AI Automation
LLM-driven flows, agentic conversations, scheduled jobs. Bring your own DAG, plug in Quantum AI for reasoning + sibling services as tools.
Branded as Quantum AI. Internal model stack is not exposed via this docs surface.
What it does
| Capability | API |
|---|---|
| Flows (LLM DAGs) | Visual builder + REST API. Supports llm_step nodes alongside service_call. |
| Triggers | API call, public HMAC-signed webhook, or cron schedule. |
| Agents + conversations | Reusable system-prompt + tool sets; multi-turn chat with tool use. |
| Service connections | Same shape as Orchestration — register sibling products + custom HTTP. |
| Approval gates | LLM proposes action, human approves before execution. |
| Watchers + incidents | Conditional rules over events/checks; stateful, dedup'd incidents with ack/resolve/escalate. |
| Digests | Cron-scheduled, LLM-summarized reports to email · Slack · PDF. |
| Evals | Run a prompt against a labeled input set; pass/fail metrics for prompt CI. |
| Outbound webhooks | Subscribe to flow runs, conversations, incidents, digests, evals. |
| Audit + immutability | Postgres-trigger-enforced. |
When to use it
AI Automation is right when you want:
- Summarisation of a customer's history before an analyst makes a decision.
- Classification of a free-text complaint into a routing bucket.
- Structured extraction from a conversation (e.g. dispute claims).
- Agentic workflows — LLM iteratively uses tools until it reaches a goal.
- LLM-in-the-loop with human approval — model drafts, human signs off.
Use Orchestration instead when the flow is fully deterministic and you don't need an LLM step. Use both when you want a deterministic spine with LLM-augmented leaves.
Core concepts
| Concept | What it is |
|---|---|
| Flow | A versioned DAG. Like Orchestration's workflow, with extra node types: llm_step, http_request, http_sink, webhook_emit. |
| Run | One execution of a flow. Has trigger source (API/webhook/cron), inputs, steps[], status. |
| Agent | Reusable LLM character: system prompt + tool set + model choice. |
| Conversation | Multi-turn chat session with an agent. Supports streaming. |
| Tool | A callable function exposed to an agent: a sibling endpoint, your HTTP service, or built-in. |
| Trigger | How a run starts: API call, public webhook (HMAC-verified), or cron schedule. |
Node types
In addition to all of Orchestration's node types (service_call, decision, transform, wait, webhook_emit, human_approval), AI Automation adds:
| Type | What it does |
|---|---|
llm_step | LLM completion. Templated prompt, structured output via JSON schema, optional tool use. |
http_request | Outbound HTTP to any URL (not just registered services). For ad-hoc integrations. |
http_sink | Posts the step's input to a configured URL. Convenience wrapper for "send to my service". |
Triggers
| Trigger | Use for |
|---|---|
api | Your service explicitly calls POST /api/flows/{id}/execute. |
webhook | A public URL (/api/triggers/wh/<token>) accepts HMAC-signed POSTs. Use for partner-triggered flows. |
cron | Standard 5-field cron expression. Runs on schedule with 60-second tick resolution. |
Common integration shape
Customer complaint triage (cron-triggered every 15 min)
- 1TriggerCron tick.Every 15 minutes.
- 2`service_call` (your CRM).GET `/api/tickets?status=new&since=last_seen`.
- 3`llm_step` (Quantum AI) — classify the ticket.Output schema: `{ category: enum, urgency: 1–5, summary: string }`.
- 4`decision` — branch on urgency.If `urgency >= 4` → page on-call. Else → tag ticket and continue.
- 5`service_call` (your CRM).PATCH `/api/tickets/{id}` with classification fields.
Scope naming
AI Automation scopes use a colon separator (flows:write, incidents:read) — different from AML / Identity / Anti-Fraud, which use a dot (sar.write). Both formats are accepted suite-wide for backwards compatibility, but new keys should use the form documented per-product. Mixed-format keys are fine; the gateway normalizes on parse.
Endpoints at a glance
| Group | Endpoints |
|---|---|
| Flows | GET/POST /api/flows · GET/PATCH/DELETE /api/flows/{id} · POST /api/flows/{id}/execute · POST /api/flows/{id}/rotate-webhook-secret · GET /api/flows/{id}/runs |
| Triggers | POST /api/triggers/wh/{token} (public, HMAC-signed) |
| Runs | GET /api/runs/{id} · POST /api/runs/{id}/approve · POST /api/runs/{id}/reject |
| Agents | GET/POST /api/agents |
| Conversations | GET/POST /api/conversations · GET /api/conversations/{id} · POST /api/conversations/{id}/messages |
| Watchers | GET/POST /api/watchers · GET/PATCH/DELETE /api/watchers/{id} · POST /api/watchers/{id}/test |
| Incidents | GET /api/incidents · GET /api/incidents/{id} · POST /api/incidents/{id}/ack · /resolve · /escalate · /comments |
| Digests | GET/POST /api/digests · GET/PATCH/DELETE /api/digests/{id} · POST /api/digests/{id}/run-now |
| Evals | GET/POST /api/evals · GET /api/evals/{id} |
| Service connections | GET/POST /api/service-connections |
| Cron preview | GET /api/cron-preview?expression=... |
| Webhooks | GET/POST /api/webhooks |
| API keys | GET/POST /api/api-keys |
Production considerations
A short list of things every regulated-finance client asks before going live.
| Concern | Answer |
|---|---|
| Data residency for LLM | All inference runs inside our Indonesia VPC (id-jkt-1). Customer payloads sent to the LLM never leave the region and are never used to train models. Full posture: Data residency →. |
| Model tier | One tier today: quantum-ai:default. ~8K-token context, schema-constrained JSON output, p95 inference ~2s. A :fast (cheaper, smaller) and :large (longer context) tier are on the 2026 Q4 roadmap. |
| Prompt + body limits | Request body capped at 1 MB. Per-llm_step prompt + completion cannot exceed the model's context window — outputSchema enforcement may retry up to 3× on parse failure. |
| Rate limits | Per-org default: 1,000 flow executions/min, 200 LLM inferences/min, 50 webhook trigger requests/sec. Inference quota is also enforced daily by tier — see Rate limits →. |
| Idempotency | POST /api/flows/{id}/execute accepts an idempotencyKey (any string, ≤ 256 chars). Repeated calls within 24h return the original runId instead of starting a new run. |
| Audit | Every flow execute, run approve/reject, watcher fire, digest send, eval start, conversation message is audit-logged with actor + timestamp + before/after. Retention 7 years. |
| Webhook signatures | Incoming trigger webhooks AND outgoing event webhooks both use X-Quantum-Signature: sha256=.... They use different secrets: the trigger's webhookSecret (per-flow) for inbound, the subscription's bearer secret (qe_whsec_...) for outbound. Don't reuse secret material between them. |