Skip to main content

Knowledge Backends

PraisonAI supports multiple knowledge storage backends through a protocol-driven architecture. This allows you to choose the best backend for your use case while maintaining a consistent API.

Available Backends

Agent-First Usage

The recommended way to use knowledge is through the Agent API:

Scope Identifiers

Knowledge backends support three scope identifiers for multi-tenant isolation:
The mem0 backend requires at least one scope identifier. If none is provided, operations will fail with a ScopeRequiredError.

Example with Scope

Combining Multiple Scopes

Combine user_id, agent_id, and run_id to isolate knowledge down to a specific session for a specific agent and user.
You can also use the direct API for more control:
When you pass more than one scope identifier, PraisonAI automatically combines them using ChromaDB’s $and operator. A single identifier is passed through unchanged. You don’t need to write the $and yourself.
All provided identifiers are required to match (logical AND). Omit an identifier to broaden the scope on that dimension.
Multi-tenant SaaS application flow:
  • Per-customer isolation → set user_id
  • Per-agent isolation (e.g. SupportBot vs. SalesBot share infra but not data) → also set agent_id
  • Per-conversation isolation (e.g. ephemeral session memory) → also set run_id

Identifier Naming Rules

SQL/CQL backends (PGVector, SingleStore, Cassandra) enforce strict identifier validation for security. Collection names and related identifiers must match the pattern [A-Za-z0-9_]+ to prevent SQL injection attacks.

Affected Fields

mem0 and chroma backends are not affected by these restrictions. They accept any valid string identifiers.

Passing Examples

Failing Examples

Security Context

This validation was added in PraisonAI 4.6.34 to address GHSA-3643-7v76-5cj2 (SQL identifier injection). Previously, user-controlled collection names were interpolated directly into SQL DDL/DML statements. For more details, see the security advisory.

Direct Knowledge API

For advanced use cases, you can use the Knowledge class directly:

Normalization Guarantees

PraisonAI normalizes all backend results to ensure consistent behavior:
  • metadata is ALWAYS a dict (never None)
  • text field is always present (mapped from memory for mem0)
  • score is always a float (defaults to 0.0)
This means you can safely access metadata without null checks:

Protocol-Driven Architecture

All backends implement the KnowledgeStoreProtocol:

Configuration Options

mem0 Backend (Default)

Chroma Backend

Error Handling

Best Practices

  1. Always provide scope identifiers for mem0 backend
  2. Use user_id for user-specific data (multi-tenant apps)
  3. Use agent_id for shared agent knowledge (company policies, FAQs)
  4. Use run_id for ephemeral session data (conversation context)
  5. Prefer Agent API over direct Knowledge API for most use cases