Spaces:
Sleeping
Sleeping
IntegraChat β Enterprise MCP Autonomous Agent Platform
Track: MCP in Action
Category: Enterprise
Tag: mcp-in-action-track-enterprise
π Table of Contents
- Overview
- Quick Start
- Features
- Conversation Memory System
- Role-Based Access Control (RBAC)
- Installation & Setup
- Usage
- API Endpoints
- Architecture
- Supabase Setup & Migration
- Troubleshooting
- Testing & Diagnostics
- Technical Stack
- License
Overview
IntegraChat is an enterprise-grade, multi-tenant AI platform that demonstrates the full capabilities of the Model Context Protocol (MCP) in a production-style environment. Built with enterprise governance and observability in mind, IntegraChat combines autonomous tool-using agents, RAG retrieval, live web search, and admin compliance under strict tenant isolation.
This platform showcases how MCP can power intelligent, governed, multi-tenant AI systems with real-time analytics, regex-based red-flag detection, and comprehensive tool orchestration.
π Quick Start
Windows Users
# 1. Install dependencies
pip install -r requirements.txt
# 2. Configure environment (copy and edit .env)
cp env.example .env
# Edit .env with your credentials (Supabase, LLM, etc.)
# 3. Start all services
start.bat
Manual Setup
# 1. Install dependencies
pip install -r requirements.txt
# 2. Configure environment
cp env.example .env
# Edit .env with your credentials
# 3. Start FastAPI backend (Terminal 1)
uvicorn backend.api.main:app --port 8000 --reload
# 4. Start unified MCP server (Terminal 2)
python backend/mcp_server/server.py
# 5. Start Gradio UI (Terminal 3)
python app.py
Then access:
- Gradio UI:
http://localhost:7860 - FastAPI Docs:
http://localhost:8000/docs
Security Note: REST requests that hit protected endpoints must include both
x-tenant-idandx-user-roleheaders. Roles (viewer,editor,admin,owner) determine which actionsβsuch as document ingestion, rule uploads, or analytics accessβthe caller may perform.
Features
Core Capabilities
- π€ Autonomous Multi-Step MCP Agents β Intelligent tool-aware agent that plans and executes multi-step workflows across RAG, Web, Admin, and LLM tools with short-term conversation memory
- π Short-Term Conversation Memory β Automatic memory system that stores the last N tool outputs per session with configurable expiration (default: 10 outputs, 15 minutes TTL). Memory is keyed by session_id (not tenant_id) for safety, enabling better context awareness in multi-step workflows. Memory is automatically injected into tool payloads and cleared on session end.
- π Enhanced Knowledge Base Management β Upload raw text, URLs, or documents (PDF/DOCX/TXT/MD) with rich metadata (source URL, timestamp, document type) and optimized chunking (400-600 tokens)
- π€ AI-Generated KB Metadata β Automatic extraction of title, summary, tags, topics, date, and quality score during document ingestion. LLM-powered with intelligent fallback when unavailable - uses keyword extraction and pattern matching to provide useful metadata even during timeouts
- π Optimized RAG Search with Cross-Encoder Re-ranking β Two-stage retrieval: initial vector search followed by cross-encoder re-ranking of top candidates using
cross-encoder/ms-marco-MiniLM-L-6-v2for massive accuracy improvement. Semantic search with configurable similarity threshold (default 0.3) for better recall - β‘ Per-Tool Latency Prediction β Agent estimates expected latency before choosing tools (RAG: 60-120ms, Web: 400-1800ms, Admin: <20ms) to optimize tool selection and choose the fastest path
- π§ Context-Aware MCP Routing β Intelligent tool selection based on previous outputs: skip web search if RAG returns high score (β₯0.8), skip agent reasoning for critical admin violations, skip RAG if relevant memory already available. Leads to more sophisticated behavior and higher scores
- π Tool Output Schemas β Every tool returns strict JSON type schemas for easier debugging, cleaner reasoning, and more polished responses. Automatic schema validation and formatting
- ποΈ Document Management β Delete individual documents or bulk delete all documents for a tenant with confirmation dialogs
- π‘οΈ Enterprise Admin Governance β Advanced rule management system with:
- Regex-based red-flag pattern matching with severity levels (low/medium/high/critical)
- Automatic admin alerts for violations
- LLM-Enhanced Rules: Rules are automatically analyzed and enhanced to identify edge cases, improve regex patterns, and suggest appropriate severity levels
- LLM-Guided Rule Explanations: Automatic generation of human-readable explanations, concrete examples, and missing pattern suggestions. Includes intelligent fallback when LLM is unavailable - uses keyword extraction to provide useful explanations even during timeouts
- File Upload Support: Upload rules from TXT, PDF, DOC, or DOCX files with drag-and-drop interface
- Chunk Processing: Large rule sets processed in manageable chunks (5 rules at a time) to prevent timeouts
- Rule-Based Behavior Control: Rules checked FIRST - brief response rules return quick answers, blocking rules prevent requests
- Comment Filtering: Comment lines (starting with #) automatically ignored when uploading rules
- Supabase Integration: Rules stored in Supabase for production scalability (with SQLite fallback)
- π Comprehensive Analytics & Observability β Full tenant-level analytics logging with Supabase backend (SQLite fallback for local dev):
- Tool usage breakdown (RAG, Web, Admin, LLM) with latency and token tracking
- RAG recall/precision indicators (average hits, scores, top scores)
- Per-tenant query volume and active users
- Red-flag violations with timestamps and confidence scores
- LLM token logs and latency metrics
- Real-Time Visualizations: Reasoning path visualizer, tool invocation timeline, and tenant activity heatmap
- π Live Web Search β Google Programmable Search (Custom Search API) with tenant-aware MCP tooling
- π’ Multi-Tenant Isolation β Complete tenant isolation with centralized tenant ID management; backend enforces strict isolation for chat, ingestion, and admin ops
- π Fine-Grained Role-Based Access Control (RBAC) β Four-tier role system (viewer, editor, admin, owner) with backend permission enforcement
- π Intelligent Multi-Tool Orchestration β MCP agent orchestrator autonomously selects optimal tool chains (RAG + Web + LLM, etc.) based on query intent, context, latency predictions, and previous tool outputs. Context-aware routing enables sophisticated tool skipping for efficiency
- β‘ Robust Error Handling β Structured error responses, retry mechanisms, and graceful fallbacks (e.g., if RAG fails β fallback to LLM-only)
- π‘ Streaming Responses β Chat responses stream character-by-character using Server-Sent Events (SSE) for real-time user experience
- π― Rule-First Processing β Admin rules checked before intent classification - rules can trigger brief responses or block requests entirely
- π§ Advanced Context Engineering β Implements Anthropic's context engineering strategies:
- High-Fidelity Compaction: Automatically compresses conversations at 80% token threshold, preserving architectural decisions and unresolved issues
- Tool Result Clearing: Safest form of compaction - removes large tool outputs while keeping metadata
- Structured Note-Taking: Tracks objectives, architectural decisions, and unresolved issues outside context window
- XML-Structured Prompts: All prompts use clear XML sections for better model understanding
- Just-in-Time Context Loading: Selects only relevant memories and tools for each query
- Progressive Disclosure: Agents discover context incrementally through exploration
Enterprise Features
- π Regex-Based Red-Flag Detection β Support for complex regex patterns with keyword fallback and semantic scoring
- π€ LLM-Enhanced Rule Management β Rules automatically enhanced by LLM to identify edge cases, improve patterns, and suggest severity levels. Includes intelligent fallback explanations when LLM is unavailable - uses keyword extraction to generate useful explanations, examples, and pattern suggestions even during timeouts
- π File Upload & Drag-and-Drop β Upload rules from files (TXT, PDF, DOC, DOCX) with intuitive drag-and-drop interface
- β‘ Chunk-Wise Processing β Large rule sets processed in chunks to prevent timeouts and ensure reliable processing
- π Real-Time Analytics Dashboard β Per-tenant analytics with configurable time windows (7, 30, 90 days)
- π οΈ Admin API Endpoints β
/admin/violations,/admin/tools/logs,/admin/tenantsfor comprehensive governance - π§ Agent Debug & Planning β
/agent/debugand/agent/planendpoints for observability and tool selection inspection - πΎ Persistent Analytics Storage β Supabase-backed analytics store (with automatic SQLite fallback) for fast, multi-tenant queries
- ποΈ Supabase Integration β Production-ready Supabase support for admin rules with automatic table creation
- π Real-Time Visualization Components β Interactive visualizations for agent reasoning, tool execution, and tenant activity:
- Reasoning Path Visualizer: Step-by-step visualization of agent decision-making with animated progression
- Tool Invocation Timeline: Visual timeline showing tool execution order, latency, and result counts
- Tenant Activity Heatmap: Query activity heatmap and per-tool usage trends over time
Conversation Memory System
IntegraChat includes a short-term conversation memory system that enhances multi-step workflows by maintaining context across tool calls:
- Automatic Storage: Every tool output is automatically stored in memory for the session
- Bounded Size: Keeps only the last N tool outputs (configurable via
MCP_MEMORY_MAX_ITEMS, default: 10) - Auto-Expiration: Entries automatically expire after a configurable TTL (via
MCP_MEMORY_TTL_SECONDS, default: 900 seconds / 15 minutes) - Session-Based: Memory is keyed by
session_id(nottenant_id) for safety and isolation - Automatic Injection: Recent memory is automatically injected into tool payloads as a
memoryfield for multi-step workflows - Session Clearing: Memory can be explicitly cleared by sending
end_session: trueorendSession: truein the payload
Usage Example:
{
"tenant_id": "acme",
"session_id": "chat-abc-123",
"query": "Search for X"
}
Subsequent tool calls with the same session_id will receive a memory field containing recent tool outputs, enabling tools to make context-aware decisions in multi-step workflows.
Configuration:
MCP_MEMORY_MAX_ITEMS: Maximum number of tool outputs to keep per session (default: 10)MCP_MEMORY_TTL_SECONDS: Time-to-live for memory entries in seconds (default: 900)
Role-Based Access Control (RBAC)
IntegraChat implements fine-grained role-based access control (RBAC) for backend API endpoints. This ensures that users can only access features appropriate for their role level.
Roles
The system supports four roles with increasing privileges:
viewer (default) - Basic read-only access
- Can use chat functionality
- Cannot ingest documents
- Cannot delete documents
- Cannot view analytics
- Cannot manage admin rules
editor - Content management access
- Can use chat functionality
- β Can ingest documents (upload, paste, URLs, files)
- β Cannot delete documents
- β Cannot view analytics
- β Cannot manage admin rules
admin - Administrative access
- Can use chat functionality
- β Can ingest documents
- β Can delete documents
- β Can view analytics
- β Can manage admin rules
owner - Full system access
- Same permissions as admin (highest privilege level)
Permission Matrix
| Action | viewer | editor | admin | owner |
|---|---|---|---|---|
| Chat Bot | β | β | β | β |
| Ingest Documents | β | β | β | β |
| Delete Documents | β | β | β | β |
| View Analytics | β | β | β | β |
| Manage Rules | β | β | β | β |
Backend RBAC
Backend API endpoints enforce RBAC through the x-user-role header:
# Permission matrix in backend/mcp_server/common/access_control.py
PERMISSIONS = {
"manage_rules": {"owner", "admin"},
"ingest_documents": {"owner", "admin", "editor"},
"delete_documents": {"owner", "admin"},
"view_analytics": {"owner", "admin"},
}
Protected Endpoints:
/admin/rules- Requiresadminorownerrole/rag/ingest*- Requireseditor,admin, orownerrole/rag/delete*- Requiresadminorownerrole/analytics/*- All roles can view (viewer, editor, admin, owner)
Role Propagation: The user role is automatically propagated through the entire request pipeline:
- Client sends
x-user-roleheader - Backend API route receives and validates role
- Role is passed to service layer (
process_ingestion(), etc.) - Service layer passes role to MCP clients
- MCP clients include role in payload to MCP server
- MCP server extracts role and enforces permissions
Example Request:
curl -X POST "http://localhost:8000/admin/rules" \
-H "Content-Type: application/json" \
-H "x-tenant-id: tenant123" \
-H "x-user-role: admin" \
-d '{"rule": "Do not share passwords"}'
If the role lacks permission, the API returns 403 Forbidden with a descriptive error message that includes:
- Which role was used
- Which roles are allowed for the action
- Instructions to change role in the UI
Using RBAC
- Set Role: Include
x-user-roleheader in API requests with one of:viewer,editor,admin, orowner - Verify Permissions: Backend enforces role-based access automatically
- Error Handling: API returns
403 Forbiddenwith clear error messages when role lacks required permissions
Real-Time Visualization Features
IntegraChat includes three powerful visualization components that provide real-time insights into agent behavior and system activity:
1. Reasoning Path Visualizer
- What it shows: Step-by-step visualization of how the agent makes decisions
- Features:
- Animated progression through reasoning steps
- Status indicators (pending, running, completed, error)
- Detailed metrics per step (latency, hit counts, token estimates)
- Visual icons for each step type
- Where to find it:
- Gradio app: Debug & Reasoning tab
- Data source:
reasoning_tracefrom agent responses
2. Tool Invocation Timeline
- What it shows: Visual timeline of all tool executions during an agent interaction
- Features:
- Color-coded bars showing tool status (success/error)
- Latency visualization per tool
- Result count badges
- Summary statistics (total tools, total time, average latency)
- Where to find it:
- Gradio app: Debug & Reasoning tab
- Data source:
tool_tracesfrom agent responses
3. Tenant Activity Heatmap
- What it shows: Query activity patterns and tool usage trends over time
- Features:
- Hour-by-hour, day-by-day activity heatmap
- Color intensity based on activity level
- Per-tool usage trends with bar charts
- Trend indicators (up/down/stable)
- Where to find it:
- Gradio app: Admin Analytics tab
- Configurable time window (default: 7 days)
- Data source:
/analytics/activityand/analytics/tool-usageendpoints
Access: All visualization features are available to all roles (viewer, editor, admin, owner).
Installation & Setup
Prerequisites
- Python 3.10+ with pip
- PostgreSQL (with pgvector extension) or Supabase for RAG storage
- Supabase (recommended) or SQLite for admin rules and analytics
- Ollama (local) or Groq API credentials for LLM
- Google Custom Search API (optional, for web search):
- Enable Custom Search API in Google Cloud Console
- Create API key β set as
GOOGLE_SEARCH_API_KEYin.env - Create Programmable Search Engine β set ID as
GOOGLE_SEARCH_CX_IDin.env
Step-by-Step Installation
Clone and navigate to the project:
cd IntegraChatCreate and activate virtual environment (recommended):
# Windows python -m venv venv venv\Scripts\activate # Linux/Mac python3 -m venv venv source venv/bin/activateInstall Python dependencies:
pip install -r requirements.txtConfigure environment variables:
cp env.example .env # Edit .env with your credentials: # - SUPABASE_URL and SUPABASE_SERVICE_KEY (for production storage) # - POSTGRESQL_URL (for RAG vector database) # - OLLAMA_URL/OLLAMA_MODEL or GROQ_API_KEY (for LLM) # - GOOGLE_SEARCH_API_KEY and GOOGLE_SEARCH_CX_ID (optional, for web search)Set up Supabase (recommended for production):
- Create a Supabase project at supabase.com
- Run
supabase_admin_rules_table.sqlin Supabase SQL Editor - Run
supabase_analytics_tables.sqlin Supabase SQL Editor - Copy your project URL and service role key to
.env - Verify setup:
python verify_supabase_setup.py
Start the services:
Option A: Windows Quick Start (recommended for Windows):
start.batThis automatically starts:
- FastAPI backend on port 8000
- Unified MCP server on port 8900
Option B: Manual Start:
# Terminal 1: FastAPI backend uvicorn backend.api.main:app --port 8000 --reload # Terminal 2: Unified MCP server python backend/mcp_server/server.pyLaunch the UI:
Gradio Interface (full-featured):
python app.pyAccess at
http://localhost:7860
Usage
Gradio Interface (app.py)
The Gradio UI provides a comprehensive interface with five main tabs:
1. Chat π¬
- Enter your Tenant ID and start chatting with the MCP-powered agent
- Real-time streaming responses (word-by-word using SSE)
- Autonomous tool orchestration (RAG, Web, Admin, LLM)
- Multi-step planning with memory of previous tool outputs
2. Document Ingestion π
- Raw Text: Paste text directly
- URL: Ingest content from web URLs
- File Upload: Upload PDF, DOCX, TXT, or Markdown files
- Rich metadata support (filename, URL, document ID, custom JSON)
- View and manage ingested documents
3. Knowledge Base Library π
- Statistics Dashboard: Visual cards showing document counts by type
- Interactive Charts: Plotly pie chart for document type distribution
- Semantic Search: Search knowledge base with relevance scoring
- Type Filtering: Filter by document type (text, PDF, FAQ, link)
- Document Management: View, preview, and delete documents
- Auto-refresh: Lists update automatically after operations
4. Admin Analytics π
- Statistics Cards: Total queries, active users, red flags, RAG searches
- Interactive Bar Charts:
- Tool Usage Count (RAG, Web, Admin, LLM)
- Average Tool Latency (performance metrics)
- RAG Quality Metrics (hits, scores, recall indicators)
- Tool Usage Table: Detailed performance breakdown
- Formatted Summary: Key metrics in easy-to-read format
- Click "π Fetch Analytics Snapshot" to load latest data
5. Admin Rules & Compliance π‘οΈ
- Text Input: Paste rules one per line (comments starting with # are ignored)
- File Upload: Upload rules from TXT, PDF, DOC, or DOCX files
- LLM Enhancement: Automatic rule enhancement (edge cases, pattern improvements, severity suggestions)
- Chunk Processing: Large rule sets processed in chunks (5 at a time)
- Rule-Based Behavior: Rules checked FIRST - brief responses or blocking based on severity
- Streaming Responses: Real-time word-by-word streaming
- Refresh Button: Update rules table directly
π‘ Tip: Every action requires a Tenant ID. The Tenant ID persists across page refreshes and is managed centrally.
API Endpoints
All endpoints are served by the FastAPI backend at http://localhost:8000. Most endpoints require the x-tenant-id header for tenant isolation.
π API Documentation: Interactive Swagger docs available at
http://localhost:8000/docswhen the backend is running.
Agent Endpoints
| Method | Endpoint | Description |
|---|---|---|
POST |
/agent/message |
Main chat endpoint with tenant_id, message, optional history |
POST |
/agent/message/stream |
Streaming chat endpoint using Server-Sent Events (SSE). Returns tokens word-by-word |
POST |
/agent/debug |
Detailed debugging info: reasoning trace, tool selection, intent classification |
POST |
/agent/plan |
Tool selection plan without execution (intent, tool scores, planned steps) |
RAG Endpoints
| Method | Endpoint | Description |
|---|---|---|
POST |
/rag/ingest-document |
Ingest document with source_type, content, metadata. Supports raw text, URLs, PDFs, DOCX, TXT, Markdown |
POST |
/rag/ingest-file |
Multipart file upload (PDF/DOCX/TXT/MD) with x-tenant-id header |
GET |
/rag/list?tenant_id={id}&limit={n}&offset={n} |
List all documents for a tenant with pagination |
DELETE |
/rag/delete/{document_id}?tenant_id={id} |
Delete a specific document by ID |
DELETE |
/rag/delete-all?tenant_id={id} |
Delete all documents for a tenant |
Note: RAG endpoints support both x-tenant-id header and tenant_id query parameter.
Admin & Governance Endpoints
| Method | Endpoint | Description |
|---|---|---|
GET |
/admin/rules?detailed=true |
Get all rules (use detailed=true for regex/severity metadata) |
POST |
/admin/rules?enhance=true |
Add single rule with optional pattern (regex), severity, description. Set enhance=true for LLM enhancement |
POST |
/admin/rules/bulk?enhance=true |
Add multiple rules at once (processed in chunks of 5). LLM enhancement applied automatically |
POST |
/admin/rules/upload-file?enhance=true |
Upload rules from file (TXT, PDF, DOC, DOCX). Text extracted server-side |
DELETE |
/admin/rules/{rule} |
Delete a specific rule |
GET |
/admin/violations?days=30&limit=50 |
Get red-flag violations with timestamps and confidence scores |
GET |
/admin/tools/logs?tool_name=rag&days=7 |
Get detailed tool usage logs with latency and token counts |
GET/POST/DELETE |
/admin/tenants |
Tenant management endpoints |
POST |
/admin/setup/table |
Create admin_rules table in Supabase if it doesn't exist |
Analytics Endpoints
| Method | Endpoint | Description |
|---|---|---|
GET |
/analytics/overview?days=30 |
Comprehensive analytics: total queries, tool usage, red-flag count, RAG quality |
GET |
/analytics/tool-usage?days=30 |
Detailed tool usage stats: counts, latency, tokens, success/error rates |
GET |
/analytics/redflags?limit=50&days=30 |
Recent red-flag violations for tenant |
GET |
/analytics/activity?days=30 |
Tenant activity summary: queries, active users, last query timestamp |
GET |
/analytics/rag-quality?days=30 |
RAG quality metrics: avg hits, scores, latency (recall/precision indicators) |
Visualization Features
IntegraChat includes three powerful visualization components that provide real-time insights into agent behavior and system activity:
1. Real-Time Reasoning Visualizer
- Location: Debug tab (Gradio app)
- Features:
- Step-by-step visualization of agent reasoning path
- Animated progression through reasoning steps
- Status indicators (pending, running, completed, error)
- Detailed metrics per step (latency, hit counts, token estimates)
- Visual icons for each step type (admin rules check, RAG prefetch, tool selection, etc.)
- Data Source:
reasoning_tracefrom/agent/messageor/agent/debugendpoints - Usage: Automatically appears in chat panel when agent responses include reasoning traces
2. Tool Invocation Timeline
- Location: Debug tab (Gradio app)
- Features:
- Visual timeline showing tool execution order
- Color-coded bars indicating tool status (success/error)
- Latency visualization per tool
- Result count badges
- Summary statistics (total tools, total time, average latency)
- Data Source:
tool_tracesfrom/agent/messageor/agent/debugendpoints - Usage: Automatically appears in chat panel when agent responses include tool traces
3. Live Tenant Heatmap
- Location: Analytics page (
/analytics) - Features:
- Query activity heatmap (hour-by-hour, day-by-day visualization)
- Color intensity based on activity level
- Per-tool usage trends with bar charts
- Trend indicators (up/down/stable)
- Configurable time window (default: 7 days)
- Data Source:
/analytics/activityand/analytics/tool-usageendpoints - Usage: Navigate to Analytics page to view tenant activity patterns
Access: All visualization features are available to all roles (viewer, editor, admin, owner).
Request Headers
Most endpoints require:
x-tenant-id: Tenant identifier for multi-tenant isolationx-user-role: Caller role for RBAC enforcement (viewer,editor,admin, orowner)- Important: Role must be passed through the entire pipeline (UI β API β RAG Client β MCP Server)
- Role is automatically propagated from the API request to backend API, then to RAG client, and finally to MCP server for permission checks
- If ingestion fails with permission errors, verify the role is set correctly in the UI and check backend logs for role propagation debug messages
Content-Type: application/json: For POST requests with JSON payloads
Example Request
curl -X POST http://localhost:8000/agent/message \
-H "Content-Type: application/json" \
-H "x-tenant-id: tenant123" \
-d '{
"message": "What is our refund policy?",
"tenant_id": "tenant123"
}'
Architecture
System Overview
IntegraChat follows a modular architecture with clear separation of concerns:
βββββββββββββββββββ
β Frontend UI β (Gradio)
β Port 7860 β
ββββββββββ¬βββββββββ
β
βΌ
βββββββββββββββββββ
β FastAPI Backendβ (API Gateway)
β Port 8000 β
ββββββββββ¬βββββββββ
β
ββββΊ Unified MCP Server (Port 8900)
β βββ RAG Tools (search, ingest, list, delete)
β βββ Web Tools (search)
β βββ Admin Tools (rules, violations)
β
ββββΊ PostgreSQL/Supabase (RAG Vector Store)
ββββΊ Supabase/SQLite (Rules & Analytics)
ββββΊ LLM Backend (Ollama/Groq)
Enterprise-Grade Features
Autonomous Multi-Step Planning: LLM-powered planning determines optimal tool sequences with short-term conversation memory that stores and injects previous tool outputs into subsequent tool calls for better context awareness.
Regex-Based Governance: Admin rules support regex patterns with fallback to keyword matching and semantic similarity scoring for flexible policy enforcement.
Comprehensive Analytics: All tool usage, RAG searches, LLM calls, and red-flag violations are logged with indexed queries for fast analytics retrieval.
Enhanced RAG Pipeline: Documents chunked optimally (400-600 tokens) and enriched with metadata (source URL, timestamp, document type) for better retrieval.
Structured Error Handling: All errors logged with context, with graceful fallbacks (e.g., RAG fails β LLM-only, web fails β skip web).
Data Storage Architecture
IntegraChat uses dual-backend storage with automatic fallback for production flexibility:
Supabase (Production/Preferred)
When to use: Production deployments, multi-user environments, scalable applications
Storage:
admin_rules- Admin rules with regex patterns and severity levelstool_usage_events- Tool invocation logs with latency and token trackingredflag_violations- Red-flag violation events with timestampsrag_search_events- RAG search metrics and quality indicatorsagent_query_events- Agent query logs and analytics
Features:
- Row Level Security (RLS) for multi-tenant isolation
- Automatic backups and scaling
- Real-time capabilities
- Production-ready infrastructure
Setup: Configure SUPABASE_URL and SUPABASE_SERVICE_KEY in .env
SQLite (Development Fallback)
When to use: Local development, testing, single-user scenarios
Storage:
data/admin_rules.db- Admin rules (local file)data/analytics.db- Analytics events (local file)
Features:
- Zero configuration required
- Perfect for local development
- Automatic fallback when Supabase not configured
Migration: To migrate existing SQLite data to Supabase, refer to Supabase documentation for data migration strategies.
Supabase Setup & Migration
IntegraChat supports Supabase for production-ready storage of admin rules and analytics. Both RulesStore and AnalyticsStore automatically detect and use Supabase when credentials are available, falling back to SQLite for local development.
Quick Setup
Create Supabase tables:
- Run
supabase_admin_rules_table.sqlin Supabase SQL Editor - Run
supabase_analytics_tables.sqlin Supabase SQL Editor
- Run
Configure environment variables in
.env:SUPABASE_URL=https://your-project-id.supabase.co SUPABASE_SERVICE_KEY=your_service_role_key_hereVerify setup: Check that your Supabase project is accessible and tables are created correctly.
Troubleshooting
Common Issues
Backend Not Starting
- Issue: FastAPI backend fails to start
- Solution:
- Check if port 8000 is already in use:
netstat -ano | findstr :8000(Windows) orlsof -i :8000(Linux/Mac) - Verify Python virtual environment is activated
- Check
.envfile exists and has required variables - Review error logs for missing dependencies
- Check if port 8000 is already in use:
MCP Server Connection Errors
- Issue: "Could not connect to MCP server" errors
- Solution:
- Ensure unified MCP server is running:
python backend/mcp_server/server.py - Check MCP server is on port 8900 (default)
- Verify
MCP_SERVER_IDin.envmatches server configuration - Check firewall settings if running on different machines
- Ensure unified MCP server is running:
RAG Search Not Returning Results
- Issue: RAG searches return no results despite ingested documents
- Solution:
- Check similarity threshold (default 0.3) - try lowering to 0.2 or 0.1
- Verify documents exist:
GET /rag/list?tenant_id={id} - Ensure tenant_id matches between ingestion and search
- Check PostgreSQL/pgvector connection and vector extension
- Review MCP server logs for search metrics
Supabase Configuration Issues
- Issue: Data still going to SQLite instead of Supabase
- Solution:
- Verify
SUPABASE_URLandSUPABASE_SERVICE_KEYin.env(no quotes, no spaces) - Use service_role key (not anon key) from Supabase Dashboard
- Verify Supabase credentials in
.envfile - Ensure tables exist: run SQL scripts in Supabase SQL Editor
- Check FastAPI startup logs for backend detection messages
- Verify
LLM Connection Errors
- Issue: Agent responses fail with LLM errors
- Solution:
- For Ollama: Ensure Ollama is running (
ollama serve) - Check
OLLAMA_URLandOLLAMA_MODELin.env - For Groq: Verify
GROQ_API_KEYis set correctly - Check
LLM_BACKENDsetting (ollama or groq) - Test LLM connection:
curl http://localhost:11434/api/tags(Ollama)
- For Ollama: Ensure Ollama is running (
Document Ingestion Failures
- Issue: File uploads or document ingestion fails
- Solution:
- Check file size limits (default may be 10MB)
- Verify file format is supported (PDF, DOCX, TXT, MD)
- Ensure tenant_id is provided in request
- Check user role: Ingestion requires
editor,admin, orownerrole. If you see "Permission Denied (403)", change your role in the UI dropdown (top right) from "viewer" to "editor", "admin", or "owner" - Verify
x-user-roleheader is being sent correctly (check backend logs for debug messages) - Check backend logs for specific error messages
- Verify PostgreSQL connection for RAG storage
Document Display Issues
- Issue: Document list shows
[object Object]instead of document details - Solution: This has been fixed. Documents now display properly with:
- Document ID (number)
- Document Type (text, pdf, faq, link)
- Preview (first 200 characters)
- Length (character count)
- Created date
- If still seeing issues: Refresh the Knowledge Base Library tab
Rule Addition Timeouts
- Issue: "Chunk 1/1 timed out after 45s" when adding rules
- Solution:
- Quick Fix: Uncheck the "Enable LLM Enhancement" checkbox before adding rules - rules will be added immediately without LLM processing
- With Enhancement: Keep checkbox checked but be patient - enhancement can take up to 180s for 5 rules (30s per rule)
- Best Practice: Add rules in smaller batches (1-3 rules at a time) when using enhancement
- Note: Enhancement is optional - you can always add rules quickly without it, then enhance them later if needed
Rule Deletion Issues
- Issue: "404 Not Found" when trying to delete a rule
- Solution: You can now delete rules in two ways:
- By Number: Enter the rule number (e.g., "1", "2", "3") as shown in the rules table
- By Text: Enter the exact rule text as displayed in the rules table
- If rule not found: Make sure you're entering the exact text or a valid rule number. Refresh the rules table to see current rules.
Tenant Isolation Issues
- Issue: Documents or data leaking between tenants
- Solution:
- Check database queries include
WHERE tenant_id = ...filters - Verify tenant ID normalization is working correctly
- Review database logs for tenant isolation
- Check database queries include
Getting Help
- Check Logs: Review FastAPI and MCP server logs for detailed error messages
- Run Diagnostics: Use helper scripts in the Testing & Diagnostics section
- Verify Configuration: Check
.envfile and Supabase connection - Review Documentation: See
backend/README.mdfor backend-specific issues
Testing & Diagnostics
You can test the system by:
- API Testing: Use the FastAPI interactive docs at
http://localhost:8000/docsto test endpoints - Database Inspection: Connect directly to your PostgreSQL/Supabase instance to verify tenant isolation
- Log Monitoring: Check FastAPI and MCP server logs for detailed error messages and debugging information
Tip: Ensure the Python virtual environment is active (
source venv/bin/activateor.\venv\Scripts\activate) and that.envcontains the MCP server URLs/LLM settings.
Demo Video
β Prerequisites: FastAPI backend plus all MCP servers (RAG/Web/Admin) running locally.
β What it checks:
- Direct database writes via the analytics and rules stores
- CRUD over the
/admin/*and/analytics/*endpoints - RAG ingestion and isolation by issuing queries as multiple tenants and ensuring secrets never leak across IDs
β Pass criteria: At least 80β―% of the sub-tests succeed (the RAG isolation test must pass for overall success).
python check_rag_database.py
Provides a low-level inspection of the RAG datastore. It connects straight to the pgvector/Postgres instance, lists all tenant IDs, prints sample chunks, and runssearch_vectors()directly to ensure the SQLWHERE tenant_id = β¦filter is behaving as expected. Use this script when diagnosing suspected cross-tenant leakage or when seeding demo data.python verify_supabase_setup.py
Verifies Supabase configuration and shows which backend (Supabase or SQLite) each store is using. Displays any missing configuration and provides a summary of where data will be saved.python check_supabase_rules.py
Checks Supabase admin rules configuration and RLS policies. Validates that rules can be read/written correctly.python migrate_sqlite_to_supabase.py
One-shot migration script that copies existing SQLite data (admin rules + analytics) to Supabase. Supports both PostgreSQL direct connection and Supabase REST API methods.python test_manual.py
The existing manual test runner remains useful for smoke-testing analytics logging, admin rule CRUD, and API response codes. Run it whenever you adjust schemas or update MCP endpoints.
Tip: Ensure the Python virtual environment is active (
source venv/bin/activateor.\venv\Scripts\activate) and that.envcontains the MCP server URLs/LLM settings.
Demo Video
π₯ [Demo Video Placeholder] - Coming soon!
Watch how IntegraChat uses MCP to power autonomous agents with multi-tool selection, RAG retrieval, and enterprise governance.
Social Media
π± [Social Media Post Placeholder] - Coming soon!
Follow us for updates and demos of IntegraChat in action!
Team Member(s)
- Your Name Here - Developer & MCP Enthusiast
License
This project is licensed under the MIT License - see the LICENSE file for details.
Technical Stack
Backend
- Framework: FastAPI with async/await for high-performance MCP orchestration
- MCP Server: Unified MCP server (port 8900) exposing all tools via namespaces
- API: RESTful API with Server-Sent Events (SSE) for streaming responses
- LLM Integration:
- Ollama (local, default) -
http://localhost:11434 - Groq (cloud) - via API key
- Configurable backend with streaming support
- Ollama (local, default) -
Frontend
- Gradio UI: Full-featured interface with Plotly visualizations (
app.py) - UI Libraries:
- Plotly for interactive charts and visualizations
Data Storage
- RAG Vector Store: PostgreSQL with pgvector extension (via Supabase or direct connection)
- Analytics: Supabase (production) or SQLite (development) with indexed queries
- Rules Storage: Supabase (production) or SQLite (development) with automatic fallback
- Database: PostgreSQL for RAG embeddings, Supabase/SQLite for analytics and rules
File Processing
- Supported Formats: TXT, PDF, DOC, DOCX, Markdown
- Libraries: PyPDF2, python-docx for server-side text extraction
- Metadata: Rich metadata support (source URL, timestamp, document type)
Communication
- Streaming: Server-Sent Events (SSE) for real-time word-by-word response streaming
- Protocol: Model Context Protocol (MCP) for tool communication
- HTTP: RESTful endpoints with JSON payloads
Recent Enhancements
UI & UX Improvements (Latest)
- Document Display Fix: Fixed document list showing
[object Object]- now properly displays document ID, type, preview, length, and creation date in a formatted table - Rule Deletion Enhancement: Can now delete rules by entering either:
- Rule number (e.g., "1", "2", "3") - automatically finds the corresponding rule
- Full rule text - deletes the exact matching rule
- LLM Enhancement Toggle: Added checkbox to enable/disable LLM enhancement when adding rules:
- Quick Add: Uncheck to add rules immediately without LLM processing (no timeout issues)
- Enhanced Add: Check to get better patterns, explanations, and examples (takes longer but higher quality)
- Improved Timeouts: Increased timeout for rule enhancement from 45s to 180s to handle multiple rules properly
- Better Error Messages: Clearer error messages for rule deletion, document operations, and permission errors
Role Propagation & Permission Handling (Latest)
- Fixed Role Propagation: User role (
viewer,editor,admin,owner) is now properly passed through the entire ingestion pipeline:- UI sends role in
x-user-roleheader - Backend API route receives and validates role
- Role is passed to
process_ingestion()service - RAG client includes role in payload to MCP server
- MCP server uses role for permission checks
- UI sends role in
- Improved Error Handling: Permission errors (403 Forbidden) now return clear, actionable error messages:
- Clear indication when role lacks required permissions
- Guidance on which roles can perform specific actions
- Instructions to change role in UI dropdown
- Debug Logging: Added comprehensive debug logging to trace role values through the pipeline for troubleshooting
- Admin Question Handling: Fixed "who is the admin" type questions to use RAG from knowledge base instead of generic LLM responses
Admin Rules System (Latest)
- File Upload Support: Upload rules from TXT, PDF, DOC, DOCX files with drag-and-drop interface
- LLM Enhancement Toggle: Optional LLM enhancement with checkbox control:
- Quick Add Mode: Uncheck to add rules immediately without LLM processing (no timeouts)
- Enhanced Mode: Check to get better patterns, explanations, examples, and edge case detection
- LLM Enhancement: When enabled, automatic rule enhancement identifies edge cases, improves regex patterns, and suggests severity levels
- Intelligent Fallback Explanations: When LLM enhancement times out or fails, the system automatically generates basic explanations using keyword extraction, providing useful examples and pattern suggestions without requiring LLM availability
- Chunk Processing: Large rule sets processed in chunks of 5 to prevent timeouts (handles 100+ rules efficiently)
- Enhanced Timeouts: Increased timeout from 45s to 180s per chunk to accommodate LLM processing
- Flexible Rule Deletion: Delete rules by entering either rule number (e.g., "1") or full rule text
- Comment Filtering: Comment lines (starting with #) automatically ignored when uploading rules
- Rule-First Processing: Admin rules checked before intent classification - enables behavior control (brief responses vs blocking)
- Supabase Integration: Production-ready Supabase support with automatic table creation
- Streaming Responses: Word-by-word streaming for chat responses using Server-Sent Events (SSE)
Conversation Memory System (Latest)
- Short-Term Memory: Automatic storage of tool outputs per session with configurable size limits and TTL
- Session-Based Isolation: Memory keyed by session_id (not tenant_id) for safety
- Automatic Injection: Recent memory automatically injected into tool payloads for multi-step workflows
- Auto-Expiration: Memory entries expire after configurable TTL (default: 15 minutes)
- Session Management: Memory can be explicitly cleared via
end_sessionflag - Comprehensive Testing: Full test suite covering memory storage, retrieval, expiration, and multi-step workflows
AI-Generated KB Metadata & Advanced RAG (Latest)
- Automatic Metadata Extraction: When ingesting documents, system auto-extracts:
- Title: From filename, URL, or content structure (with intelligent fallback)
- Summary: 2-3 sentence summary via LLM (with keyword-based fallback)
- Tags: 5-8 relevant tags extracted from content
- Topics: 3-5 main themes identified via LLM
- Date Detection: Multiple date formats automatically detected
- Quality Score: 0.0-1.0 score based on structure and completeness
- Intelligent Fallback: When LLM is unavailable or times out, uses keyword extraction and pattern matching to provide useful metadata
- Database Integration: Metadata stored in JSONB column for flexible querying and enhanced RAG search
- Migration Script: Safe, idempotent database migration script included
Per-Tool Latency Prediction & Context-Aware Routing (Latest)
- Latency Prediction: Agent estimates expected latency before tool selection:
- RAG: 60-120ms (depends on result count)
- Web: 400-1800ms (network-dependent)
- Admin: <20ms (local regex matching)
- LLM: Variable based on model and token count
- Path Optimization: Agent chooses fastest tool sequence based on latency estimates
- Context-Aware Routing: Intelligent tool skipping based on previous outputs:
- High RAG score (β₯0.8) β Skip web search
- Critical admin violation β Skip agent reasoning, immediate block
- Relevant memory available β Skip RAG, use memory instead
- Routing Hints: Context hints included in reasoning trace for transparency
- Performance Impact: Leads to more sophisticated behavior and higher scores
Tool Output Schemas (Latest)
- Strict JSON Schemas: Every tool returns validated JSON with consistent structure:
- RAG:
{results: [...], top_score: float, latency_ms: int} - Web:
{results: [...], latency_ms: int} - Admin:
{violations: [...], severity: str, latency_ms: int} - LLM:
{text: str, tokens_used: int, latency_ms: int}
- RAG:
- Automatic Validation: All tool outputs validated and formatted before use
- Easier Debugging: Consistent structure makes debugging and monitoring simpler
- Polished Responses: Schema-validated outputs ensure professional appearance
Cross-Encoder Re-ranking (Latest)
- Two-Stage RAG Process:
- Initial vector search retrieves candidates
- Cross-encoder re-ranks top 10 results for accuracy
- Final filtering by threshold and limit
- Model: Uses
cross-encoder/ms-marco-MiniLM-L-6-v2(very fast, production-ready) - Massive Accuracy Improvement: Re-ranking significantly improves relevance of search results
- Seamless Integration: Works transparently with existing RAG search API
Context Engineering (Latest)
- Anthropic-Inspired Strategies: Implements best practices from Anthropic's context engineering research:
- Compaction: High-fidelity summarization preserving architectural decisions, unresolved issues, and implementation details
- Tool Result Clearing: Safest form of compaction - removes large tool outputs once processed
- Structured Note-Taking: Tracks objectives (like Claude playing PokΓ©mon), architectural decisions, and unresolved issues
- XML-Structured Prompts: All prompts use clear XML sections (
<system>,<background_information>,<instructions>) for better model understanding - Automatic Compression: Conversations compressed at 80% token threshold, targeting 60% after compression
- Just-in-Time Context: Selects only relevant memories and tools for each query
- Progressive Disclosure: Agents discover context incrementally through exploration
- Benefits:
- Reduced token usage and costs
- Longer conversation support
- Better agent coherence across extended interactions
- Improved performance through structured context
- Documentation: Context engineering features are integrated throughout the agent orchestrator and MCP server
UI Improvements
- Modern Drag-and-Drop: Intuitive file upload with visual feedback
- Enhanced Status Messages: Clear success/error messages with icons
- Refresh Button in Table: Quick refresh directly from the Rule Set section
- Better Visual Hierarchy: Improved spacing, colors, and layout
- Gradio UI Enhancements:
- AI metadata displayed after document ingestion
- Latency predictions shown in reasoning trace
- Context-aware routing hints visualized
- Tool output schemas displayed in debug view
Key Technical Features
Tenant Isolation & Normalization
- Strict tenant isolation enforced at database level with
WHERE tenant_id = ...filters - Automatic tenant ID normalization handles whitespace and formatting differences
- Documents can be listed and deleted consistently across different tenant_id formats
- All operations validate tenant ownership before execution
RAG Search & Retrieval
- Cross-Encoder Re-ranking: Two-stage retrieval process for massive accuracy improvement:
- First: Vector search retrieves top candidates using embeddings
- Then: Cross-encoder model (
cross-encoder/ms-marco-MiniLM-L-6-v2) re-ranks top 10 results - Final: Results filtered by threshold and limit applied
- Optimized similarity threshold (default 0.3) for better recall of relevant documents
- Intelligent fallback returns top result even if below threshold to ensure knowledge base content is accessible
- Pattern-based tool selection automatically triggers RAG for admin questions, fact lookups, and internal knowledge queries
- Response unwrapping ensures seamless integration between MCP server and orchestrator
MCP Server Architecture
- Unified server running on a single port (default 8900) for all namespaced tools
- Dual protocol support: Both MCP protocol (POST with JSON) and RESTful HTTP (GET/DELETE)
- Response wrapping: Standardized response format with automatic unwrapping in clients
- Error handling: Comprehensive error responses with detailed messages for debugging
UI Features
Knowledge Base Library
- Visual Statistics: Real-time document counts and type distribution
- Interactive Charts: Plotly pie charts for document type visualization
- Advanced Search: Semantic search across all ingested documents with relevance scoring
- Smart Filtering: Filter by document type (text, PDF, FAQ, link)
- Bulk Operations: Delete individual documents or all documents at once
- Auto-refresh: Lists automatically update after operations
Admin Analytics Dashboard
- Statistics Cards: Key metrics displayed in visually appealing cards with icons
- Tool Usage Visualization: Bar charts showing tool invocation counts and performance
- Latency Metrics: Visual representation of tool response times
- RAG Quality Analysis: Charts displaying search quality metrics (hits, scores, recall)
- Detailed Tables: Comprehensive tool usage breakdown with success/error rates
- Dark Theme: Modern UI with dark background and white text for better readability
- Real-time Updates: Fetch latest analytics data with a single click
Acknowledgments
- Built with Model Context Protocol (MCP)
- Powered by Gradio for the interface
- Visualizations created with Plotly
- Backend built with FastAPI
- Analytics and governance features inspired by enterprise AI platform requirements
Made with β€οΈ for the MCP Hackathon
IntegraChat: Enterprise-Grade MCP Autonomous Agent Platform