Platform Overview

AgenticWork handles the infrastructure so you can ship AI agents without building everything from scratch. This page covers how the pieces fit together.

How it works

Requests come in through clients (web UI, CLI, SDK, or direct API calls), hit the gateway for auth and rate limiting, then flow through an 11-stage pipeline that handles everything from RAG to tool execution. The pipeline routes to the right LLM provider based on the Intelligence Slider setting.

Tip: Click on diagram nodes to jump to relevant documentation. Click anywhere on the diagram to expand it.

The Chat Pipeline

Every request goes through 11 stages. This isn't arbitrary—each stage handles a specific concern, and the order matters.

What each stage does:

Stage
Purpose

1. Authentication

Validates JWT, Azure AD tokens, or API keys

2. Validation

Sanitizes input, checks user permissions

3. RAG

Pulls relevant context from the vector database

4. Memory

Loads conversation history

5. Prompt Engineering

Applies system prompts and techniques

6. MCP Tools

Finds relevant tools via semantic search

7. Message Preparation

Formats messages for the target LLM

8. Completion

Calls the LLM provider

9. Tool Execution

Runs any tools the model requested

10. Multi-Model

Routes to specialized models if needed

11. Response

Streams results back to the client

Intelligence Slider

The slider (0-100%) controls the cost/quality tradeoff. Lower values use cheaper, faster models. Higher values bring in the heavy hitters with extended thinking.

Rough cost comparison:

Tier
Slider
When to use
Relative cost

Economy

0-40%

Simple Q&A, formatting, high volume

$1

Balanced

41-60%

Code gen, analysis, research

$3-5

Premium

61-100%

Architecture, debugging, critical decisions

$10-50

Auth Flow

We use Azure AD for enterprise SSO. Here's the typical login flow:

Supported auth methods:

  1. Azure AD SSO - Enterprise single sign-on with MFA

  2. JWT Tokens - Stateless auth for API calls

  3. API Keys - For programmatic access (prefixed aw_live_ or aw_test_)

MCP Tools

The platform includes 13 MCP servers with 150+ tools. The proxy handles discovery, routing, and per-tool auth.

Data Flow

Here's how a typical request flows through the system:

Deployment

Production (Kubernetes)

Development (Docker Compose)

Security

Security features:

Feature
What it does

Azure AD SSO

Enterprise identity with MFA support

RBAC

Role-based access control

API Scopes

Per-key permission limits

Rate Limiting

Tier-based request limits

Audit Logging

Complete activity tracking

Encryption

TLS 1.3, encrypted at rest

Next steps

PreviousIntroductionNextGetting Started

Last updated