Developer Docs
VecTrieve Architecture & API
Complete technical reference for the BSL VecTrieve Enterprise AI ecosystem, including RBAC logic, schema definitions, and internal routing endpoints.
Product Overview
Core Purpose: A multi-tenant AI ecosystem designed for enterprises. It empowers teams with advanced AI capabilities (code generation, documentation, analysis) while ensuring data remains isolated, compliant, and under strict administrative control.
Key Differentiators
- Dual-Layer Architecture: Unique multi-tenancy model enforcing data isolation simultaneously in PostgreSQL (relational) and Pinecone (vector).
- Enterprise-Grade Security: Built on robust RLS, AES-256 encryption, granular RBAC, and immutable audit trails.
- User-Configurable AI: Supports BYOK (Bring Your Own Key) for remote LLMs or directs traffic to custom local nodes.
Core Technologies
Supabase (PostgreSQL)
Foundation providing Auth (JWTs) and extensive Row Level Security (RLS) for multi-tenant isolation.
Pinecone
High-performance vector database storing AST-chunked embeddings. Leverages namespaces for strict boundaries.
Google Cloud Storage
Provides highly scalable blob storage for raw project files and zip archives. Metadata is tracked via Postgres.
Key Features
Foundational Multi-Tenancy & RBAC
Our dual-layer RBAC utilizes advanced PostgreSQL RLS policies to physically separate row access. Data within
enterprises, projects, and files tables are strictly protected by owner_user_id and organizational IDs.
Collab AI Workspace & RAG
The workspace supports Gemini, OpenAI, Anthropic, and local endpoints. It utilizes a deep RAG pipeline via Pinecone with semantic chunking to ensure the LLM generates answers based exclusively on truth.
Live Codebase Sync
Direct GitHub integration mapping webhooks to your database. Automatically fetches repo files upon push, uploads them to GCS, and vectorizes content directly into targeted Pinecone namespaces.
Roles & Permissions (RLS)
| Supabase Table | Structure Purpose | Security Logic |
|---|---|---|
| auth.users | Core Identity | System level credential management. |
| public.profiles | Links to auth, sets role. |
SELECT: Own profile or admins of same enterprise_id. |
| public.enterprises | Billing and global capacities. | SELECT: Owner or users attached to this enterprise. |
| public.projects | Visibility scopes. | SELECT: Must match enterprise AND (global OR owner OR allowed). |
Data Models
public.enterprises
idUUID (PK)
nameVARCHAR
subscription_tierVARCHAR
owner_user_idUUID (FK auth.users)
pinecone_global_nsVARCHAR
public.projects
idUUID (PK)
enterprise_idUUID (FK)
visibilityVARCHAR
gcs_pathVARCHAR
repo_infoJSONB
Internal API Routes
GET
/workspace
Renders main Collab AI dashboard and initializes connection state.
POST
/generate
Core RAG engine execution & LLM response streaming handler.
POST
/inject_project
Asynchronous pipeline routing files from GCS to Pinecone.
POST
/api/github/webhook
Listens for repository pushes to trigger automatic branch sync.