AcuConnect

Local Admin — Tenant Site

Training status

Pick a target DB to see what's left.

Loading…

Quick test

Send a question through the live pipeline. Same path the public chatbot uses.

Register a target database

Paste the license key Acufy issued, enter the target DB identity (host, port, database name — must match what Acufy signed), plus the local connection credentials. The credentials are Fernet-encrypted before storage and never leave this machine. If Acufy rejects the key, nothing is saved — correct the inputs and resubmit.

AWS RDS / IAM authentication
AWS keys below are optional. Leave blank to use the host's instance role / ambient credentials (recommended on EC2 / ECS / EKS). Only fill these in when AcuConnect runs outside AWS or you need a dedicated IAM principal.

Registered target databases

Loading…

SQL Generation Hints

Domain-specific instructions injected into the SQL generator prompt. Use these to teach the LLM about coded values, preferred join paths, or business rules. Active hints ship on every chat call.

Loading…

Correction Memory

Past validator-driven fixes. The orchestrator pulls the top matches by question-embedding similarity at generation time. Remove rows that turned out to be bad corrections; the chat engine stops referencing them immediately.

Loading…

User Feedback

Thumbs-down / "Report Bad Result" submissions from end-users in the chat UI.

Loading…

Audit · Headline (last 24 h)

Loading…

Logins

Loading…

Queries

Every chat question + the SQL it generated. Tied to the user via Auth0 sub / email when available. Use the category filter to surface specific failure modes — e.g. Context length exceeded shows queries that overflowed the LLM's context window so you can decide whether to switch to a larger-context model.

Loading…

Alerts

Operator inbox for system alerts: chat error bursts (≥3 same-category errors in 5 min), admin-review-flagged audit rows, target-DB grant drift, and more. The scanner runs every 60s in chatbot-user-api; LogSink mirrors each alert to the acuconnect.alerts logger as a JSON line for downstream shipping.

Loading…

Target-DB Grant Status

Live read of target-DB SELECT permissions for the current user. Walks every (table, column) in the cached schema and asks Postgres has_column_privilege in one round-trip. This is the same probe the 15-min background loop runs — when it finds drift, it raises a grant_missing alert in the Alerts tab.

Select a target DB to probe.

User Allowlist

Empty list = everyone authenticated may chat. Add at least one entry to flip the tenant into strict mode: from then on only the listed, active identifiers may chat — everyone else gets a "not authorised" screen and a row in Audit · Logins with outcome denied_allowlist.

Loading…

Roles & Permissions

Whitelist permission model. A user with no role assigned cannot use the application when RBAC enforcement is on. Roles & assignments live in the registry; enforcement runs at SQL-generation + validation time.

Tenant admin editable. Default: "You don't have permission to use this application. Please contact your administrator."

Roles

Loading…

Effective Permissions Preview

Sanity-check what a user will actually see before flipping enforcement on.

Optional: Pull Roles from Target DB

Run a parameterised SQL against the target DB at request time to UNION extra role names with the Acufy-managed assignments above. The query must return one column named role_name; :user_email is the bound parameter.

Demo Users

Preview-customer accounts. Demo deployment posture is set by Acufy (this tenant is flagged demo). Default access duration: 14 days.

Loading…

Query Review Queue

Chat runs auto-flagged by the orchestrator when SQL couldn't answer the question (fallback + zero-row results + repeated errors). Triage and resolve them here.

Loading…

Provider Configuration

Per-target-DB LLM + embedding provider overrides. Leave a slot blank to use the server-wide defaults from .env. API keys are Fernet-encrypted before storage and never echoed back — they'll read saved after you save. Hit Revert to System Defaults to clear everything for this DB.

Loading…

Retrain

Ask the reasoning LLM to re-analyze the current schema snapshot and emit fresh generated SQL hints. Manually-added hints (source = manual) are never touched. Pull Schema first if the target DB has changed — retrain uses the latest client_schemas snapshot.

Large schemas take tens of seconds (one reasoning-LLM call per chunk). The request stays open until generation completes.

Onboarding Agent (beta)

One-shot agent-driven discovery for new tenants. Groups tables into business domains, generates hints, snapshot configs, entity-detection patterns, and sample prompts. Runs as a background job — leave the page and come back. Existing hand-tuned configs are not removed.

Pull Schema first. Best for tenants with no existing hints — runs ~30s to a few minutes depending on schema size and LLM provider.

Intelligence Prompts

Per-entity-type system prompts for the snapshot narrator. One active prompt per entity type per target DB. Inactive or missing → hardcoded defaults.

Loading…

Entity Detection Patterns

Regex patterns the orchestrator uses to classify user questions (e.g., "member 12345" → entity_type='member'). Multiple patterns per entity type allowed; higher priority active pattern wins. No active pattern for an entity_type → healthcare defaults.

Loading…

Single-Token Router

When a user types just a bare token ("1234", "FAM0001"), the deterministic pre-router probes this SQL view with the ordered rule chain below. First match wins and skips the LLM. Clearing the config disables single-token routing.

Each rule: {"column": "<col>", "match_mode": "exact"|"contains", "label": "<human label>"}. Server validates JSON + shape.

Schema Pruner Config

The pruner trims the schema sent to the SQL generator. Anchor tables always ship in the prompt. Forced companions = pairs that travel together (e.g., when claims is selected, always include claim_lines). Clearing reverts to default pruner behaviour.

Snapshot Configs

Per-entity-type SQL-as-context configs. One config per entity_type per target DB. Sections define SQL + template that render into the narrator's context block.

Loading…

Tenant Profile

Tenant-side branding (chat UI title, subtitle, accent color, sample prompts) and end-user sign-in configuration (open / shared password / Auth0). Stored only on this tenant's registry — never shared with Acufy. Changes take effect on the next chat request.

Branding

CSS hex (e.g. #1a6b7a). Leave blank for default.

Shown as quick-pick chips on the chat welcome screen.

Cache TTLs

How long answers stay cached. Lower = fresher data, more LLM cost. Higher = cheaper + faster, possibly stale. 0 = use process default (env CACHE_SHORT_TTL_SECONDS / CACHE_LONG_TTL_SECONDS). Per-tenant overrides take effect on the next chat write.

Time-relative questions ("today", "this week", "recent"). Default 300 (5 min).

Everything else. Default 900 (15 min).

Persistent cache (survives Redis restart). Default 7200 (2 h). 0 = never expires.

How long ConversationSession rows are kept before the daily cleanup deletes them. Default 30. 0 = use default. HIPAA tenants typically set 2190 (6 years).

Manual cache wipe

Clears every cached entry for this tenant database — Redis qcache, vector cache, Postgres warmed cache, and the in-process semantic template cache. Affects every active user. Next queries run cold (~5–10 s). Useful after a wrong cached result or a schema change.

HIPAA mode
OFF

When ON, every chat query is logged with full HIPAA-grade metadata (result counts, IP/UA, PHI-table tagging, hash-chained tamper evidence) and the audit log is locked under a 6-year retention floor (§164.530(j)(2)). The Audit tab requires a separate auditor account.

HIPAA enforcement is set by your Acufy license. Contact your account team to reissue.

End-user sign-in

FK Semantics

Per-foreign-key metadata: semantic role, cardinality (median/p95/max), disambig notes. Loaded conditionally per question (no global hint dilution). Generated by the fk_semantics training step; admin can override any field.

Loading…

Evaluation sets

Curated question batteries for human-in-the-loop training. Approved corrections feed the orchestrator's regression baseline.

Pick a target DB to load evaluation sets.