Documentation Index
Fetch the complete documentation index at: https://docs.uselayerup.com/llms.txt
Use this file to discover all available pages before exploring further.
24 — Reference appendix.
Reference material for technical diligence: glossary, object index, tool-pattern index, action
registry, role × permission matrix, event taxonomy, and integration / rollout checklists.
All entries are generic platform contracts.
24.1 Glossary
For full definitions, see §4. Selected entries:
| Term | Definition |
|---|
| Substrate | The platform itself; the unified plane on which agents and humans operate. |
| Plane | One of the eight horizontal layers (Experience, Reasoning, Logic, Ontology, Data, Model Gateway, Action, External SoR). |
| System of record | An external authoritative system Layerup integrates with. |
| Object | A typed business entity in the Ontology. |
| Marking | A non-bypassable label attached to data; gates access. |
| Purpose | A declared reason for accessing data; required for tool calls and human reads. |
| Decision | A typed verdict produced by an agent or human reviewer; first-class object. |
| Action | A typed intent to mutate a system of record; lives on the Action Plane. |
| AgentRun | One bounded execution of an agent against an input object. |
| EvidenceSpan | A typed citation linking a derived property or Decision back to source bytes. |
| Capability lane | A typed slot in the Model Gateway routing table. |
| PDP | Policy Decision Point; evaluates every tool call. |
| Idempotency key | Deterministic key over the action’s intent; commit at most once. |
| Drift sigma | Standard-deviation distance of current eval window from trailing baseline. |
| Replay | Reconstruction of a run given runId and ontology version. |
| Break-glass | Purpose-tagged, MFA-stepped, time-limited grant for incident response. |
24.2 Object schema index
All 28 objects of the Insurance Ontology (§5):
| # | Group | Object | Anchor |
|---|
| 1 | Parties | Insured | o-insured |
| 2 | Parties | Broker | o-broker |
| 3 | Parties | Claimant | o-claimant |
| 4 | Parties | Underwriter | o-underwriter |
| 5 | Parties | Adjuster | o-adjuster |
| 6 | Master data | Policy | o-policy |
| 7 | Master data | Coverage | o-coverage |
| 8 | Master data | Endorsement | o-endorsement |
| 9 | Underwriting | Submission | o-submission |
| 10 | Underwriting | Quote | o-quote |
| 11 | Underwriting | RiskAssessment | o-risk |
| 12 | Underwriting | Pricing | o-pricing |
| 13 | Underwriting | BindingAuthority | o-binding |
| 14 | Claims | Claim | o-claim |
| 15 | Claims | LossEvent | o-loss |
| 16 | Claims | Exposure | o-exposure |
| 17 | Claims | Reserve | o-reserve |
| 18 | Claims | Payment | o-payment |
| 19 | Workflow | Task | o-task |
| 20 | Workflow | Exception | o-exception |
| 21 | Evidence | Document | o-document |
| 22 | Evidence | EmailThread | o-email |
| 23 | Evidence | Attachment | o-attachment |
| 24 | Evidence | EvidenceSpan | o-evspan |
| 25 | Governance | Decision | o-decision |
| 26 | Governance | Action | o-action |
| 27 | Governance | AgentRun | o-agentrun |
| 28 | Governance | AuditEvent | o-audit |
| # | Pattern | Effect class | Anchor |
|---|
| 1 | Extraction | pure | tp-extraction |
| 2 | Lookup | read-external | tp-lookup |
| 3 | Validation | pure | tp-validation |
| 4 | Classification | pure | tp-classification |
| 5 | Composition | pure | tp-composition |
| 6 | Action-staging | stage | tp-action-staging |
| 7 | Approval-request | commit-low | tp-approval-request |
| 8 | Aggregation | read-internal | tp-aggregation |
| 9 | Conversion / Arithmetic | pure | tp-conversion |
| 10 | Search / Retrieval | read-internal | tp-search |
24.4 Action registry (kinds)
Tenant-specific actions inherit one of these kind families. The platform does not reserve names; tenants register kinds in the action registry.
| Family | Examples (illustrative) | Default approval mode |
|---|
| create.<object> | create.submission · create.claim · create.endorsement | scope + policy |
| update.<object>.<property> | update.policy.coverage · update.claim.status · update.exposure.reserve | scope + policy + (human gate above threshold) |
| commit.financial.<kind> | commit.financial.payment · commit.financial.refund · commit.financial.reserve | quorum (typical) |
| state.transition | state.claim.close · state.quote.bind · state.task.complete | scope + policy |
| communication.<direction> | communication.outbound.email · communication.outbound.letter | scope + content review |
| govern.<kind> | govern.exception.resolve · govern.audit.legal_hold | chain |
24.5 Role × permission matrix
Default role grants. Tenants override per their authority model.
| Role | policy.read | policy.write | uw.review | claim.read | claim.write | payment.commit | action.approve | audit.read |
|---|
| Underwriter | ✓ | (within authority) | ✓ | ✓ | — | — | (within authority) | — |
| UW Manager | ✓ | ✓ | ✓ | ✓ | — | — | ✓ | — |
| Adjuster | ✓ | — | — | ✓ | ✓ | (within authority) | (within authority) | — |
| Claims Manager | ✓ | — | — | ✓ | ✓ | ✓ | ✓ | — |
| Reviewer | ✓ | — | (read) | ✓ | — | — | (scoped) | — |
| Auditor | ✓ | — | (read) | ✓ | — | — | — | ✓ |
| Security primary | ✓ | — | — | — | — | — | — | ✓ |
| Operator (tenant) | (scoped) | — | — | (scoped) | — | — | — | — |
| Agent (intake class) | (scoped) | — | (propose only) | (scoped) | (propose only) | — | — | — |
24.6 Event taxonomy index
See §17.3 for the full taxonomy. Top-level families:
identity.* · policy.* · data.* · ontology.*tool.* · model.* · decision.* · action.*config.* · incident.* · audit.*
24.7 Integration checklist
- Identity — SSO (SAML/OIDC) bound · SCIM provisioning · MFA required · break-glass policy signed off.
- Tenancy — Region pin set · BYOK keys provisioned · DR class chosen · audit anchoring chosen.
- Ingest — Channels enabled · per-channel auth configured · dedupe keys reviewed · rate budgets set.
- Mappings — Per-source mappings authored · ontology pin set · provenance shape verified · replay sample passes.
- Tools — Tool registry populated · scopes / markings / purposes declared · contract tests in pack.
- Agents — Agent definitions reviewed · scopes minimised · budgets set · handoff queues provisioned.
- Models — Approved registry populated · region pinning enforced · no-train signal verified · evals passing.
- Action plane — SoR adapters configured · idempotency proven on contract tests · approval policies signed off · compensation paths covered.
- Security — Markings defined · RBAC + ABAC seeded · purpose taxonomy seeded · PDP latency within SLO.
- Observability — OTel collector configured · dashboards installed · alert routing set · cost attribution rolled up.
- DR — RPO/RTO class verified · DR drill scheduled · backup integrity checks run.
24.8 Production rollout checklist
- Architecture readiness — All planes deployed; contracts verified; per-plane SLOs in green for 30 days.
- Security readiness — Penetration test cleared; SOC2 / ISO controls mapped; tenant security primary signed off.
- Model readiness — All approved models passing eval gates; drift baselines stable; calibration up to date.
- Integration readiness — All adapters in green; idempotency drills passed; reversal drills passed.
- Governance readiness — Audit chain anchored; legal-hold tested; retention policy enforced.
- Production readiness — Capacity plan signed off; on-call rotations live; runbooks current; freeze windows declared.
- Rollout readiness — Canary plan approved; rollback rehearsed; tenant comms plan signed off.
This documentation specifies the platform contract. Concrete tenant configurations — specific models in each lane, specific tools, specific mappings, specific authority limits, specific retention durations — are tenant artefacts and live alongside this documentation under the tenant’s release governance.
