logic workflow for LLM interaction and to utility workflows for file handling, document generation, and Salesforce case creation. The Tools Decision operation routes LLM tool calls to the appropriate handler, including Handle Get Account Details for Salesforce account lookups. Supporting operations handle all Slack interactions: Slack Post Message and Slack Reply From Bot send messages, Slack Upload File and Slack Complete File Upload deliver the generated document, Slack Post Typing sends typing indicators, Slack Delete Message removes interim messages, Slack User Request Decision Processing determines how to process the user's input, Reset File Upload In Progress clears upload state, and Send File Validation Error handles invalid file submissions.

Main - AI Agent Logic

This workflow manages the LLM interaction lifecycle for a single turn. The Call LLM operation builds the Azure OpenAI request payload, sends the prompt to the LLM, and processes the response. If the LLM returns a tool call, the Call LLM Again operation re-enters the loop with the tool result appended to the conversation context, continuing until the LLM returns a final text response.

Document and storage utilities

Workflow Description
Utility - Upload File to Google Drive Uploads a processed file to Google Drive.
Utility - Azure Blob and Search API Provides reusable operations for reading and writing Azure Blob Storage and indexing and searching documents in Azure AI Search.
Utility - Azure Functions Calls the Azure Functions endpoint to generate Word and Excel documents.
Tool - Create Salesforce Case Creates a Salesforce case record for the RFI submission.
Utilities Provides a utility operation for converting CSV messages to JSON format.
Utility - Upload File to Google Drive

This workflow uploads a processed output file to Google Drive using the configured service account credentials.

Utility - Azure Blob and Search API

This workflow provides five reusable operations for Azure storage and search interactions. Put Azure Blob (From Variable) and Put Azure Blob (From Temporary) write documents to Azure Blob Storage from different data sources. Get Azure Blob retrieves a document from storage. Azure AI Search Index Doc submits a document to the Azure AI Search indexer. Azure AI Search Read Document queries the search index to retrieve relevant knowledge excerpts.

Utility - Azure Functions

This workflow contains the Azure Function Generate Document operation, which calls the Azure Functions endpoint to assemble a completed RFI response into a downloadable Word or Excel document.

Tool - Create Salesforce Case

This workflow contains the Create Salesforce Case operation, which creates a Salesforce case record for the submitted RFI using the intake data collected during processing.

Utilities

This workflow contains the Messages csv to JSON operation, which converts CSV-formatted message data to JSON for use in downstream operations.

Knowledge ingestion

Workflow Description
Data Upload Utility - Google Drive to Azure Blob Ingests knowledge base documents from Google Drive into Azure Blob Storage.
Data upload Utility - Confluence Pages to Azure Index Ingests Confluence wiki pages into Azure AI Search for knowledge retrieval.
Data Upload Utility - Google Drive to Azure Blob

This workflow ingests knowledge base documents from Google Drive into Azure Blob Storage. The Google Drive List Files operation retrieves all files from the configured Drive folder modified after the Google_Drive_Default_Modified_Date timestamp. The Get Google Drive Files HTTPS and HTTPS Get Google Drive File And Upload to Blob operations download each file and upload it to Azure Blob Storage for indexing. The Manual Google Drive Ingestion operation provides a manually triggered alternative entry point for on-demand ingestion.

Data upload Utility - Confluence Pages to Azure Index

This workflow ingests Confluence wiki pages into Azure AI Search. The Get Confluence Pages operation retrieves pages from the configured Confluence space modified after the Confluence_Wiki_Last_Modified_Date timestamp, applying the Confluence_Wiki_Exclude_Label filter to skip excluded pages. The Main - Load Confluence Pages operation processes each page and submits it to Azure AI Search for indexing. The Manual Confluence Ingestion operation provides an on-demand entry point for manual ingestion runs.

Trigger the project workflows

The Security RFI Agent is triggered by incoming Slack events. When a user posts a message in the channel where the Slack bot is installed, Slack sends a POST request to the agent's custom API service URL, which triggers the Slack Bot Request Handler operation and starts the RFI processing pipeline.

Before the agent can answer RFI questions, its knowledge bases must be populated. Run the knowledge ingestion workflows at least once before using the agent, and re-run them whenever knowledge base content is updated:

  • To ingest content from Google Drive, run the Manual Google Drive Ingestion operation in the Data Upload Utility - Google Drive to Azure Blob workflow.
  • To ingest content from Confluence, run the Manual Confluence Ingestion operation in the Data upload Utility - Confluence Pages to Azure Index workflow.

Troubleshooting

If you encounter issues, review the following logs for detailed troubleshooting information:

For additional assistance, contact Jitterbit support.