Skip to content
New: see your fit and get a tailored quote in minutes.Try the estimator
Menu
Request a demo Sign in
Browse documentation

Core concepts

The handful of ideas the rest of the platform is built on.

A few concepts show up everywhere in IntegraCI. Learn these once and the rest of the platform reads naturally.

Tenant

A tenant is an isolated workspace. Your services, connectors, policy, and audit trail live inside it. Isolation is enforced by the database itself through row-level security, so a request that arrives without a tenant context sees nothing, and one tenant can never read another’s data. App-level scoping sits on top as a second layer.

Golden path

A golden path is a paved template for creating something the right way. Scaffolding a service from a golden path produces a repository already wired to your CI, your scanners, and a deploy target, with the guardrails in place from the first commit. Platform teams author golden paths once; everyone else follows them.

Connector

A connector integrates a tool you already run, such as a CI engine, a scanner, or a cloud. IntegraCI orchestrates and governs that tool: its credentials are sealed in a secrets store, its calls pass through policy, and its actions are recorded. A connector does not replace the tool; it brings it under governance.

Policy as code

Your rules live as versioned, tested code rather than tribal knowledge. Policy runs at two places: as gates inside pipelines, and on access to platform actions. Every decision is logged and can be replayed, so you can show not just what was allowed but why.

Governed AI

AI on the platform runs through a single governed gateway. Every model call is checked against your policy before it runs, any action that changes something pauses for a human to approve, and each connector the assistant uses gets its own scoped, short-lived credentials. The gateway records what the assistant did.

Audit trail

Platform actions are written to a tamper-evident, append-only trail. When a review comes, you export the evidence rather than reconstructing it from screenshots. Ready-made policy bundles map controls to common frameworks such as SOC 2, ISO 27001, and GDPR. The bundles help you demonstrate controls; they are not a certification.

The six pillars

Everything groups under Secure, Deliver, Operate, and Govern. The pillars are how the portal is organized and how these docs are structured, and together they cover the lifecycle from a first commit to a running, audited service.