Natural language β SQL β Answers. Now with enterprise security and user-aware permissions.
1118.mp4
π User-Aware at Every Layer β Queries automatically filtered per user permissions
π¨ Modern Web Interface β Beautiful pre-built <vanna-chat> component
β‘ Streaming Responses β Real-time tables, charts, and progress updates
π Enterprise Security β Row-level security, audit logs, rate limiting
π Production-Ready β FastAPI integration, observability, lifecycle hooks
Upgrading from 0.x? See the Migration Guide | What changed?
<!-- Drop into any existing webpage -->
<script src="https://img.vanna.ai/vanna-components.js"></script>
<vanna-chat
sse-endpoint="https://your-api.com/chat"
theme="dark">
</vanna-chat>Uses your existing cookies/JWTs. Works with React, Vue, or plain HTML.
Ask a question in natural language and get back:
1. Streaming Progress Updates
2. SQL Code Block (By default only shown to "admin" users)
3. Interactive Data Table
4. Charts (Plotly visualizations)
5. Natural Language Summary
All streamed in real-time to your web component.
- Production chat interface
- Custom agent with your database
- Embed in any webpage
User-aware at every layer β Identity flows through system prompts, tool execution, and SQL filtering Row-level security β Queries automatically filtered per user permissions Audit logs β Every query tracked per user for compliance Rate limiting β Per-user quotas via lifecycle hooks
Pre-built <vanna-chat> component β No need to build your own chat interface
Streaming tables & charts β Rich components, not just text
Responsive & customizable β Works on mobile, desktop, light/dark themes
Framework-agnostic β React, Vue, plain HTML
Any LLM: OpenAI, Anthropic, Ollama, Azure, Google Gemini, AWS Bedrock, Mistral, Others Any Database: PostgreSQL, MySQL, Snowflake, BigQuery, Redshift, SQLite, Oracle, SQL Server, DuckDB, ClickHouse, Others Your Auth System: Bring your own β cookies, JWTs, OAuth tokens Your Framework: FastAPI, Flask
Custom tools β Extend the Tool base class
Lifecycle hooks β Quota checking, logging, content filtering
LLM middlewares β Caching, prompt engineering
Observability β Built-in tracing and metrics
sequenceDiagram
participant U as π€ User
participant W as π <vanna-chat>
participant S as π Your Server
participant A as π€ Agent
participant T as π§° Tools
U->>W: "Show Q4 sales"
W->>S: POST /api/vanna/v2/chat_sse (with auth)
S->>A: User(id=alice, groups=[read_sales])
A->>T: Execute SQL tool (user-aware)
T->>T: Apply row-level security
T->>A: Filtered results
A->>W: Stream: Table β Chart β Summary
W->>U: Display beautiful UI
Key Concepts:
- User Resolver β You define how to extract user identity from requests (cookies, JWTs, etc.)
- User-Aware Tools β Tools automatically check permissions based on user's group memberships
- Streaming Components β Backend streams structured UI components (tables, charts) to frontend
- Built-in Web UI β Pre-built
<vanna-chat>component renders everything beautifully
Here's a complete example integrating Vanna with your existing FastAPI app and authentication:
from fastapi import FastAPI
from vanna import Agent
from vanna.servers.fastapi.routes import register_chat_routes
from vanna.servers.base import ChatHandler
from vanna.core.user import UserResolver, User, RequestContext
from vanna.integrations.anthropic import AnthropicLlmService
from vanna.tools import RunSqlTool
from vanna.integrations.sqlite import SqliteRunner
from vanna.core.registry import ToolRegistry
# Your existing FastAPI app
app = FastAPI()
# 1. Define your user resolver (using YOUR auth system)
class MyUserResolver(UserResolver):
async def resolve_user(self, request_context: RequestContext) -> User:
# Extract from cookies, JWTs, or session
token = request_context.get_header('Authorization')
user_data = self.decode_jwt(token) # Your existing logic
return User(
id=user_data['id'],
email=user_data['email'],
group_memberships=user_data['groups'] # Used for permissions
)
# 2. Set up agent with tools
llm = AnthropicLlmService(model="claude-sonnet-4-5")
tools = ToolRegistry()
tools.register(RunSqlTool(sql_runner=SqliteRunner("./data.db")))
agent = Agent(
llm_service=llm,
tool_registry=tools,
user_resolver=MyUserResolver()
)
# 3. Add Vanna routes to your app
chat_handler = ChatHandler(agent)
register_chat_routes(app, chat_handler)
# Now you have:
# - POST /api/vanna/v2/chat_sse (streaming endpoint)
# - GET / (optional web UI)Then in your frontend:
<vanna-chat sse-endpoint="/api/vanna/v2/chat_sse"></vanna-chat>See Full Documentation for custom tools, lifecycle hooks, and advanced configuration
Extend Vanna with custom tools for your specific use case:
from vanna.core.tool import Tool, ToolContext, ToolResult
from pydantic import BaseModel, Field
from typing import Type
class EmailArgs(BaseModel):
recipient: str = Field(description="Email recipient")
subject: str = Field(description="Email subject")
class EmailTool(Tool[EmailArgs]):
@property
def name(self) -> str:
return "send_email"
@property
def access_groups(self) -> list[str]:
return ["send_email"] # Permission check
def get_args_schema(self) -> Type[EmailArgs]:
return EmailArgs
async def execute(self, context: ToolContext, args: EmailArgs) -> ToolResult:
user = context.user # Automatically injected
# Your business logic
await self.email_service.send(
from_email=user.email,
to=args.recipient,
subject=args.subject
)
return ToolResult(success=True, result_for_llm=f"Email sent to {args.recipient}")
# Register your tool
tools.register(EmailTool())Vanna 2.0 includes powerful enterprise features for production use:
Lifecycle Hooks β Add quota checking, custom logging, content filtering at key points in the request lifecycle
LLM Middlewares β Implement caching, prompt engineering, or cost tracking around LLM calls
Conversation Storage β Persist and retrieve conversation history per user
Observability β Built-in tracing and metrics integration
Context Enrichers β Add RAG, memory, or documentation to enhance agent responses
Agent Configuration β Control streaming, temperature, max iterations, and more
Vanna is ideal for:
- π Data analytics applications with natural language interfaces
- π Multi-tenant SaaS needing user-aware permissions
- π¨ Teams wanting a pre-built web component + backend
- π’ Enterprise environments with security/audit requirements
- π Applications needing rich streaming responses (tables, charts, SQL)
- π Integrating with existing authentication systems
- π Full Documentation β Complete guides and API reference
- π‘ GitHub Discussions β Feature requests and Q&A
- π GitHub Issues β Bug reports
- π§ Enterprise Support β [email protected]
Upgrading from Vanna 0.x?
Vanna 2.0 is a complete rewrite focused on user-aware agents and production deployments. Key changes:
- New API: Agent-based instead of
VannaBaseclass methods - User-aware: Every component now knows the user identity
- Streaming: Rich UI components instead of text/dataframes
- Web-first: Built-in
<vanna-chat>component and server
Migration path:
- Quick wrap β Use
LegacyVannaAdapterto wrap your existing Vanna 0.x instance and get the new web UI immediately - Gradual migration β Incrementally move to the new Agent API and tools
See the complete Migration Guide for step-by-step instructions.
MIT License β See LICENSE for details.
Built with β€οΈ by the Vanna team | Website | Docs | Discussions
