{
  "schema_version": "2026-05-14.leafenterprise.domo-integration.v1",
  "source_of_truth": true,
  "purpose": "Machine-readable Domo integration model for PDP, client groups, App Studio delivery, and LeafEnterprise backend enforcement.",
  "security_boundary_rule": "Client dropdown filters are UX only. Security must be enforced by Domo PDP, LeafEnterprise backend authorization, or both.",
  "domo_native_pattern": [
    "customer user receives Domo identity, SSO login, or private embed access",
    "user is assigned to a Domo group for customer/account/contract scope",
    "App Studio app, page, dashboard, or card is shared with that group",
    "underlying datasets use PDP row policies and optional column masking",
    "cards render only rows and columns the group is entitled to see"
  ],
  "dual_enforcement": {
    "domo": "PDP protects Domo-native cards and datasets.",
    "leafenterprise": "Backend authorization protects APIs, workers, generated artifacts, AI summaries, savings/audit packets, and presentation outputs."
  },
  "recovered_estate_evidence": [
    {
      "dataset": "Client Data for Reporting - Production",
      "rows": 15536561,
      "columns": 137,
      "pdp_enabled": true,
      "cards": 89,
      "source": "C:\\Users\\LoganKronforst\\Dev\\leaf-iq\\docs\\catalog\\client-dashboard-takeover-map.md"
    },
    {
      "dataset": "Client Data for Reporting",
      "rows": 15512453,
      "columns": 138,
      "pdp_enabled": true,
      "cards": 162,
      "source": "C:\\Users\\LoganKronforst\\Dev\\leaf-iq\\docs\\catalog\\client-dashboard-takeover-map.md"
    }
  ],
  "forbidden_patterns": [
    "treating a dashboard dropdown as security",
    "calling LeafEnterprise APIs from Domo without backend scope resolution",
    "publishing raw Graph URLs, Salesforce body URLs, SQL credentials, or ADLS paths",
    "letting Domo Beast Modes remain final savings math after backend takeover"
  ]
}