Interactive challenge
RAG Retrieval Quality Lab
Measure retrieval recall, citation accuracy, tenant filtering, and reranking latency before generation.
Prerequisites
RAG ingestion pipeline
Guided step
Test retrieval policy
Prove retrieval uses tenant and authorization context before documents enter the prompt.
Commands
curl -sS "$RAG_API/search?tenant=team-a&q=deployment rollback"
curl -sS "$RAG_API/search?tenant=team-b&q=deployment rollback"
kubectl -n rag-system logs deploy/rag-api --tail=80
Expected signals
- Search results include tenant metadata.
- Unauthorized documents are filtered before prompt assembly.
- Logs show retrieval policy decisions without leaking prompt text.
Checks
Paste retrieval output or logs showing tenant-aware filtering.
Where should RAG authorization happen?
Hints and solution
No hints opened for this step yet.