Architecture overview

Claresia is six logical layers deployed in three topologies. This page gives the canonical mental model. Every other doc in this site refines one slice of it.

The six layers

L1 · Identity & Access L2 · Intelligence Hub L3 · Distribution Plane L4 · Telemetry Pipeline L5 · Command Center L6 · End-User Surfaces

Layer 1 — Identity & Access

Always in Claresia Cloud. WorkOS sits in front of every login. SAML 2.0 + OIDC on day one. SCIM 2.0 for user lifecycle (immediate de-provision when a user is removed in your IdP). RBAC engine assigns archetypes to roles. Audit log of every auth event. SLA: 99.99%.

Layer 2 — Intelligence Hub

Location depends on mode. The canonical org-memory store. Six record types: output, decision, governance_event, artifact, employee_profile, telemetry_event. Postgres + Row-Level Security in Modes A and B. Customer Postgres / SharePoint / Snowflake in Mode C. Every record carries a SHA-256 provenance hash over the canonical JSON.

Layer 3 — Distribution Plane

Always in Claresia Cloud. Skill IR transpilers + per-LLM admin-API publishers that push your tenant’s skill catalog into Claude Enterprise, Microsoft Copilot, ChatGPT Enterprise, and Slack. Publish lag SLO: < 60s p99. SLA: 99.9%.

Layer 4 — Telemetry Pipeline

Pull-style connectors that ingest LLM-platform audit logs into fn_telemetry_event. Modes A/B: full event details. Mode C: payloads stripped at customer side, only the envelope (skill_id, timestamp, success, latency_ms, tokens_in/out, cost_usd_estimate) reaches Claresia Cloud. Telemetry surfaces in Command Center within 5 min p95.

Layer 5 — Command Center

Always in Claresia Cloud. The IT-admin pane of glass: tenants, RBAC, skill entitlements, connectors, audit log, billing. Plus the customer-facing Onboarding Portal at onboarding.claresia.com/{tenant_slug}. SLA: 99.95%.

Layer 6 — End-User Surfaces

Live inside the customer’s LLM tenant. Microsoft Teams app (cc-067), Slack app (cc-071), Browser Extension (cc-069), Adaptive Cards (cc-068). Installed once via M365 Admin Center / Slack App Directory / Intune. Best-effort SLA — depends on the customer’s own M365 / Slack / browser estate.

The three deployment modes

Mode A

Claresia Cloud Shared

Audience: <200 seats, no residency
Time-to-value: < 24 hours
SLA: 99.5%

Mode B

Claresia Cloud Dedicated

Audience: 200–5000 seats
Time-to-value: 5 business days
SLA: 99.9%

Mode C

Customer Cloud (BYOC)

Audience: Regulated, sovereign data
Time-to-value: 2–6 weeks
SLA: 99.9% control plane

End-to-end skill invocation flow

sequenceDiagram
    autonumber
    participant U as End user (in LLM)
    participant L as LLM platform<br/>(Claude / Copilot / ChatGPT)
    participant D as Distribution Plane<br/>(Claresia Cloud)
    participant H as Hub<br/>(per-mode location)
    participant T as Telemetry Pipeline<br/>(Claresia Cloud)
    participant C as Command Center

    U->>L: @claresia.gatespic.incident-postmortem
    L-->>D: skill metadata lookup (cached)
    L->>L: invoke skill (LLM call)
    L-->>H: write `output` record (with SHA-256 provenance)
    L-->>T: emit telemetry event (envelope)
    T->>C: surface in Command Center (&lt;5 min p95)
    U->>H: click footer "View record" → hub.{tenant}.claresia.com
    Note over U,C: Manager weekly digest aggregates per-user invocations

The contract layer (why Claresia is portable)

Two cryptographically versioned contracts hold the platform together. Customers can pin specific versions; breaking changes ship behind a feature flag with a 12-month deprecation window.

Skill IR (cc-065/schema/skill-ir-v0.json)

The portable definition of any Claresia skill. The same Skill IR JSON is consumed by:

the Anthropic Distribution Plane (cc-063) → publishes as a Claude Skill
the Microsoft Distribution Plane (cc-065) → publishes as a Copilot Studio agent + Power Platform action
the OpenAI Distribution Plane (cc-070) → publishes as a Custom GPT + tool
the Slack Distribution Plane (cc-071) → publishes as a Slack slash command

See the Skill IR reference for the full schema.

Hub schema (cc-050)

Six canonical record types with byte-identical Python ⇄ TypeScript serialization. Provenance is computed by SHA-256 over the canonical-JSON form (whole-valued floats normalized to ints — this is the cc-050 contract). Cross-language fixtures (cross_language_fixtures.json) verify byte-equality.

See Hub schema reference.

Where each layer sits, per mode

Layer	Mode A	Mode B	Mode C
Identity (WorkOS)	Claresia Cloud	Claresia Cloud	Claresia Cloud
Hub	Shared Postgres + RLS	Dedicated Postgres + CMEK	Customer cloud (Postgres / SharePoint / Snowflake)
Distribution Plane	Claresia Cloud	Claresia Cloud	Claresia Cloud
Telemetry	Claresia Cloud (full payload)	Claresia Cloud (full payload)	Customer-side redaction → envelope only
Command Center	Claresia Cloud	Claresia Cloud	Claresia Cloud
End-User Surfaces	Customer LLM tenant	Customer LLM tenant	Customer LLM tenant

Architectural principles (non-negotiable)

Control plane / data plane separation. Provenance hashes co-signed across the boundary so they bind without leaking content.
Customer data never leaves customer cloud in Mode C. Period.
Zero customer code installed on day 1 for Modes A/B (API key paste + service principal grant + DNS record).
Per-tenant isolation by default. Postgres RLS keyed on app.tenant_id, per-tenant CMEK in Modes B/C, per-tenant object-storage prefix.
Cloud-agnostic. AWS / Azure / GCP all first-class, Terraform is the deployment language.
Identity is delegated. Claresia never stores customer passwords.
Auditability is total. Every privileged action emits a governance_event. Every skill invocation emits an output + telemetry_event. 7-year retention.
Backwards compatibility on the contract layer. Skill IR + Hub schema are versioned; breaking changes ship behind feature flags with 12-month deprecation.
Observability before features. OpenTelemetry traces + metrics + logs into a central Datadog/Honeycomb tenant. SLO burn-rate alerts feed status.claresia.com.
The customer is never surprised. 14 days notice for changes, 90 days for breaking changes, via Trust Center + email + in-app banner.