Every external tool — AI agents, automation workflows, supplier portals, test platforms — accesses your engineering data through the same fine-grained permissions and the same audit trail as a human engineer. No backdoor, no exception.
An AI agent or a script updates a component attribute directly. No review, no trace, no validation. The change propagates silently and the approved baseline no longer reflects reality.
Integrations with PLM, ERP, test platforms or supplier portals create, modify or delete items without triggering the review and approval steps your process requires.
When an external system makes a change, nobody knows which integration triggered it, why, or what was affected. The traceability chain breaks exactly where it matters most.
Most integrations run with their creator's credentials, or worse, with full admin rights. There is no clean separation between what a human can do and what an automated workflow should be allowed to do.
AI agents and external tools play by the same rules. No exception.
Koddex exposes its data model through MCP (Model Context Protocol) and a typed REST/GraphQL API. Every external client — AI agent, n8n workflow, supplier connector, test platform — connects with explicit, scoped permissions and goes through the same validation pipeline as a human user. Locked baselines stay locked. Every action is logged with the same granularity as a human edit.
Read-only, write-to-draft or full lifecycle: each external client gets exactly the access it needs and nothing more. Permissions are explicit, not inherited from a creator.
Schema constraints, required fields, type rules and lifecycle status — agents must satisfy them all. Invalid data is rejected. No silent corruption.
Locked baselines cannot be modified by any agent. Blocked attempts are logged and the configuration manager is notified. No override, no backdoor.
Every modification by an agent or external system is logged with actor identity, timestamp, old value, new value and affected dependencies. Human and machine actions live in the same audit log.
47 components created in draft status. All schema validations passed. Mass roll-ups computed automatically across 3 assembly levels.
All 47 items are in 'Draft' status. An engineer must review and promote each to 'Validated' before they can be included in any baseline.
Existing locked baselines and production configurations remain untouched. No approved item was modified.
0 items modified. The agent's write request was blocked by baseline immutability rules.
The blocked attempt is logged. The configuration manager is notified to assess whether a new revision should be created.
The locked baseline remains structurally intact. All downstream references are unaffected.
12 requirements updated from 'Not Tested' to 'Passed'. Coverage dashboard reflects the change in real time.
3 requirements changed status on items linked to a pending regulatory submission. Quality director notified for review.
All updates follow the same validation rules as manual entry. No requirement was deleted or reassigned.
Integration activity log with scoped permissions and baseline protection