Reference architecture for engineering-led IT teams.
Architect-peer detail. Named stack, not abstractions. The architecture your engineering lead needs to evaluate before procurement gets involved.
Built for 40-year engineering CIOs who DIY'd the first 80% with Power Automate, n8n, Python + Claude API. The detail below is what you'd expect from a peer review, not a marketing deck.
§1 — Component decomposition
Seven components. Each separately deployable. Each with named failure mode.
Maps onto the abstraction most operators describe: pattern to mine → handler → output destination → governance.
| Customer framing | Component | Purpose | Implementation | Failure mode |
|---|---|---|---|---|
| Pattern to mine | Intake | Subscribes to data sources (email, API, queue); identifies relevant events; deduplicates by Message-ID + content hash | Microsoft Graph subscription with delta query; fallback to scheduled poll; webhook listeners | Source unreachable → exponential backoff with operator alert at configurable threshold |
| Type of handler (parse) | Extraction | Parses content; produces per-field values with confidence scores; routes hard cases through alternate paths | Anthropic Claude Sonnet 4.6 primary (extraction + vision for hard scans); OpenAI/Gemini failover via circuit breaker | Low-confidence field flagged for review; whole-record failure routes to exception queue |
| Type of handler (enrich) | Metadata | Resolves lookup fields against authoritative sources (reference tables, ERPs) | Deterministic fuzzy-match against reference data; NOT LLM-based (ID resolution requires determinism) | No-match flags for human review (never silently autoresolved); stale reference data triggers operator alert |
| Output format | Structuring | Renders enriched record in target schema (XML / EDI / JSON) | Schema-driven template engine; schema version-pinned; validates output before emitting | Schema validation failure → exception queue; never emits invalid output downstream |
| Output destination | Handoff | Delivers structured output to your existing middleware | Adapter pattern: file drop (directory ACL), REST API (mTLS), queue (SAS token / managed identity) — your choice | Delivery failure → retry policy + DLQ + Review Surface alert; idempotency key prevents duplicate processing |
| Governance layer | Observability + Audit | Captures every system + operator action with full provenance | Structured JSON logging; append-only audit table; optional hash-chain integrity; export to SIEM (Splunk / Sentinel / syslog) | Logging backpressure → upstream services degrade gracefully; audit-table write failure halts pipeline (never process without audit) |
| Human oversight | Review Surface | Web UI for operators to review, approve, edit, reject AI-drafted outputs before they reach customers or modify systems | SvelteKit; SSO via OIDC (Entra / Okta / Google Workspace); RBAC (Operator / Reviewer / Admin / Auditor) | Review Surface down → outputs queue at Structuring; no auto-handoff without operator approval |
§2 — Trust boundaries + data classification
Three trust boundaries. Two of them you control.
| Crossing | Data | Classification | Encryption | Retention |
|---|---|---|---|---|
| Source → JieGou (intake) | Raw event content + attachments | Confidential (PII; financial data; customer-specific) | TLS 1.2+ in transit; AES-256-GCM at rest | 7 days default in processing storage; configurable to 0 beyond audit-record hash |
| Internal component → component (within JieGou perimeter) | Extraction records, enriched records, structured payloads | Confidential | TLS 1.2+ between services; AES-256-GCM at rest | Same as intake |
| Structuring → Handoff → customer middleware | Structured output payload | Confidential | Per chosen handoff (TLS for API; ACL + at-rest encryption for file drop; broker-managed for queue) | Customer-controlled post-handoff |
| Audit → customer SIEM (optional) | Audit records | Confidential | TLS in transit | Customer-controlled in SIEM |
| Operator → Review Surface | Operator approvals + edits | Confidential | TLS 1.2+; session via OIDC | Logged to audit per audit retention |
§3 — Failure modes + resilience
Ten named failure modes. Each with detection + defined behavior.
Not exhaustive. The runbook expands during early operations. These ten are what every customer asks about.
§4 — Deployment topology
Three deployment options. Same containers. Packaging change, not re-architecture.
The platform is decomposed into containerized services with no managed-cloud-specific glue. A → B or C transition is a Helm values override, not a rebuild.
§5 — What this architecture does NOT do
Explicit boundaries. The things you should not have to ask about.
- ✕ Does NOT touch your production systems (ERP, CRM, custom databases); JieGou hands off structured output to your middleware; your existing injection path takes over
- ✕ Does NOT read data sources beyond what you explicitly scope (e.g., one dedicated mailbox, one specific Slack channel) — enforced by Application Access Policy or equivalent
- ✕ Does NOT train or fine-tune ML models on your data — Anthropic, OpenAI, and Google all contractually commit (commercial API tier) to not training on customer data
- ✕ Does NOT store source content beyond the configurable processing horizon (default 7 days; configurable to 0 beyond audit record hash)
- ✕ Does NOT call LLM providers from inside your network during managed-cloud phase (Option B / C deployment changes this; calls would route from your network with your egress policy applied)
- ✕ Does NOT modify your Active Directory or Entra tenant beyond the single app registration with restricted scope (or shared-mailbox delegation if you prefer)
- ✕ Does NOT require you to provision LLM API keys, model access, or any AI-infrastructure of your own (BYOK supported optionally)
§6 — LLM architecture
Multi-provider for reliability. Not for marketing.
Anthropic Claude Sonnet 4.6 is primary for both extraction and hard-case vision tasks. Selected for: invoice/document extraction accuracy on hard-scan paths; reliable structured-output mode; strong instruction-following.
OpenAI GPT-4 (vision-capable) is fail-over for vision tasks. Google Gemini is secondary fail-over. Circuit breaker triggers on provider error rate, timeout, or latency SLO miss; routes to next provider automatically; operator alert on sustained primary-down.
What is NOT LLM-based: metadata lookup (customer ID / account ID / similar deterministic fields). These use deterministic ref-table match with fuzzy-match fallback. LLMs are non-deterministic; ID resolution requires determinism. Fuzzy threshold configurable; explicit no-match flags route to operator review.
JieGou does NOT train or fine-tune models on your data. Anthropic, OpenAI, and Google all contractually commit (commercial API tier) to not training on customer data. DPAs from all three providers available on request.
§7 — What this means in practice
This is the architecture your engineering lead can evaluate without a sales rep present.
We don't ask for trust. We ask for review. If your engineering lead reads the architecture above and identifies a specific gap, that's the discovery call conversation we want — not whether we have the right marketing slide deck.
Components are deployable to your AWS or Azure account via Helm chart or Terraform module. SOC 2 Type II is in flight; Type I attestation available under NDA. DPAs available from all three LLM providers on request. Pilot is free for 30 days, no commitment — Phase 1 ends with a measurable success-metric review and a join/walk decision on production engagement.
For engineering-led mid-market IT teams who have built the first 80% themselves and recognize what production-grade operations actually requires.
Architecture FAQ
Questions engineering leads ask before procurement.
Book a 30-min architecture review with the founder.
No deck. No demo. Your engineering lead and ours work through the architecture above with your specific stack on the screen. If we are not a fit, we will tell you who is.