ArchitectureAdrADR-0015: Enterprise Knowledge Connector (RheinInsights)

ADR-0015: Enterprise Knowledge Connector (RheinInsights)

ADR-0015: Enterprise Knowledge Connector (RheinInsights)

Status: ACCEPTED
Date: 2026-01-10
Author: Codex (Gatekeeper)
Related: docs/agent_ops/INBOX/task_089_spec.md, docs/agent_ops/INBOX/task_090_spec.md

Context

Jorvis needs an enterprise-grade knowledge connector that can retrieve non‑SQL content with permission-aware filtering (SharePoint, Confluence, Teams, etc.). RheinInsights Retrieval Suite provides a self-hosted middleware with query pipelines and user-level access control. We want to integrate it as an optional source in the Document RAG flow without weakening SQL/RLS guarantees.

Options

  1. Optional RheinInsights connector (recommended)

    • Integrate a server-side connector into DocumentContextNode.
    • Pass userPrincipalName derived from user identity headers or SSO claims.
    • Return structured citations for Task-090.

  2. Build an internal enterprise index

    • Ingest all external sources into Jorvis-managed vector stores.
    • Higher control, but significantly higher maintenance and compliance burden.

  3. No external connector

    • Restrict Document RAG to Jorvis-managed content only.
    • Lowest complexity, but limits enterprise reach.

Decision

Adopt Option 1: add an optional RheinInsights connector in the document context flow.

Key requirements:

  • User identity must be forwarded (userPrincipalName).
  • TLS verification must remain enabled (no verify=false).
  • Credentials stay server-side.
  • Outputs mapped to standard Citation[] format (Task-090).
  • Feature flag: connector stays OFF by default via JORVIS_RHEININSIGHTS_ENABLED=false; opt-in only.

Consequences

Pros

  • Enterprise-ready knowledge access with permission enforcement.
  • Minimal changes to existing graph flow.
  • Works alongside SQL/RLS, not in place of it.

Cons

  • External dependency for enterprise knowledge.
  • Requires careful identity mapping and policy checks.

Follow-ups

  • Implement connector in Task-089 (JORVIS_RHEININSIGHTS_ENABLED).
  • Add citation formatting in Task-090.
  • Document required env vars:
    • JORVIS_RHEININSIGHTS_URL
    • JORVIS_RHEININSIGHTS_TOKEN
    • JORVIS_RHEININSIGHTS_PIPELINE_ID