- Typed objects, instances & relationships
- Object/property/action-level permissions
- Versioned schema (draft/publish/rollback)
- Relationship-aware Object Explorer
- Grounds actions in real entities
- Portable — no proprietary lock-in
Give agents governed business meaning.
Cortex models your business as typed objects, instances, and relationships — then governs access down to the individual property and action. An operator can read a Claim but never its policyholder's ssn. Palantir-class semantics, no lock-in.
One cortex schema · multi-tenant isolation · deny-by-default
Document RAG knows your text. It doesn't know your business.
Embedding-only retrieval can quote a PDF, but it has no concept of a Claim, who filed it, or which Payout it triggers — and no way to hide one property from one role. Cortex gives agents a structured, governed object model so every answer and every action is grounded in real business entities, not loose passages.
Types, objects, typed links — then explore the graph.
Register object types with properties and allowed actions; create object instances; connect them with typed relationships. The Object Explorer computes the live neighborhood subgraph on demand.
- 01
Define types
Register object types — key, name, properties (jsonb), and allowedActions — as the governed schema. An object's type must exist before any instance can be created.
- 02
Create objects & links
Upsert object instances keyed by (typeKey, externalId), then connect them with typed relationships like files, triggers, belongs_to. Idempotent — safe to re-sync from live platform resources.
- 03
Explore & ground
GET /objects/:id/explore returns the neighborhood subgraph — typed nodes and relations — so agents reason over real entities, and relationship-aware retrieval beats document-only RAG.
Read a Claim. Never read the ssn.
Grants are rows of (role, type, property, access ∈ none/read/write). A type with no grants is ungoverned — full access. The moment any grant exists, that type flips to deny-by-default. A property grant overrides the type default; otherwise the property inherits it. Across a caller's roles, the most-permissive access wins.
- Type-level default + per-property override (Policyholder.ssn → none)
- Reads redact unreadable properties and set _redacted: true
- Writes without write on the type are refused with 403
- Action-level grants gate which actions a role may even propose
- v3publishedrollback → v18 types
- v2archivedadd Invoice9 types
- v1archivedbaseline8 types
Draft, publish, roll back — with full history.
Editing the object model is never silently final. Capture the live schema as a draft, publish it (archiving the prior version), or roll the live schema back to any prior version. Rollback restores from a snapshot and records a new published version — the target version is never mutated.
- Status machine: draft → published → archived, monotonic per tenant
- diffSchema reports added / removed / changed types between versions
- Publish & rollback emit OntologyVersion{Published,RolledBack} events
- Real-Time Hub can watch the events; ADR can escalate breaking changes
The ontology is the difference between a chatbot and an operator.
Document-only RAG retrieves passages. A governed ontology gives agents typed entities, relationships, per-property access, and ontology-scoped actions — the foundation Palantir built Foundry on, kept inside Cortex's Trust Layer and portable across tenants and air-gapped environments.
- Loose text passages, no entities
- All-or-nothing access to a chunk
- No schema, no change control
- No relationship traversal
- Can quote, can't act safely
- Re-embed to move it
The ontology feeds the rest of the runtime.
Action Fabric
Ontology-scoped actions run dry-run → propose → approve → execute → compensate against typed objects.
Policy-as-Code
Author allow/deny/require_approval rules that reference object types and properties.
Trust Ledger
Every object read, write, and version change lands in the hash-chained, provable audit.
Control Tower
Live ontology counts — types, objects, links, grants, current version — surface as KPIs.
Built for least-privilege data access.
Deny-by-default object and property permissions, redaction on read, and a versioned, audited schema — aligned with the data-governance controls your reviewers already expect.
Ground your agents in your business.
Give every agent a governed object model — typed, versioned, and permissioned down to the property and action.