BackPro
Resources

Documentation.

Reference material for the technical buyer. Four guide areas, architecture, deployment, integration, identity, read as separate chapters or as one document. Detailed runbooks are released under NDA on request.

For the runbooks → contact@backpro.ai
I
Architecture
11 min read

How BackPro runs inside your firm.

BackPro is a single-tenant deployment that sits inside the client’s own cloud or VPC. There is no shared inference plane, no shared vector store, no cross-tenant data path. The architecture is built so the regulator sees one boundary and the client controls it.

Read the architecture guide
Coverage
  • Single‑tenant deployment topology
  • Inference plane: model choice per workload
  • Retrieval‑augmented generation with chunk‑level provenance
  • Vector store inside the client tenancy
  • Network egress: zero, by default
  • Failure modes and degraded‑mode behaviour
Artefacts
  • · Architecture diagram (PDF)
  • · Component inventory
  • · Data‑flow map per surface
II
Deployment
13 min read

From discovery to handover in four weeks.

BackPro deploys inside the client’s Azure, AWS, or GCP tenancy via an automated provisioning pipeline. Discovery, hardening, integration, evidence pack: the same sequence every time. The deployment is reversible: the client owns every artefact at the end.

Read the deployment guide
Coverage
  • Pre‑flight: identity, network, observability prerequisites
  • Provisioning: Terraform + Helm against the target cloud
  • Hardening: CIS benchmarks + the firm‑specific overrides
  • Integration: pulling fact‑finds, DDQs, evidence sources
  • Evidence pack: audit‑ready handover within the sprint
  • Reversibility: data export + decommissioning playbook
Artefacts
  • · Deployment runbook
  • · Terraform module reference
  • · CIS benchmark report
  • · Evidence‑pack manifest
III
Integration
12 min read

How BackPro reads, writes, and is signed off.

BackPro reads from the systems the firm already runs, SharePoint, OneDrive, Xero, the CRM, the document store, and writes back to the firm’s document of record. Integration is read‑only by default; writes are gated by a named approver and signed.

Read the integration guide
Coverage
  • Read surfaces: SharePoint / OneDrive / Dropbox / Google Drive
  • CRM connectors: Worksorted, intelliflo, Midwinter, XPLAN
  • Finance: Xero, MYOB (read‑only)
  • Identity providers: Entra ID, Okta, Google Workspace
  • Write surfaces with named‑approver gating
  • Webhook + scheduled‑job patterns
Artefacts
  • · Connector reference
  • · OAuth + service‑account setup guide
  • · Write‑approval workflow diagram
IV
Identity
10 min read

Who is allowed to do what, recorded forever.

Every action on BackPro is attributed to a person or a service account. Identity flows through the client’s existing IdP: no parallel directory, no shadow accounts. Audit logs are cryptographically signed and exportable.

Read the identity guide
Coverage
  • SSO via SAML / OIDC against client IdP
  • Role model: paraplanner, analyst, compliance officer, admin
  • Service accounts for read connectors
  • Cryptographically signed audit log
  • PII redaction in non‑prod environments
  • Session and token policies
Artefacts
  • · Identity model reference
  • · SAML / OIDC setup guide
  • · Audit‑log schema