Architecture

Our Platform

Every application, workflow, and AI agent you run on on.it inherits the same structural guarantees — enforced by the platform, before your code runs, regardless of what your code does. These are not features you enable. They are properties of the architecture.

The next generation

agentic platform

Automation

Workflow automation with human checkpoints

Workflows that span systems, pause for human decisions, and resume exactly where they stopped.

Workflows are event-driven: a trigger fires and steps run across connected systems without manual handoff. Steps execute in sequence or in parallel; branching logic and retry handling are managed by the platform. At any designated point, the workflow pauses for a human decision — an approval, a review, a confirmation — then resumes from exactly where it stopped.

Start
Trigger
Event, schedule, or API call
Automated
Execute
Steps across connected systems
End
Complete
Outcome recorded and traceable
Human in the loop
Review & approve
Workflow pauses. Resumes on action.
Execution plan example
Trigger 1 s
Execute 1 m 14 s
·Context retrieved2 s
·Reasoning8 s
·Action executed1 m 3 s
·State persisted1 s
Review & approve
Execute 2 m 31 s
·Context updated2 s
·Reasoning12 s
·Action executed2 m 16 s
·State persisted1 s
Review & approve pending response
Complete

Identity & access

Your app, enterprise-ready. Out of the box

Deploy anything. Identity, SSO, and access control are already handled.

Without on.it, authentication has to be wired separately into every application, workflow engine, and agent you deploy — identity providers, session management, SSO federation, role enforcement, all of it, for each one. On on.it, none of that is your concern. One gateway handles authentication for everything you run on the platform, before a request ever reaches your code.

You deploy
Any application, workflow, or agent
Any framework. Any language. Any orchestration model. Your logic, nothing else.
Comes with it
Single sign-on
One login across every application in the platform, with no integration work per app.
Multi-factor authentication
Enforced at the gateway before any request reaches your application code.
Tenant isolation
Each organisation is completely separated. Requests are always scoped to the right context.
Role enforcement
Permissions resolved and attached to every request, across every resource and module.
Session lifecycle
Token issuance, silent refresh, and revocation — the full lifecycle, handled.
Audit trail
Every authentication event structured and logged. No instrumentation needed in your application.

Data isolation

Data isolation enforced below your application code

Your application code literally cannot see another tenant's data — even if it tries.

In most systems, isolation is enforced by the application: every request carries a filter, every endpoint scopes its results. When one of those checks fails — a bug, a library update, an edge case — data from another scope appears where it shouldn't. The system had no structural mechanism to prevent it.

Your request
no filter required
Scope enforced
between your code and the database
Your data only
data outside your scope doesn't exist here

We took a different approach. Each scope's data is completely separated at the foundation of the platform. The application never has access to data outside its scope — not because the code checks for it, but because from the platform's perspective, that data simply isn't there. Isolation is not a filter the application applies; it is a structural property of the platform. This holds regardless of what the application does. A missing filter, an elevated permission, or a misconfigured integration cannot produce data from a different scope.

Observability

The audit trail cannot be touched by application code

Every action is recorded in a log your application cannot reach, modify, or backfill.

Telemetry is collected at the infrastructure layer — by the platform, before and after your application code runs. Every request is traced from the entry point to the data layer. The audit trail is captured through a pipeline that application processes cannot reach or modify — every event is recorded regardless of what the application emits, searchable and replayable from a single structured log. The telemetry pipeline is write-closed to application processes: the audit trail is complete, unmodifiable, and backfill-proof.

Your application
any framework, any language
Platform telemetry
captured at infrastructure level, before and after your code runs
Audit storage
write-closed to application processes

Composability

The platform is pluggable at every layer

Add your own logic at any layer — data, business rules, or AI — without touching the others.

Most platforms offer a single extension point — usually a scripting layer or a configuration hook on top of a fixed core. on.it's plugin model runs through every layer of the stack: the data model, the business logic, and the AI layer all follow the same pattern and the same conventions. You can extend any level independently, without touching the others.

Data
Schema, collections, relationships
+ Your Plugin
Logic
Workflows, triggers, approvals
+ Your Plugin
AI
Agents, tools, memory
+ Your Plugin

Analytics

Analytics without moving data

Query your live database and your historical data together — in one SQL statement, without replication.

A federated query layer sits over your existing data sources — object storage, operational databases, external systems — reading data in place. Historical and live data are queryable together in one SQL statement; the layer is read-only and your sources remain unchanged. Dashboards live inside the platform and inherit the same scope enforcement: each user sees only what their role permits.

Object storage
Historical data
Raw files — no migration needed
Operational database
Live records
Current state, updated in real time
Federated query engine
Single SQL surface
Join across sources Read-only No replication
Analytics
Interactive dashboards
Trend analysis · Correlation views
Embedded in-platform
No separate login
Scoped to the authenticated user

Contextual AI

AI at the data layer

AI agents that read the same data your application reads — no more, no less — bounded by the same isolation rules.

AI agents connect directly to the data layer. When an agent runs, it reads structured records, event history, and real-time signals from the same sources the application uses — at query time, against live state. Scope is structural: what an agent can read is determined by the same isolation rules that govern every other request on the platform. An agent reads what the application reads — no more, no less.

Real-time signals
Event streams
High-frequency data · Live telemetry
Operational records
Structured data
Full entity context · Annotations
AI agents
Reads all sources within scope
LLM reasoning · ML models
Direct access, bounded by scope
Context loaded
  • · 90-day timesheet records
  • · active service contracts
  • · last 48 h schedule events
Capabilities
Anomaly detection
Natural language queries
Predictive insights
Auto-generated reports
Guided workflows
AI Assistant
Embedded in-platform · Context-loaded · Role-aware · No separate login

Data sovereignty

Your data stays on your infrastructure

Every component runs on infrastructure you control: on-premise or private cloud. This architecture satisfies GDPR and EU AI Act requirements, but that is a consequence of the design, not its purpose.

Zero Exposure

Secrets, credentials, and business data are managed locally. Nothing leaves your perimeter. By design, not by promise.

GDPR

Data residency and processing stay within the boundaries you define. No cross-border transfers, by design.

EU AI Act

AI systems remain auditable, explainable, and under your governance. High-risk system requirements are met out of the box.

Let's talk

Let's talk about your processes.

Tell us what you're trying to automate, connect, or understand better. No pitch deck — a real conversation about your specific situation.