Organizations

Built for Organizations

CorvinOS gives every team its own isolated AI namespace — with roles, consent management, usage quotas, and a full audit trail. Run AI for your whole company without mixing data between departments.


Architecture

What is an Organization?

An Organization (Tenant) in CorvinOS is a fully sealed namespace. Every resource, every conversation, every configuration lives inside it — completely isolated from every other organization on the same installation.

Your Organization Agents & Personas assistant · coder · research Pipelines automated workflows Data Sources PG · MySQL · SQLite Audit Log hash-chained, isolated Console + Sessions + Compliance Config roles · quotas · consent · data residency tenant: marketing-team isolated Another Organization Agents & Personas devops · reviewer · incident Pipelines CI/CD · deploys Data Sources separate DB connections Audit Log own chain, own keys Console + Sessions + Compliance Config independent settings, independent roles tenant: engineering-team
Own sessions and conversation history — never shared
Own agent configurations and personas
Own pipeline definitions and run history
Own data source connections
Own hash-chained audit log, isolated per tenant
Own compliance configuration and data residency zone

Access Control

Roles & Permissions

Every member of an organization is assigned a role that determines what they can do and how many messages they can send per day. Role changes are logged in the audit trail.

Owner

Full Control

Unlimited messages / day
  • Full access to all settings and billing
  • Manage users and assign any role
  • Configure engines, compliance zones, data residency
  • Can grant or revoke Admin, Member, Observer roles
  • Access all audit logs and compliance reports
Admin

Team Manager

500 messages / day
  • Manage agents, personas, and pipelines
  • Add and configure data source connections
  • View audit logs and quota usage
  • Manage Member and Observer accounts
  • Cannot self-promote to Owner
Member

Standard User

100 messages / day
  • Use all agents and pipelines
  • Create and trigger personal pipeline runs
  • View own quota usage via /quota
  • Consent management (/consent on | off)
  • Cannot modify org settings or user roles
Observer

Read-Only Access

No message budget consumed
  • Join and read conversations without using quota
  • Observe agent runs and pipeline outputs
  • Cannot send messages to agents
  • Suitable for auditors, stakeholders, and onboarding
  • Self-registers via /join command

EU AI Act Art. 50 + GDPR Art. 6, 7

Consent & Disclosure

CorvinOS treats consent as a structural feature, not a checkbox. Every user interaction is protected by a mandatory disclosure and an explicit, revocable, time-limited consent mechanism — built in, not bolted on.


Usage Management

Usage Quotas

Quotas give organizations predictable AI spend and fair resource distribution across team members. The design separates quota checking from recording so that failed runs never consume budget.

OwnerUnlimited
Admin500 / day
Member100 / day
ObserverNo quota consumed

Default limits. Owners can configure custom per-role limits in the console.

🔁

Resets at Midnight UTC

Quotas are counted per calendar day in UTC. Every member starts fresh each day.

🛡

Failed Runs Don't Count

The quota check and the quota record are separate. A run that fails before completion does not consume your daily budget.

📊

Self-Service Visibility

Any member can run /quota to see their current usage and remaining daily budget without contacting an admin.

Owner Always Unlimited

Organization owners have no message cap. This cannot be accidentally overridden by a per-role quota setting.


Enterprise Deployment

Running Multiple Organizations

A single CorvinOS installation can host as many organizations as needed. Each team or department gets its own sealed namespace. No shared data, no shared agents, no accidental cross-pollination.

Marketing Team

tenant: marketing
  • Content writer — blog posts, copy, campaigns
  • Social media agent — scheduling and drafts
  • Email drafter — newsletters and sequences
  • Data connection: CRM analytics DB

Engineering Team

tenant: engineering
  • DevOps helper — infra tasks and runbooks
  • Code reviewer — PR analysis and feedback
  • Incident responder — on-call triage assistant
  • Data connection: internal metrics DB
💼

Sales Team

tenant: sales
  • CRM analyst — deal pipeline and forecasts
  • Proposal writer — customized pitches
  • Meeting summarizer — call notes and follow-ups
  • Data connection: Salesforce / PostgreSQL
Need two organizations to collaborate? Cross-org work is handled through A2A Networks — a signed, audited agent-to-agent protocol that lets organizations delegate tasks to each other without breaking isolation. Each message is HMAC-verified, replay-protected, and recorded on both audit chains.

Web Console

Manage Everything from One Place

The CorvinOS web console gives organization owners and admins a single dashboard for every operational concern — from engine selection to user roles to audit search.

🔌

Engine Control

Choose which AI backend powers your organization: local Hermes (Ollama, zero egress), Claude, OpenCode, or Copilot. Set per-tenant defaults and per-chat overrides from one page.

🗄

Data Sources

Connect PostgreSQL, MySQL, or SQLite databases. Test connectivity, browse registered sources, and manage secrets — without exposing credentials to agents or the audit log.

Pipeline Builder

Create automated multi-step workflows, trigger them manually or on a schedule, monitor run status in real time, and inspect step-by-step outputs.

🔍

Audit Viewer

Search and filter the hash-chained audit log by event type, date range, user, or session. Export records for compliance reporting. Verify chain integrity with one click.

👥

User Management

View all members with their roles, current quota usage, and consent status. Grant or revoke roles, reset quotas, and check disclosure status for every user in the org.

📑

Compliance Reports

Generate GDPR Art. 30 records-of-processing summaries, EU AI Act compliance snapshots, and data residency reports — directly from the console, no CLI required.

Set up your organization in minutes

Install CorvinOS, create a tenant, and your team has a fully isolated, compliance-ready AI environment — with roles, consent management, and a tamper-evident audit trail from day one.