Review the exact payload
Show old and new values, recipients, artifacts, affected records, risk, and policy reason—not just a tool name.
Onterix Actions
Reads create confidentiality risk. Writes add integrity, financial, operational, and reputational risk. Onterix is designed to make every mutation explicit before it becomes real.
“Prepare the Acme renewal brief, update the forecast, and send the customer follow-up.”
Maya asks Codex to prepare a renewal brief and update Salesforce. Onterix binds her identity, tenant, client, and exact capability versions before any source is touched.
Source labels and configured protection providers classify the assembled context. Customer PII is tokenized and restricted pricing is kept on the approved model route.
The proposed CRM change and customer email are separate transactions. Policy allows the forecast update and requires a revenue-owner approval for the external message.
Immediately before execution, Onterix rechecks policy, permissions, source revisions, and the approved payload. The result is idempotent and the full decision chain becomes evidence.
Exact-action governance
An approval is bound to the exact capability, payload, destination, source revisions, policy, and protection versions. Material change supersedes the approval.
Transaction semantics
A confirmation dialog is not an approval system. Enterprise actions need durable state, separation of duties, revision safety, and proof of what actually happened.
Show old and new values, recipients, artifacts, affected records, risk, and policy reason—not just a tool name.
Eligible reviewers are resolved through tenant roles and policy. Approval never expands what the actor could otherwise do.
Changed payload, destination, source revision, policy, ruleset, or transformation invalidates the prior decision.
Execution keys and durable state distinguish a safe retry from a second mutation, message, task, or charge.
One request, multiple transactions
“Update the opportunity and email the customer” is not one action. Onterix separates the CRM mutation from external delivery so policy can allow one, transform another, and require approval for the highest-risk consequence.
Permitted fields, current record revision, old/new values, owner authority, and idempotent mutation.
Recipients, body, attachments, inherited classification, protection decision, and separate reviewer.
One parent intent with two distinct decisions, approvals, execution states, and outcomes.
Design partner workflow
The strongest private-preview pilots begin with a concrete mutation that is valuable enough to automate and sensitive enough to require real controls.