Platform Architecture

This page provides a high-level, topic-focused overview of how the Opensure platform is designed. It intentionally avoids internal implementation details so it can be safely shared and understood as a conceptual guide.

System Overview

Opensure is a multi-tenant insurance operations platform that combines:

• A web application used by brokers and operations teams.
• A secure API layer for programmatic access.
• A data layer designed for tenant isolation and auditability.
• An AI-native integration layer built around the Model Context Protocol (MCP).

Together, these pieces form a cohesive platform for modelling, automating, and operating insurance workflows from lead to renewal.

Multi-Tenancy

Multi-tenancy is at the core of the platform design:

• Tenant separation – Every customer (tenant) is logically isolated so that their data cannot be accessed by other tenants.
• Scoped operations – All reads and writes are executed in the context of the current tenant, enforced across application logic and data access.
• Auditable behavior – Changes are tracked so tenant actions can be traced and verified for compliance.

As a developer or integrator, you can assume that any tool or feature exposed by Opensure operates within the tenant boundary by default.

Security Model

Security focuses on protecting both user identities and insurance data:

• Authentication – Users authenticate with secure, session-based flows that are designed for browser-based access and extension scenarios.
• Authorization – Role- and team-aware permissions control what actions users can perform and which records they can see within a tenant.
• Data protection – Sensitive data is handled according to best practices, including segregation of highly sensitive fields, encryption, and strict access controls.
• Compliance support – Audit trails and safety checks are built into the platform to support regulatory and internal compliance requirements.

The goal is to make secure behavior the default, so product teams can focus on workflows rather than security plumbing.

API and Integration Model

The platform exposes a structured API that:

• Provides endpoints for authentication, customer and policy management, workflows, and reporting.
• Treats tenant and user identity as first-class concerns, requiring proper authentication for all operations.
• Uses consistent response and error patterns so client applications can handle success and failure uniformly.

On top of the API, Opensure provides:

• A Rule Studio for defining automation and workflow rules.
• A connectors layer that integrates with services like email and payments.
• Support for external databases so customers can keep operational data in their own infrastructure while still benefiting from Opensure’s control plane and tools.

MCP Integration

Opensure offers an MCP-compatible server that lets AI assistants interact with tenant data in a controlled way:

• Tool-centric design – Exposes core operations such as creating and updating clients and policies, listing records, and running workflows as MCP tools.
• Tenant-aware execution – Each tool call is associated with a tenant, and all data access is restricted to that tenant’s scope.
• Local-data model – The data itself lives in a database controlled by the tenant, while Opensure provides the logic and conventions that govern how tools behave.

This makes it possible for AI assistants to operate as “co-pilots” for brokers and operations teams, without centralizing all data in a single vendor-controlled database.

Performance and Reliability

The platform is designed to stay responsive and reliable under real-world workloads:

• Client-side optimizations – The web application uses techniques like code splitting and efficient state management to keep the UI fast.
• API efficiency – Endpoints are structured around pagination, indexing strategies, and clear limits to prevent misuse and manage load.
• Observability – Metrics, logging, and tracing are used to monitor system health and diagnose issues quickly.

From a developer’s perspective, this means the public APIs and interfaces are designed to remain stable and performant even as usage scales.

How to Think About the Architecture

When you’re integrating with or building on top of Opensure, it helps to think in terms of capabilities, not underlying folders or infrastructure:

• Tenant isolation – Everything you do is scoped to a tenant.
• Operations and workflows – The platform is optimized for end-to-end insurance workflows, not just CRUD over policies.
• Extensibility – Rules, connectors, and MCP tools are all extension points for automation and AI.
• Safety and governance – Security, compliance, and auditability are built into the platform and reinforced by internal processes.

If you align with these concepts, you can safely extend and integrate with Opensure without needing to know the internal implementation details or file structure.

• Vercel Analytics (frontend)
• Django logging (API)
• PostgreSQL slow query log
• Error tracking via console

Scalability

Horizontal Scaling

• Frontend: Vercel auto-scales globally
• API: Vercel serverless functions auto-scale
• Database: AWS RDS with read replicas

Vertical Scaling

• Database can scale to larger instance types
• No code changes required

Related Documentation

• Developer Setup
• Database Schema
• MCP Tools

---

Last Updated: 2025-11-08