Docs · v1.0

Build with Praxis.

Everything you need to design business flows, provision tenants, and call the platform from your own code or an AI agent. Conversational where you want it, typed and versioned underneath.

Overview

Praxis turns plain-language intent into a typed business flow definition. From a single conversation it generates the data schema, validation rules, role-based access policies, the corresponding application views, and a test harness with sample data.

Underneath the conversation, everything is a versioned artifact. You can edit the JSON directly, diff changes, roll back, and promote between a sandbox twin and live — without losing the audit trail.

Mental model
Intent in, tenant out. A business flow definition compiles to entities, steps, forms, and permissions — all rendered into a live Operation Center at your subdomain.

Quickstart

Create a workspace from the CLI, or skip straight to the conversational onboarding. Authenticate with a tenant-admin token, then publish a definition.

shellterminal
# install and authenticate
npm i -g @praxis/cli
praxis auth login --token $PRAXIS_TOKEN

# scaffold from a sentence
praxis init "claims intake with a fraud branch"

# review, then publish to a tenant
praxis publish --tenant sole --env live

Workflow definition

A workflow is a typed document: a trigger, a set of steps, transitions between them, and the entities they touch. Praxis authors it for you, but it’s plain to read and edit.

claims-intake.workflow.jsongenerated · editable
{
  "name": "auto-claims-intake",
  "trigger": { "on": "claim.filed", "channels": ["webhook", "whatsapp"] },
  "steps": [
    { "id": "triage", "type": "ai.decision",
      "route": { "by": "sensitivity", "max_cost": 0.02 } },
    { "id": "settle", "type": "action",
      "when": "amount <= 5000", "do": "stripe.refund" },
    { "id": "escalate", "type": "human.gate",
      "assign": "@senior", "sla_hours": 4 }
  ]
}

What gets generated

  • Entity schemas and field-level validation
  • Role-based access policies per step and per field
  • Forms for any step that collects input
  • List and detail views for every output
  • A test harness seeded with sample records

Multi-tenancy

Each tenant gets a physically isolated MongoDB database. Tenancy is resolved from the request — host header or signed claim — at every boundary, so there is no code path that can read across tenants.

  • Physical DB-per-tenant isolation
  • Per-tenant secret encryption at rest (AES-256-GCM + per-tenant HKDF)
  • Append-only audit log with nightly cold-archive
  • API-key auth with peppered HMAC hashing
Honest status
Regional data-residency pinning depends on multi-cluster routing and is not yet active — a single platform cluster today. Don’t design around residency until we ship it.

Model routing

A local classifier decides, per step, whether to route to a cloud model, an open model, or your private endpoint — weighing cost, latency, and data sensitivity. You set the budget; Praxis stays inside it.

routing policy
routing:
  classify:  edge      # on-device, $0
  extract:   small     # fast, cheap
  reason:    large     # quality-critical
  pii:       edge-only # never leaves your boundary
  max_cost_per_run: 0.05

REST API

Every tenant exposes a REST API over the same definitions the UI uses. Authenticate with a bearer token scoped to the tenant.

GET/v1/entitiesList entity types
GET/v1/runs/:idInspect a workflow run
POST/v1/workflows/:name/triggerStart a run
POST/v1/entities/:typeCreate a record
trigger a runcurl
curl -X POST https://sole.praxis.app/v1/workflows/auto-claims-intake/trigger \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{ "claim": { "amount": 4200, "customer": "cus_91" } }'

Webhooks

Subscribe to run lifecycle events. Payloads are signed with HMAC-SHA256; verify the signature header before trusting a request.

  • run.started · a workflow run began
  • step.completed · a step finished, with its AI decision trace
  • run.escalated · a human gate was triggered
  • run.completed · terminal state reached

MCP server

Every tenant exposes a Model Context Protocol (2025-06-18) endpoint over JSON-RPC + SSE. Claude, ChatGPT agents, and any MCP-aware AI can call into the workspace as a tool — list entities, query workflows, read the business intent, or suggest community workflows.

Tenant-admin tokens scope an agent across all sessions; session-bound tokens scope it to a single conversation. Tokens rotate via OAuth2-style refresh with reuse-attack detection, and admins can revoke any session.

Why it matters
Praxis becomes the operations ledger external agents call into — not a competitor to them. Every agent action lands in the same audit trail as a human one.
connect an agentMCP
{
  "mcpServers": {
    "praxis": {
      "url": "https://sole.praxis.app/mcp",
      "transport": "sse",
      "auth": "bearer $PRAXIS_SESSION_TOKEN"
    }
  }
}