User Lifecycle — Feedback Evaluation
Every internal route, protocol, and service boundary for this use case. Phases 1–3 and 7 are shared platform infrastructure; the middle phases are specific to this use case.
Discovery & Frontend Delivery
Domain resolves via Cloudflare DNS with DDoS protection and geo-routing to nearest edge PoP
Static Next.js/React frontend served from Cloudflare Pages at the edge — zero origin round-trip for assets
Compressed SPA bundle delivered to browser with service worker caching for offline resilience
Authentication & SSO
Frontend initiates auth flow → Cloudflare LB routes to Runtime API Server on Operator-managed VM
Runtime redirects to configured IdP (Auth0, Azure AD, Okta) for SSO authentication
IdP returns authorization code → Runtime exchanges for tokens, creates session, assigns RBAC roles via OPA/Rego
Session token and user profile persisted to main PostgreSQL database on Azure Flexible Server
Workspace & Agent Provisioning
User creates or joins a workspace → API Server validates RBAC permissions and initiates provisioning
API starts a Temporal workflow in the org-specific namespace for durable execution with per-org isolation
Temporal schedules activities on available workers — agent environment provisioned with SSH, process management, health checks
Worker sends heartbeat signals to Temporal. On failure, Temporal retries on next available worker — zero data loss
Feedback Session Recording
Evaluator initiates a feedback session. WebRTC room created for recording the live evaluator-participant interaction
Live captions and transcription captured during the feedback session. Evaluator provides verbal feedback to participant
Complete transcript exported with speaker attribution, timestamps, and session metadata. No STT→LLM→TTS agent pipeline — this is human-to-human
Async Transcript Analysis
Evaluator uploads the transcript from the feedback session. System validates minimum content length for meaningful analysis
Dual parallel analysis: (1) Participant performance scored using the chosen grading template with configurable competencies, (2) Evaluator feedback quality assessed for clarity, specificity, and actionability
Analysis results mapped to evaluation form fields with confidence scores and direct evidence quotes from transcript
Form Auto-Fill & Report Generation · WIP
Evaluator uploads PDF/DOCX evaluation form template. Document Intelligence extracts form structure, fields, and rating scales
LLM maps competency scores and evidence to extracted form fields — generating appropriate values for each field with citations
System fills the original PDF form with mapped values (text fields, radio buttons, checkboxes). Evaluator downloads the completed evaluation form
Data Persistence & Audit
User data, workspace state, agent config, AI budgets, and RBAC roles stored in the main database
Workflow execution history, activity state, and timer schedules persisted for durable replay
Search indices for workflow discovery — enables querying by status, type, org, and custom attributes
Every user action logged to immutable cryptographic audit chain — tamper-evident, full retention
Prometheus scrapes metrics from all Runtime instances. OpenTelemetry traces span across API, Temporal, and worker boundaries