One platform. Any data. A governed workforce.
Usermode wraps every system you run as tools your agents — and tools like Claude — can use, then runs a fleet of specialist agents that do real work on the channels you already use. Each service holds exactly the capability it needs and no more. Here is how the whole system fits together.
Three classes of service
Every part of the platform falls into one of three classes, defined by how much power it holds. The distinction is the point: the more dangerous a capability, the more isolated the service that carries it.
Bridges
- Holds
- Channel credentials
- Risk surface
- Channel ingress
The way your team reaches the fleet — email, WhatsApp, Teams, SMS and the web. A bridge holds the tenant credentials for a channel and nothing else. It carries messages; it makes no decisions.
Sub-agents
- Holds
- An LLM key, capability-gated
- Risk surface
- Judgement
The orchestrator-worker MCP services where reasoning happens. A sub-agent holds a model key and exactly the tools its one job requires — never the full set. Judgement lives here, fenced in.
Data wrappers
- Holds
- Nothing that can act
- Risk surface
- None — stateless, no LLM
The business systems wrapped as tools: stateless, with no model and no judgement to corrupt. The safest and largest class, and the one we build most of. Wrap any SaaS, file share, database or internal app.
“The safest service has no judgement to corrupt. The most dangerous has both judgement and a send button. We never put those two things in the same box.”
Marc Heath — The Integration Tax
Capability isolation is not a setting you toggle on. It is the shape of the system. A service that reads untrusted input holds no tools that can act; a service that can act on the outside world never reads raw, untrusted input. Power and exposure are kept on opposite sides of the wall.
On the surfaces your team already uses
There is no new app to learn and no portal to log into. The fleet reaches your people where they already work — and runs its own routines on a schedule when nobody is watching.
Threaded, in your domain. Agents read, reply and attach inside the inbox your team already lives in.
Conversational requests and approvals on the go, delivered via Twilio.
Teams
A bidirectional bridge into Microsoft Teams, with in-band chat and attachments.
SMS
Short, time-critical notifications and confirmations where speed matters.
Web
A dashboard and request surface for the work that wants a screen, not a message.
Cron
Standing schedules. The fleet acts when a job is due — it does not wait to be asked.
Azure-native, by design
“Scale is not how many services you run. It is how few you have to think about on any given Tuesday.”
Marc Heath — The Integration Tax
The platform is a collection of small, single-purpose services, each in its own container, each doing one thing. The discipline of keeping every service narrow is what keeps the whole estate legible — so that adding capability never means adding things you have to worry about.
Per-tenant isolation
Your fleet runs in your own isolated cloud environment. No shared runtime between clients.
One container per service
Azure Container Apps, fronted by API Management, secured with Key Vault and managed identity.
Defined in Bicep
The whole estate is infrastructure-as-code, supply-chain locked and reproducible.
Go deeper into the platform
Each area is a deep dive on its own. Document intelligence lives inside Governance — the same discipline that makes an agent safe to switch on makes its output safe to send.
See the platform running on your data
Book a 30-minute demo and we'll map the classes of service to your stack — or start with a £2,500 Audit and a named first slice.