Technology Stack
| Layer | Technology | Notes |
|---|---|---|
| Frontend framework | React + TypeScript | Single-page application; mobile-responsive; native iOS and Android apps available |
| Streaming protocol | SSE (Server-Sent Events) or WebSocket | Token-by-token response streaming from inference layer to UI |
| Session storage | Aurora Serverless v2 (PostgreSQL) | JSON session records written per exchange turn — not on session end |
| Hosting | AWS (Fargate or similar) | Same VPC as connector workers |
| Authentication | Email + password; session token | Role-based routing at login: CEO → all panels; Admin → Admin only |
| Markdown rendering | Client-side | Signal™ responses rendered as markdown on receipt |
Signal™ — Technical Specification
Query Flow
CEO types query in Signal™ input
→ POST /api/query { query, customer_id, session_id, scope_override? }
→ Vectorized retrieval: pgvector similarity search on Aurora (RLS-scoped to customer)
→ Context window assembled from top-k retrieved records
→ Inference call (self-hosted vLLM) with system prompt + context + query
→ Streaming response via SSE: token-by-token to Signal™ UI
→ Each exchange turn written as JSON to Aurora session record
→ Markdown rendered in UI as stream completesSession Persistence
Session records are written to Aurora on a per-turn basis — not at session end. This prevents data loss on browser close or network interruption. Each turn record contains the CEO query, the full model response, the retrieved context sources, and a timestamp.
signal_sessions table (Aurora, RLS-scoped) ──────────────────────────────────────────── session_id UUID customer_id UUID (RLS tenant) user_id UUID (CEO user) created_at TIMESTAMPTZ last_active_at TIMESTAMPTZ signal_turns table (Aurora, RLS-scoped) ──────────────────────────────────────────── turn_id UUID session_id UUID (FK) customer_id UUID (RLS tenant) turn_index INTEGER query TEXT response TEXT context_sources JSONB (array of source references) model_used VARCHAR created_at TIMESTAMPTZ
Default Behavior & Overrides
| Behavior | Default | Override Available |
|---|---|---|
| Channel scope | All connected channels | Yes — "check email only", "Slack only", etc. |
| Source citations | Not shown | Yes — CEO can ask for sources on any response |
| Clarifying questions | Not asked unless genuinely ambiguous | No |
| Response hedging | None — direct conclusions | No |
| Session memory | Active throughout session | No |
| Cross-session continuity | Model has Archive read access | No |
Archive — Technical Specification
Archive is a read-only view of all Signal™ sessions. It is built from the signal_sessions and signal_turns tables in Aurora, filtered to the authenticated CEO's user ID and customer RLS tenant.
- Reverse-chronological session list — sorted by
last_active_at DESC - Session preview — first query of each session, truncated at 80 characters
- Infinite scroll — paginated query with cursor-based pagination
- Session detail view — full read-only conversation thread, markdown rendered
- Model read access — the inference layer can query Archive for cross-session continuity via the same RAG retrieval path, scoped to the CEO's session history
Admin Panel — Technical Specification
Employee Roster
The roster is a JOIN across the employee_consent table and a connector-status view, grouped by employee and pivoted by channel. Each cell reflects the current enrollment and sync state for that employee × channel combination.
| Status | Indicator | Meaning |
|---|---|---|
| Connected + active | ✅ | Employee enrolled; connector syncing successfully |
| Enrollment pending | ⚠️ | Enrollment link sent; employee has not completed consent flow |
| Not connected | ❌ | Connector authorized but employee not enrolled; or connector failed |
| Not applicable | — | Platform not used by this employee |
Connector Health Dashboard
Connector health is derived from the connector framework's health monitoring layer. Each connector reports its last successful poll timestamp and current circuit-breaker state to a shared status store (DynamoDB). The Admin panel reads this store and renders status in real time.
connector_health table (DynamoDB, keyed by customer_id + platform) ────────────────────────────────────────────────────────────────── customer_id STRING (partition key) platform STRING (sort key) status STRING (green | yellow | red) last_successful_poll ISO8601 timestamp last_error STRING (nullable) error_count NUMBER stale_alert BOOLEAN (true if last_successful_poll > 12 hrs ago)
Admin Actions
- Re-send enrollment link — generates a new UUID token for the employee (previous token expires); sends via admin's distribution method
- Add employee — creates a new employee record and enrollment link; employee added to all applicable connector sync scopes
- Remove employee — marks employee as inactive; consent record preserved for audit; communications data retention per customer data policy
Role-Based Access Control
| Role | Signal™ | Archive | Admin | Assigned At |
|---|---|---|---|---|
| CEO | ✅ Full access | ✅ Full access | ✅ Full access | CEO login created at onboarding |
| Administrator | ❌ Blocked | ❌ Blocked | ✅ Full access | Designated by CEO; typically the IT admin |
Role assignment is stored in the users table in Aurora (RLS-scoped to the customer tenant). Route-level guards in the React application enforce role restrictions on the client. API endpoints enforce the same restrictions server-side — client-side guards are UI convenience only.
Full Feature Set
| Feature | Description |
|---|---|
| Multi-executive Signal™ access | Additional C-suite user accounts with per-user role scoping and separate Signal™ session history per user |
| Suggested queries / daily briefing | Proactive query prompts generated from recent data activity — "here's what changed since yesterday" |
| Admin usage analytics | Query volume per day/week; active users; connector health trends over time |
| Session export | CEO exports any Signal™ session as formatted PDF or email |
| Native iOS app | React Native; extends Signal™ to native mobile |
| Native Android app | React Native parallel build |
← Back to overview