IXL CORE
Documentation
AI AssistVersion 1.0

AI Assist

A shared, advisory-only AI layer the whole platform draws on — drafting proposal and contract sections today, with a metered, budget-controlled gateway that keeps every request gated, audited and firmly in the author's hands.

AI Assist is not a separate app. It is a shared capability that lives at the centre of IXL CORE and that individual modules reach into when a task benefits from a first draft or a suggestion. Rather than each module building its own connection to an AI provider, every request flows through a single platform AI gateway. The gateway owns the things that matter across the whole platform — who is allowed to ask, what context is attached, what may and may not be done with the answer, how the request is priced, and how it is recorded — so that AI behaves consistently wherever it appears.

The most important rule to understand up front is that AI Assist is advisory only. It drafts, summarises and suggests. It never approves, posts, notifies, changes a record or executes a workflow on your behalf. A person always reads, edits and decides. This guide describes IXL CORE version 1.0.

Overview

Where AI shows up today falls into two confirmed places in the product, plus the shared machinery underneath them.

  • CRM — proposal and contract section drafting. When you are writing a proposal or a contract, you can ask AI to draft or rewrite a single narrative section. This is a live, metered call through the gateway.
  • Operations — assist seam across the service desk and project work. Operations routes a set of assists (ticket summaries, suggested replies, request classification, duplicate ranking, project-health explanations, service-review narratives, meeting-action extraction and more) through the same gateway. Because Operations is designed to keep working with the AI layer switched off, each of these degrades gracefully to a deterministic, offline result when no live provider is configured.

Underneath both sits the gateway itself, which enforces permission gates, applies guardrails, attaches only the context you are entitled to see, chooses the provider, meters the cost and writes an audit record and usage log for every single request.

It is worth being explicit about what is not AI-generated. Operations status reports and service reviews produce their numeric snapshots by straightforward aggregation and are flagged ai_generated = false. A narrative can be requested for a service review through the assist seam, but the review’s figures themselves are not AI output. There is also a memory facility referenced in the request envelope; in version 1.0 it is readiness-only and disabled.

Proposal and contract drafting (CRM)

In CRM, both proposals and contracts expose an AI draft action for a single section at a time. You give the section a title, optionally paste the current body and add a short instruction, and choose whether you want a fresh draft or a rewrite of what is there. The gateway assembles a prompt from the proposal or contract (client, company, deliverables and so on), asks the provider for professional prose, and returns advisory content for you to edit before it goes anywhere.

These are the calls in the platform that request a live provider by default (the mid-tier model), so when a real key is configured they run against it and are metered; when no key is present they fall back to the internal advisory provider. The response you get back always carries an advisory_only flag and its own usage summary, so it is clear that the text is a starting point, not a finished document. Access is gated on the same permission you need to edit that proposal or contract, and a person’s edit is always the final step.

Operations status reports and service reviews

Operations treats AI as an assist seam rather than a dependency. A dedicated service maps each Operations assist to a registered AI capability and asks the gateway for an advisory completion. Crucially, it is built to degrade gracefully: when no AI provider, capability or model is active, the gateway declines and Operations returns a structured ai_unavailable result carrying a deterministic fallback computed offline — so the interface never breaks and you always have something usable, with no network required.

This is why, in version 1.0, the Operations assists are best described as wired but readiness-dependent. The seam is real and the routes exist (ticket summary and reply, classify, duplicate-rank, project health, service-review narrative, meeting actions), but whether you receive an AI answer or the deterministic fallback depends entirely on whether a provider has been switched on for your organisation. The status report and service review figures, as noted above, are deterministic aggregations regardless of provider state.

Credits, budgets and control

Because AI has a real cost, the gateway meters it — but only on one specific path, and only when your organisation is set up to be metered.

Provider selection follows a hybrid rule for each request, in order:

  1. Your own key (BYO). If your organisation has configured and enabled its own Anthropic credential, the request runs on that key and is not metered — your key, your cost.
  2. The platform key. If the platform operator’s key is configured and enabled, the request runs on it and is metered, billed to your prepaid AI credits.
  3. The internal advisory provider. If neither is available, the request falls back to an offline stub. No real spend, no failure. This is the default state, and the safety fallback whenever a live call cannot be made. A master switch can also hard-disable both live paths, forcing the stub everywhere.

On the metered (platform-key) path only, cost is controlled at two points. Before the provider is ever called, the gateway makes a conservative estimate of the maximum cost and blocks the request if your balance is too low or a monthly budget cap would be breached — you are told your budget is exhausted and asked to top up. After a call actually completes, it debits the true cost from the returned token counts, once and atomically, so a retry can never double-charge and the wallet can never be driven negative. A failed or degraded call is never charged.

Credits are prepaid, denominated as one credit to one Kenyan shilling, and topped up in Starter, Standard and Bulk packs. There is also a base monthly bundle of included AI credits. Budget caps, when set, are enforced per calendar month.

How AI Assist connects

  • Access. Every request passes the same permission gates as the rest of the platform. If you are not entitled to the underlying record or capability, the AI request is denied.
  • Context. The gateway attaches only the context you are allowed to see, and records a summary of what was included and excluded on the usage log.
  • Guardrails. Requests that ask AI to take an action — approve, reject, post, notify, create a document, execute a workflow or change a record — are blocked. Attempts to override the authenticated actor are blocked. AI output stays advisory.
  • Metering. Cost flows through the shared tenant wallet, the same wallet that meters SMS, so budgets and top-ups are managed in one place.
  • Audit. Every request — whether completed, blocked by a guardrail or metered — writes an audit record and a usage log, with a correlation identifier, so AI activity is as traceable as any other event on the platform.

In short, AI Assist gives your team faster first drafts and useful summaries where they help most, while the platform keeps a firm hand on permissions, cost and accountability — and keeps working exactly as before when AI is switched off.