What is RootCX?
RootCX is enterprise governance for every internal tool you build with AI. You build internal tools with Claude Code, Codex, Cursor, or any AI coding agent. The Core gives you a database, RBAC, audit logs, encrypted secrets, and deployment automatically. Then you deploy AI agents on top of your fleet of internal tools. The agents query data across apps, execute actions, and operate under the same access control and audit policies as human users.
The foundation is RootCX Core, a single Rust daemon that runs your entire backend. You install a skill into your AI coding agent, and it learns how to write internal tools and AI agents that run on the Core. Every tool and every agent you deploy inherits enterprise governance from day one.
The problem
AI coding agents let you build internal tools in minutes. But the tool itself is only half the job. You still need enterprise governance: authentication, role-based access control, audit logs, secret management, a database, background jobs, webhooks. You end up rebuilding the same infrastructure every time, or bolting together a dozen services that don't talk to each other.
And when you deploy AI agents into production, you need AI governance too: supervision policies that require human approval before mutations, rate limits per action, RBAC that restricts which data an agent can touch, and an immutable audit trail of every tool call it makes.
RootCX gives you all of that as a single runtime. Your AI coding agent writes the app logic. The Core handles enterprise governance and AI governance together.
What the Core provides
RootCX Core is a single Rust binary. It runs your internal tools, enforces governance, and exposes the APIs they need. One Core instance handles one tool or several hundred.
| Category | What you get |
|---|---|
| Authentication | JWT sessions with Argon2id hashing, refresh tokens, OIDC Single Sign-On (Okta, Azure AD, Google Workspace, Auth0). Password login can be fully disabled for SSO-only. |
| Role-Based Access Control | Global roles with namespaced permission keys (app:crm:contacts.read), wildcard matching, role inheritance. Enforced on every request before any SQL runs. |
| Audit Log | Immutable, trigger-based. Every INSERT, UPDATE, DELETE is captured with full before/after JSONB snapshots. No code required, no way to bypass. |
| Secret Vault | AES-256-GCM encrypted key-value store. Secrets are injected as environment variables into your backend. Plaintext never stored, never returned via API. |
| Data API | Auto-generated CRUD endpoints for every entity you declare in your manifest. No controllers, no SQL, no boilerplate. |
| Schema Sync | Change your data model, deploy again, and the Core diffs your manifest against the live PostgreSQL schema. It generates and runs the minimum DDL in a transaction. |
| Backend Processes | Isolated Bun workers supervised by the Core. Automatic crash recovery with exponential backoff. RPC handlers with a 30-second timeout. |
| Job Queue | Durable background processing backed by pgmq (PostgreSQL). Jobs survive restarts and are automatically retried. |
| Scheduled Jobs | Recurring cron schedules powered by pg_cron. Sub-minute intervals supported. Overlap detection built in. |
| Webhooks | Declare a webhook in your manifest, deploy, and get a unique URL. External services POST to it, the Core routes to your backend handler. |
| File Storage | Global buckets with RBAC permissions. Upload, organize, and share files across apps. PostgreSQL-backed (BYTEA), 64 MB max per file. |
| Channels | Connect messaging platforms (Telegram, Slack) to AI agents for conversational interfaces with account linking and session routing. |
| MCP | Auto-generated MCP tools for every app's entities. External AI tools and agents interact with your data through MCP, same RBAC enforced. |
| OIDC Provider | The Core acts as an identity provider. Your apps can authenticate users against it via standard OIDC flows. |
How you build
1. Install the CLI and sign in
curl -fsSL https://rootcx.com/install.sh | sh
rootcx initThe CLI provisions a workspace for you: database, networking, DNS, SSO. Or self-host with Docker on your own infrastructure.
2. Add the skill to your AI coding agent
npx skills add rootcx/skillsThe skill teaches your AI coding agent how to write manifests (data models, permissions), frontends (React + @rootcx/sdk), backends (Bun workers with RPC and jobs), and AI agents (LangGraph with tools and supervision). It works with Claude Code, Codex, Cursor, or any agent that supports skills.
3. Describe what you want
Tell your AI coding agent what to build in plain language:
"A CRM to manage contacts, companies, and deals with a sales pipeline. Add permission keys so managers can delete deals but reps can only read and update."
It generates the code. You review it. Deploy with:
rootcx deployYour internal tool is live. Authentication, RBAC, audit logs, the encrypted vault, the data API: all running. You wrote none of it. The Core provides enterprise governance automatically.
4. Keep iterating
Need a new feature? A webhook? An AI agent on top? Describe it, deploy again. Your internal tool grows as fast as you can describe what you need.
What you can build
Anything. From a single admin panel for one team to a full custom ERP serving hundreds of employees. RootCX handles both with the same Core, the same governance, and the same deployment model.
The simplest internal tools take minutes: a monitoring dashboard, a webhook receiver, an admin panel to manage users and secrets. The most complex ones, the kind companies usually spend millions on, work the same way: a custom CRM with contacts, companies, deals, pipelines, and role-based access per rep. A custom ERP with purchase orders, inventory tracking, multi-step approval chains, and immutable audit trails. Billing systems with Stripe webhooks and background job processing. Document workflows with version control and automated notifications.
You can deploy AI agents on top of all of it. Agents that query data across your fleet of internal tools, trigger actions, delegate tasks to other agents, and require human approval before sensitive mutations.
You can connect third-party services (Slack, email, any API) as integrations with encrypted credentials and RBAC on every action.
Every internal tool runs on the same Core. They share the same database, the same auth system, and the same permission model. That makes them a fleet, not isolated silos. One tool or several hundred, the architecture is identical.
What you own
RootCX is licensed under FSL-1.1-ALv2 (Functional Source License), which converts to Apache 2.0 after two years. You own the code your AI coding agent generates. You control where your data lives: managed cloud on RootCX, or self-hosted on your own infrastructure with Docker.
Next steps
- Getting Started to install the CLI and deploy your first internal tool.
- How it Works for the full architecture.
- Build an Application for manifest format, frontend SDK, and backend handlers.
- Build an AI Agent to deploy agents with AI governance (RBAC, supervision, audit).