aiXplain AgenticOS
Platform for building, deploying, and governing mission-critical AI agents at enterprise scale — entirely within your own infrastructure.
What is aiXplain AgenticOS?
aiXplain AgenticOS is an enterprise-grade platform for building, deploying, and operating autonomous AI agents at scale. Autonomous agents reason over data, call tools, delegate to subagents, and complete multi-step tasks without manual intervention at each step. The platform is built around three principles:
Speed — go from agent design to production without infrastructure overhead. Both technical and non-technical teams can build, iterate, and deploy agents through a unified platform.
Trust — governance is enforced at runtime on every agent execution, not as a configuration layer. Agents are model-agnostic by design — swap models in minutes, with automatic prompt optimization and no disruption to tools, memory, or governance. Set up fallback models for continuity.
Sovereignty — your data, models, and agent execution stay under your control. aiXplain AgenticOS supports SaaS, Edge, and on-prem (fully private) deployments, with no dependency on any external model, tool, or infrastructure provider.
Private deployment: aiXplain AgenticOS supports on-prem and air-gapped deployments with zero outbound connectivity. See the Private deployment guide.
Architecture
Core components
| Component | Description |
|---|---|
| AgentEngine | Core orchestration layer: agent lifecycle management, planning, memory, observability, and step execution. |
| AssetServing | Registers, routes, and governs all platform assets (agents, models, tools, data) at runtime. |
| AIServices | AssetOnboarding, RetrievalEngine, Benchmark, and FineTune. |
Interfaces
| Interface | Description |
|---|---|
| aiXplain Studio | No-code visual agent designer for business users. |
| aiXplain SDK | Python SDK and REST API for programmatic agent development and integration. |
| aiXplain Marketplace | Curated catalog of 900+ AI models, tools, and integrations across vendors, accessible from Studio. |
| Bel Esprit | Conversational AI copilot built on AgenticOS. |
| aiXplain MCP | Exposes AgenticOS tools and agents to any MCP-compatible client. |
AgentEngine
The AgentEngine is the core orchestration and execution layer. It manages the full agent lifecycle from configuration through execution, coordinating planning, memory, and tool calls on every run.
Services included:
- Agent Management System (AMS) — manages agent lifecycle, configuration, and policy controls. Hosts the micro-agents (Inspector and Bodyguard) that enforce governance on every execution.
- Memory — maintains context and state across agent interactions. See Memory for full details.
- Observability — captures full execution traces and behavioral data per agent run, supporting operational monitoring and regulatory audit.
- Runtime — aiXplain's native agent execution framework. Handles reasoning, planning, tool calls, connector interactions, and model inference at each agent step.
How agent execution works:
- A request enters through aiXplain Studio, the SDK, or a REST API call.
- Authentication is verified at the platform boundary.
- The Agent Management System orchestrates execution by coordinating Memory, Runtime, and Observability as the agent plans and runs each step.
- At each step, the Runtime calls AssetServing, which routes requests to the appropriate registered assets — models, tools, databases, RetrievalEngines, or other agents.
- Inspector and Bodyguard run governance checks on every input and output.
- Every interaction is traced and logged. Outputs are returned to the calling application or client.
Memory
Memory maintains context and state across agent interactions, enabling continuity and learning across sessions.
Short-term memory
Short-term memory is session-scoped and maintains context across the turns of a single agent conversation. It is active by default and enables coherent multi-turn interactions without external state management.
Long-term memory
Long-term memory persists across sessions, enabling agents to retain knowledge, preferences, and prior interactions over time. Coming soon.
Shared memory
Shared memory is a memory store that can be accessed selectively by multiple agents. Agents can opt in to reading from or writing to a shared memory store, enabling cross-agent knowledge sharing within defined boundaries. Shared memories are created automatically during agent execution and can also be explicitly requested for insertion by the developer or agent.
Privacy and cost controls
Both short-term and long-term memory can be toggled off per agent or per session, giving you full control over privacy exposure and storage costs.
Coming soon: Long-term memory can optionally be stored in an external database scoped by user ID, for organizations that need to manage memory persistence outside the platform. Both memory types will support user-initiated edit and clear operations.
AssetServing
AssetServing manages the registration, routing, governance, and telemetry of all platform assets at runtime.
Services included:
- Registry — asset registration and discovery across the platform.
- Router — directs execution requests to the correct registered asset endpoints, with support for fallback model assignment and agent optimization.
- Governance — enforces access policies and compliance controls at the asset level.
- Telemetry — collects application logs, distributed traces, metrics, and audit events. In air-gapped deployments, all telemetry is retained locally within your network boundary.
AssetServing routes requests to any registered asset regardless of whether it resides within the AgenticOS or in your wider enterprise environment. All interactions — including those with internal databases, GPU compute nodes, and MCP-compatible tools — remain within your infrastructure perimeter.
AssetOnboarding
AssetOnboarding is the service through which all assets are registered into the platform and made available for discovery and use across agent workflows.
Supported asset types:
- Structured and unstructured data sources
- Files and documents
- Code functions and scripts
- MCP-compatible connectors and tools
- External databases (via Text-to-SQL for complex multi-table schemas)
Once registered, assets are immediately discoverable and usable by any agent in the platform, subject to RBAC and model-scoped API key controls.
AIServices
AIServices is the collection of platform services that extend AgenticOS beyond agent execution. It includes:
- AssetOnboarding — registers models, data files, code, and MCP-compatible connectors into the platform and makes them available for discovery and use across agents.
- RetrievalEngine — ingests structured and unstructured data and makes it retrievable by agents through hybrid search and GraphRAG.
- Benchmark — evaluate and compare models against your own tasks and quality criteria before assigning them to agents.
- FineTune — build and deploy custom fine-tuned models through aiXplain, with full ownership of the resulting model.
Note: Not all AIServices are available in private (on-prem/Edge) deployments. See the Private deployment guide for details on service availability.
RetrievalEngine
The RetrievalEngine transforms structured and unstructured data into agent-ready retrieval formats for grounding.
Capabilities:
- Multi-format ingestion at scale, including text, image, and audio
- Flexible embedding models and configurable chunking
- Hybrid retrieval combining vector, graph, and SQL retrieval
- GraphRAG for retrieving relevant context across complex, interconnected data sources
All ingestion and retrieval operates entirely within your network boundary.
Authentication
All access to the platform — whether through Studio, the SDK, REST APIs, or external applications — is routed through a centralized authentication layer before reaching the AgentEngine.
Capabilities:
- Role-based access control (RBAC) with Owner, Admin, and Member roles
- API keys scoped to specific LLM models with least-privilege enforcement (agent-level scoping coming soon)
- Enterprise SSO integration available on demand
- Human approval checkpoints configurable before agents run sensitive tasks or access protected data
What can you build?
| Use case | Description |
|---|---|
| Internal business process automation | Deploy agents that reason over your enterprise data, run multi-step workflows, and integrate with existing systems — entirely inside your firewall. |
| Document intelligence | Build agents that ingest, retrieve, and synthesize information from large document collections, regulatory filings, or technical archives using GraphRAG. |
| Database-aware agents | Give agents natural language access to complex relational schemas using Text-to-SQL, without exposing data outside your environment. |
| Multi-agent orchestration | Compose networks of specialized agents where each agent calls others as tools, coordinated by the Agent Management System. |
| Governed AI assistants | Deploy agents with runtime compliance enforcement (PII redaction, jailbreak detection, hallucination detection) for regulated use cases. |
| Sovereign AI platforms | Provide internal teams or customers with a paved path to build and deploy agents using approved models, shared RetrievalEngines, and enforced compliance policies. |
Security and data handling
Security is foundational to aiXplain AgenticOS, not an overlay. The platform is designed for sovereign, regulated, and security-constrained environments across every layer of the stack.
Data handling
The platform's default posture is to retain no customer data.
- Inference runs entirely in memory. Nothing is written to disk by default.
- Prompts and responses are never used for model training.
- Fine-tuned models remain fully private and are never shared with third parties.
- The only opt-in exceptions are: embeddings stored when RAG is enabled, and agent session memory when explicitly configured. Both are governed by RBAC and API key scoping.
Runtime policy enforcement
Governance is enforced actively on every agent execution by two dedicated micro-agents:
Inspector validates all inputs and outputs before responses are delivered, enforcing:
- PII redaction
- Content moderation
- Jailbreak detection
- Hallucination detection
- Citation checks
- Custom compliance policies per deployment
Inspector configurations are shareable across your organization — define a compliance policy once and enforce it across all agent deployments.
Bodyguard enforces access restrictions based on asset and action-level permissions scoped to API key and user ID, preventing unauthorized model access and disallowed operations during agent execution. Tool execution is sandboxed, ensuring security isolation between agent steps.
Security architecture summary
| Category | Capability |
|---|---|
| Data sovereignty | Full control in on-prem/Edge; no data leaves your network |
| Encryption | TLS 1.2+ in transit across all deployments; AES-256 at rest on SaaS/Edge |
| Access control | RBAC, API keys scoped to specific LLM models with least-privilege enforcement (agent-level scoping coming soon), optional enterprise SSO |
| Auditability | All API, SDK, and UI actions fully logged and traceable by asset ID, deployment version, and usage logs |
| Policy enforcement | Runtime micro-agents (Inspector + Bodyguard) on every agent execution |
| Isolation | Session-scoped, stateless execution by default; sandboxed tool execution |
| Staff access | On-prem: zero aiXplain staff access. SaaS: restricted to designated engineers under audit logs |
| Logging | INFO level by default — no customer inputs or outputs captured. Debug logging requires explicit customer authorization |
| Vendor lock-in | Vendor-agnostic: connect to any model, tool, or data source; deploy on any mode with no dependency on aiXplain infrastructure |
| BYOK | Bring Your Own Key encryption available for SaaS and Edge deployments |
| Compliance | SOC 2 Type II (SaaS); SDAIA, NCA, and GCC Data Protection (on-prem) |
Resilience
aiXplain AgenticOS is designed so that no single model, endpoint, or infrastructure dependency becomes a point of failure for your agents.
Model portability
Every agent on aiXplain AgenticOS is decoupled from its underlying LLM. The agent's logic, tools, subagents, integrations, governance policies, and memory are fully independent of the model running beneath them. Swapping the LLM powering an agent is a configuration change — not a migration.
When you swap models, the platform automatically optimizes prompts and agent configurations for the target model, preserving output quality without manual prompt engineering. What stays intact:
| Layer | Status after model change |
|---|---|
| Agent logic and tools | Fully preserved |
| Subagent relationships | Intact |
| Governance and Inspector policies | Enforced regardless of model |
| Memory and context | Retained across the swap |
| Prompt templates | Re-optimized automatically |
Fallback models
You can configure up to three fallback LLMs in priority order on any agent. If the primary model becomes unavailable, aiXplain AgenticOS automatically routes to the next validated fallback using the optimized prompt. No manual intervention required.
Multi-model agents
Different roles within the same agent can run on different models — a high-reasoning model for planning, a cost-efficient model for execution, a separate model as a Judge to validate outputs. Each subagent, tool call, and step can be independently assigned to the model best suited for that task.
Automatic prompt optimization
When a model change occurs, the platform adapts system prompt formatting, tool invocation structure, JSON schema enforcement, token budgeting, and sampling parameters for the target model. For mission-critical agents, the Evolver goes further — automatically generating, testing, and ranking prompt variants to find the optimal configuration for the new model.
Execution resilience
- Execution is stateless by default, eliminating session dependency as a failure point.
- Built-in timeouts and retry logic prevent runaway processes.
- Automatic model failover routes execution to a designated backup if a primary model underperforms or fails.
- Human-in-the-loop checkpoints can be enforced before agents run sensitive or high-risk operations.
Private deployment
aiXplain AgenticOS can be deployed entirely within your own infrastructure — including fully air-gapped environments with zero outbound connectivity. On-prem and Edge deployment modes are supported, with all data, models, logs, and telemetry remaining within your network boundary.
For architecture details, scaling, air-gapped installation, infrastructure prerequisites, and the Compute Management Service, see the Private Deployment guide.
Interfaces
aiXplain SDK (Python)
The aiXplain SDK is the primary programmatic interface for data science and engineering teams. It provides full access to the platform's agent management, asset onboarding, RetrievalEngine, and execution capabilities through Python and REST APIs.
Use the SDK to:
- Create, configure, and deploy agents programmatically
- Register models, tools, data sources, and MCP-compatible connectors
- Ingest structured and unstructured data into the RetrievalEngine
- Run agents and retrieve structured outputs or traces
- Configure triggers for scheduled or event-based agent execution (coming soon)
- Manage access control and API key scoping
- Integrate agents into external applications and pipelines
The SDK operates against the same runtime and governance layer as Studio — agents built via code are subject to the same Inspector and Bodyguard policies, telemetry capture, and RBAC enforcement.
Tip: API keys are currently scoped to specific LLM models. Generate keys with the minimum permissions required for each integration using the Console. Agent-level scoping is coming soon.
aiXplain Studio (no-code)
aiXplain Studio is the no-code visual agent designer for business users and domain experts. It enables non-technical users to build, configure, test, and refine agents through a visual interface — without writing code.
Use Studio to:
- Design agent workflows visually, connecting models, tools, RetrievalEngines, and data sources
- Configure Inspector compliance policies and Bodyguard access rules
- Test and iterate on agent behavior with built-in verification guides
- Share and reuse agents, tools, and compliance configurations across teams
Key Studio capabilities:
| Capability | Description |
|---|---|
| Visual agent designer | No-code interface for building autonomous agents and multi-agent workflows |
| Templates | Pre-built agent templates to accelerate development |
| Policy configuration | Define and share Inspector compliance policies without code |
| Validation | Step-by-step execution trace visualization per agent run for testing and debugging |
| Analytics dashboard | Monitor agent performance, cost, and access patterns; execution traces retained for 14 days (unlimited retention for Enterprise) |
| Asset browser | Discover and connect registered models, tools, integrations, RetrievalEngines, and datasets from the Marketplace |
| Workspace management | Manage users, teams, access controls, and shared assets across your organization |
| Triggers | Schedule or event-based agent execution (coming soon) |
Studio and the SDK share the same underlying runtime. An agent created in Studio can be called via the SDK, and assets registered via the SDK are immediately discoverable in Studio's asset browser.
aiXplain Marketplace
The aiXplain Marketplace is accessible directly from Studio and provides access to a curated catalog of models, tools, integrations, and data assets that can be added to your agents. Assets from the Marketplace are registered into your platform through AssetOnboarding and become immediately available across agents and the SDK.
Compliance
aiXplain AgenticOS is SOC 2 Type II certified. For on-prem and air-gapped deployments, see compliance coverage in the Private deployment guide.
Pricing and credits
- 1 credit = $1 USD
- Builder plan — pay-as-you-go via Stripe (Google Pay or credit card)
- Team plan — subscription for high-volume usage*
- Enterprise — custom pricing with SLAs and dedicated support
Direct model usage is billed at vendor rates. Deployed agents are billed at vendor rates plus a 20% service fee.
Where to get help
- Documentation — full platform docs, quick start, tutorials, and API reference
- Discord community — connect with developers and the aiXplain team
- Enterprise contact — custom deployments, dedicated support, and SLAs
Frequently asked questions
Can both technical and non-technical users work on the same deployment?
Yes. The aiXplain SDK serves data science and engineering teams, while aiXplain Studio provides a no-code interface for business users. Both operate against the same runtime and governance layer, so all agents, policies, and assets are shared across user types.
What happens to my data during inference?
By default, inference runs entirely in memory and nothing is written to disk. Prompts and responses are never used for model training. The only data persisted is opt-in: embeddings when RAG is enabled, and agent session memory when explicitly configured.
Can memory be disabled?
Yes. Both short-term and long-term memory can be toggled off per agent or per session, giving you control over privacy exposure and storage costs.
How is governance enforced?
Governance is enforced at runtime on every agent execution by two micro-agents: Inspector validates inputs and outputs for PII, jailbreaks, hallucinations, and custom compliance rules; Bodyguard enforces asset and action-level access restrictions scoped to API key and user ID.
How long are execution traces retained?
Execution traces are retained for 14 days by default. Unlimited retention is available for Enterprise deployments.
Can shared memory be controlled?
Yes. Shared memory stores are accessed selectively, and agents must explicitly opt in. Memories can be created automatically or inserted explicitly by a developer or agent. Edit and clear operations are coming soon.
Next steps
- Quick Start — start building agents.