Case Study 03

AiXpert

Database Assistant

Product

OryggiAI — Enterprise SaaS

Type

Multi-tenant platform

Scope

Full-stack — AI to deployment

90%+

Query accuracy

5

Core modules

4-tier

RBAC system

DPDP

Act 2023 compliant

The Problem

Enterprise data locked behind SQL — and only one person who could query it.

Organizations using Oryggi Access Control Systems had powerful databases tracking every employee, door access, visitor entry, and attendance record — but extracting insights required writing raw SQL. Only IT staff could answer basic questions like “How many employees joined last month in IT?”

Traditional template-based query tools achieved just 33% accuracy. Managers needed reports that took days. HR needed to revoke door access but had to file tickets. The data was there — but it was inaccessible to the people who needed it most.

On top of that, India's new DPDP Act 2023 meant every data query now required proper consent tracking. There was no compliance infrastructure in place.

The Approach

Ask in English. Get answers in seconds. Execute actions from chat.

I designed AiXpert as a multi-tenant SaaS platformwhere any employee can type a question in plain English and get an accurate answer from their organization's database — without knowing SQL, without waiting for IT, without risk of accessing another tenant's data.

The AI pipeline uses Google Gemini 2.0 Flashwith a RAG layer (ChromaDB) that understands each tenant's unique schema. Few-shot learning means the system improves with every query. The result: 90%+ accuracy vs 33% from the previous template approach.

System Architecture

User asks question

Natural language

AI understands intent

Gemini 2.0 Flash

RAG finds schema

ChromaDB vectors

LLM generates SQL

Few-shot learning

Gateway executes

On-premises DB

Results returned

Formatted response

Frontend (PWA)

Dashboard & Stats
AI Chat Assistant
Database Manager
User & Role Admin
Audit Log Viewer

Backend (FastAPI)

JWT Auth + RBAC
AI Query Pipeline
Report Generator
Action Executor
ConsentGrid (DPDP)

Infrastructure

PostgreSQL (Platform)
SQL Server (Tenant)
ChromaDB (Vectors)
WebSocket Gateway
Windows Agent (EXE)

Multi-Tenant Isolation

Row-level isolation — each organization's data is completely separated. AES-encrypted credentials.

Core Modules

Five capabilities. One chat interface.

01

Natural Language Queries

Type "How many employees joined last month in IT?" — AI generates SQL, executes it, returns formatted results. 90%+ accuracy.

02

Report Generation

"Generate attendance report for February" produces an Excel file with charts, pivot tables, and professional formatting. Emailed or downloaded.

03

Action Execution

Grant/revoke door access, blacklist employees, register visitors, issue temp cards — all from chat. Human confirmation required before execution.

04

On-Premises Gateway

Windows Service connects local Oryggi databases to the cloud platform via WebSocket. No need to expose databases to the internet.

05

DPDP Act 2023 Compliance

ConsentGrid module handles consent collection, real-time validation, instant withdrawal enforcement, and full audit trails.

Tech Stack

FastAPI

Backend API framework

Google Gemini

2.0 Flash — AI engine

ChromaDB

Vector search + RAG

PostgreSQL

Platform database

SQL Server

Tenant data (on-prem)

WebSocket

Real-time gateway comms

PWA

Offline-capable frontend

Tailwind CSS

UI framework

JWT + RBAC

Auth + 4-tier roles

AES Encryption

Credentials & API keys

OpenPyXL

Excel report generation

PyInstaller

Gateway Windows EXE

Security

Enterprise-grade from day one.

JWT + Token Rotation

Automatic refresh, secure session management

Bcrypt Password Hashing

Industry-standard credential protection

AES Encryption

Database credentials, API keys, consent tokens encrypted at rest

Row-Level Tenant Isolation

Each organization's data is completely invisible to others

4-Tier RBAC

Owner, Admin, Manager, User — granular permission control

Full Audit Logging

Every login, query, and action tracked with IP and device info

The Impact

AiXpert transformed how organizations interact with their data. Queries that took hours through IT tickets now complete in seconds. Report generation that required manual Excel work now happens via a single sentence.

The 90%+ query accuracy (vs 33% from the previous template system) means employees actually trust the results. The action execution module eliminated the back-and-forth between HR and IT for routine access management tasks.

Most critically, the ConsentGrid module brought the organization into full DPDP Act 2023 compliance — with real-time consent validation that blocks access the moment consent is withdrawn.

90%+

Query accuracy (vs 33%)

Seconds

Instead of hours

DPDP

Full compliance