Agent runtime
LLM workers with scoped tools, memory and policy, executed under retry, timeout and budget limits. Agents register declaratively and are versioned alongside the workflows that call them.
← Back to home01 / 01
§ PRODUCT · PLATFORM
The orchestration core,
and what runs on it.
Xophia AI is an enterprise AI orchestration platform. It runs above your existing systems and provides the runtime, connectors, identity, policy and observability needed to put AI agents into production with the same accountability as the rest of your stack.
Platform capabilities
Six surfaces, one orchestration core. Each is built to be operated, not demoed.
Connector library
Typed adapters for major ERP, CRM, banking, ticketing, accounting and tax systems (Odoo, HubSpot, Salesforce, SII, Buk, Cardda, banking APIs). Generic bridge for REST, GraphQL, SQL and Model Context Protocol servers — custom connectors land without forking the platform.
Custom MCP gateway
A single Model Context Protocol surface that lets agents reach every internal system through one auditable, policy-bound entry point. The gateway authenticates the calling agent, applies tool-level policy, and logs each invocation against the system of record.
Policy & identity
SSO via SAML 2.0 and OIDC. Role-based access enforced per resource (agents, workflows, connectors, data sources). Per-tenant data isolation. Service accounts use scoped, rotatable API keys. High-impact steps gated by configurable human approval.
Headless semantic layer
Business metrics and dimensions defined once and exposed to dashboards, agents and downstream systems through a governed API. Every numeric answer an agent returns is expandable into the underlying SQL and source rows.
Observability & audit
Full trace of every agent decision: inputs, tool calls, model output, downstream effects. Cost and latency per run, exception queues, immutable audit log exportable for compliance and reconciliation.
How it runs in your environment
Two deployment topologies, the same orchestration core.
Xophia managed cloud
Default option. Per-tenant logical isolation, encryption in transit (TLS 1.2+) and at rest (AES-256), customer-managed retention. Outbound integrations to your systems through identified service accounts.
Customer VPC
Runtime deployed inside the customer's cloud account (AWS, Azure, GCP). No execution data leaves the customer perimeter. Xophia operates the control plane; the customer owns the data plane.
§ ARCHITECTURE & INTEGRATION
Buyer FAQ
The questions that come up first in technical evaluations — answered with specifics, not slideware.
How does Xophia connect to my existing systems?
Through a typed connector library and an MCP-compatible tool registry. Xophia ships connectors for major ERPs (Odoo, SAP, NetSuite), CRMs (HubSpot, Salesforce, Pipedrive), banking and card APIs, accounting and tax systems (including Chilean SII and Buk), and exposes a generic adapter for REST, GraphQL, SQL and Model Context Protocol servers. Custom connectors can be added without forking the platform.
Does Xophia replace my CRM, ERP or BI tool?
No. Xophia is the orchestration and governance layer above those systems. It reads and writes through their APIs and keeps every action traceable back to its system of record.
How is Xophia different from a workflow tool such as n8n, Zapier or Make?
Tools like n8n are useful for technical workflow validation and developer-driven automations. Xophia is the platform an organization deploys to run governed, multi-tenant AI operations in production: agents with scoped tools and memory, role-based access, full audit, observability over cost and decisions, and reconciliation against systems of record. n8n can be used inside Xophia as one of several execution backends.
What is the headless semantic layer, and why is it part of Xophia?
Operational AI is only useful when its numeric answers are defendable. Xophia includes a headless semantic layer where business metrics and dimensions are defined once and exposed to dashboards, agents and downstream systems through a governed API. Every figure an agent returns can be expanded into the underlying SQL and source rows.
Are AI agents safe to act on production data?
Each agent runs under an explicit policy that defines which tools, data sources and write operations it can use, scoped to the calling user and tenant. Every action is logged with inputs, outputs, model decisions and downstream system effects. Approvals can be required for high-impact steps.
Where is data stored and processed?
By default in Xophia's managed cloud with per-tenant isolation, encryption in transit and at rest, and configurable retention. Customers with stricter requirements can deploy the runtime inside their own VPC; in that mode no execution data leaves the customer perimeter.
What authentication and access control does Xophia support?
SSO via SAML 2.0 and OIDC, role-based access control on a per-resource basis (agents, workflows, connectors, data sources), and per-tenant identity isolation. Service accounts use scoped API keys with rotation.
How do you avoid hallucinations on operational data?
Agents do not answer from model memory alone for operational questions. They run typed retrieval against the headless semantic layer and execute tools with structured inputs and outputs. Every numeric or factual claim returned by an agent can be expanded into the underlying tool calls and source rows.
Can humans stay in the loop?
Yes. Workflows and agents support explicit approval steps, configurable per role, per amount threshold, or per data sensitivity. Pending approvals are surfaced in the Xophia console and can be routed to email, Slack or Microsoft Teams.
See it on your stack.
Bring one operational scenario; engineering walks through how Xophia maps it to agents, connectors and policies — and a deployment estimate within 24 hours.