Data Plane And Evidence Lineage¶
LeafEnterprise uses multiple source systems, but each source has a narrow authority role. The backend joins them through governed scope, packetization, and calculation contracts.
Source Roles¶
| Source | Runtime role | Authoritative for | Not authoritative for |
|---|---|---|---|
| AWS SQL Server | Current live claims/reporting source for hosted and local backend paths. | Scoped claims/audit report rows when filtered by governed run scope. | Contract guarantees, rebate claims, or unsupported cross-scope comparisons. |
| Azure SQL bronze/silver/curated | Targeted Domo takeover and curated evidence layers. | Complete promoted migration/reconciliation datasets with valid manifests and load ids. | Runtime savings math unless explicitly promoted into governed backend contracts. |
| ADLS Gen2 | Immutable storage for bronze/silver evidence, materialized files, and artifacts. | Evidence retention, replay, and packet lineage. | Direct browser access or unsanitized raw-source exposure. |
| Microsoft Graph / OneDrive | Governed contract-packet discovery and retrieval. | Exact packet candidates after deterministic promotion. | Raw download links, local paths, or final claims without resolver validation. |
| Salesforce ITR | Request intake, operator work queue, field history, files, notes, feed comments. | Request lineage and evidence-bundle context. | Final calculation truth by itself. |
| Azure AI Search / Foundry IQ | Retrieval index over governed chunks and packets. | Search and agent context over approved evidence. | Authorization to bypass source-system guardrails. |
| Domo | Legacy process evidence and reconciliation source. | Golden comparisons, edge-case fixtures, Beast Mode discovery. | Runtime savings/audit authority. |
Backend-To-Presentation Split¶
LeafEnterprise should publish minimum-necessary, scoped, dashboard-ready outputs to presentation layers. Domo can remain a live account and business-deliverable presentation layer when vendor agreements, BAA/security review, and client permissions support that use.
| Layer | Owns | Must not own |
|---|---|---|
| LeafEnterprise backend | deterministic calculations, evidence gates, source lineage, queues, artifacts, API payloads | broad unmanaged presentation access |
| Domo presentation | dashboards, account views, executive delivery, historical comparison | hidden formulas, runtime savings truth, contract/rebate authority |
Layering Contract¶
flowchart TB
Raw[Raw source systems] --> Bronze[Bronze: immutable captured evidence]
Bronze --> Silver[Silver: normalized and validated records]
Silver --> Curated[Curated: governed contracts, packets, report tables]
Curated --> API[LeafEnterprise API payloads]
API --> Dashboard[Scoped client dashboard]
API --> Workbook[Workbook/PDF deliverables]
API --> Agents[MCP and agent tools]Bronze and silver layers preserve evidence. Curated layers decide what the backend may use for report payloads, recommendations, and deliverables.
Evidence Promotion¶
Evidence can support client-facing outputs only after it passes the appropriate promotion rule:
| Evidence class | Promotion rule |
|---|---|
| Claims rows | Must match the selected run id and exact group/date/PBM/TPA scope. |
| Contract packet | Must resolve to one exact governed contract/pricing/rebate packet for the active scope. |
| Salesforce file or note | Must be mirrored, materialized, extracted, and linked into an evidence bundle. |
| Domo dataset | Must have complete source manifest, stable load id, flaw-gate status, and golden comparison purpose. |
| Search chunk | Must preserve source id, source version, content hash, sensitivity boundary, and sync run id. |
Dashboard Boundary¶
The scoped client dashboard is a consumer of LeafEnterprise-owned API payloads. It can display dashboard-ready data, but it must not recalculate savings, merge cross-client scope, or silently substitute Domo/card logic for backend calculations.