Customer Support Demo
Complete, runnable Community example - AI-powered customer support with governance.
Overview
The Customer Support Demo is a fully-functional example application that demonstrates AxonFlow's AI governance capabilities for customer support operations. It's included in the Community repository and ready to run.
What This Demo Shows
- PII Detection & Redaction: Automatic detection and redaction of SSNs, credit cards, phone numbers
- Role-Based Access Control: Different permissions for agents, managers, and admins
- Policy Enforcement: SQL injection prevention, dangerous query blocking
- Audit Logging: Complete trail of all data access operations
- LLM Integration: Natural language to SQL conversion with governance
Quick Start
Prerequisites
- Docker and Docker Compose
- OpenAI or Anthropic API key (at least one)
1. Clone the Repository
git clone https://github.com/getaxonflow/axonflow.git
cd axonflow/platform/examples/support-demo
2. Start the Demo
# Set your API keys
export OPENAI_API_KEY=sk-your-key-here
# OR
export ANTHROPIC_API_KEY=sk-ant-your-key-here
# Start the demo
docker-compose up -d
3. Access the Demo
- Frontend: http://localhost:3000
- Backend API: http://localhost:8080/api/health
Demo Users
| Role | Password | Permissions | |
|---|---|---|---|
| [email protected] | Support Agent | demo123 | Limited PII, US West region |
| [email protected] | Manager | demo123 | Full PII, escalation handling |
| [email protected] | Admin | demo123 | Global access, system admin |
Demo Scenarios
1. Agent Query (PII Redaction)
Login as [email protected] and query:
Show open tickets for premium customers
Result: SSNs and credit card numbers are automatically redacted.
2. Manager Query (Full PII Access)
Login as [email protected] and query:
Find all tickets with SSN references
Result: Full PII visible due to manager permissions.
3. SQL Injection Prevention
Try this query as any user:
SELECT * FROM users; DROP TABLE users;
Result: Query blocked by static policy enforcement.
Architecture
┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐
│ React Frontend │────▶│ Go Backend │────▶│ PostgreSQL │
│ (Port 3000) │ │ (Port 8080) │ │ (Port 5432) │
└─────────────────┘ └────────┬────────┘ └─────────────────┘
│
▼
┌─────────────────┐
│ AxonFlow Agent │
│ (Policy Eval) │
└────────┬────────┘
│
▼
┌─────────────────┐
│ LLM APIs │
│ (OpenAI/Claude) │
└─────────────────┘
Components
| Component | Technology | Purpose |
|---|---|---|
| Frontend | React | User interface for support queries |
| Backend | Go 1.21 | API server with AxonFlow SDK integration |
| Database | PostgreSQL 15 | Customer and ticket data storage |
| SDK | @axonflow/sdk-go | Policy enforcement client |
Configuration
Environment Variables
| Variable | Description | Required |
|---|---|---|
| OPENAI_API_KEY | OpenAI API key | One of these required |
| ANTHROPIC_API_KEY | Anthropic API key | One of these required |
| AXONFLOW_ENDPOINT | AxonFlow agent URL | Optional (default: localhost:8080) |
| JWT_SECRET | JWT signing secret | Optional (has default) |
| DATABASE_URL | PostgreSQL connection | Optional (has default) |
axonflow-config.json
The axonflow-config.json file configures:
- Client identification and tenant
- Policy enforcement settings
- LLM provider preferences (Anthropic primary, OpenAI fallback)
- Demo user definitions with roles and permissions
Policy Examples
PII Redaction Policy
package axonflow.policy.support
import future.keywords
# Redact SSN for non-managers
redact_ssn {
input.context.user_role != "manager"
input.context.user_role != "admin"
}
redacted_query := regex.replace(
input.query,
`\b\d{3}-\d{2}-\d{4}\b`,
"***-**-****"
) if redact_ssn
# Redact credit cards for all non-admin users
redact_credit_card {
input.context.user_role != "admin"
}
redacted_query := regex.replace(
redacted_query,
`\b\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}\b`,
"****-****-****-****"
) if redact_credit_card
SQL Injection Prevention
package axonflow.policy.support
# Block dangerous SQL patterns
deny["SQL injection attempt blocked"] {
patterns := ["DROP TABLE", "DELETE FROM", "TRUNCATE", "ALTER TABLE"]
some pattern in patterns
contains(upper(input.query), pattern)
}
# Block union-based injection
deny["SQL injection attempt blocked"] {
contains(upper(input.query), "UNION SELECT")
}
Role-Based Access
package axonflow.policy.support
# Agents can only query their region
deny["Access denied: region mismatch"] {
input.context.user_role == "agent"
input.query_region != input.context.user_region
}
# Only managers and admins can see escalated tickets
deny["Access denied: escalation privileges required"] {
contains(lower(input.query), "escalated")
input.context.user_role == "agent"
}
Local Development
Running Backend Locally
cd backend
go mod download
go run .
Running Frontend Locally
cd frontend
npm install
npm start
Database Migrations
Migrations run automatically on backend startup. See backend/migrations/ for schema.
Tech Stack
| Layer | Technology | Notes |
|---|---|---|
| Backend | Go 1.21, Gorilla Mux, lib/pq | RESTful API with JWT auth |
| Frontend | React, Modern UI | Responsive design |
| Database | PostgreSQL 15 | With sample PII data |
| SDK | axonflow-sdk-go v1.2.0 | Policy enforcement |
Directory Structure
support-demo/
├── backend/
│ ├── main.go # Entry point
│ ├── llm_router.go # LLM provider routing
│ ├── policy_engine.go # Policy enforcement
│ ├── migrations/ # Database migrations
│ ├── go.mod
│ └── Dockerfile
├── frontend/
│ ├── src/
│ │ ├── App.js # Main application
│ │ ├── PolicyConfig.js
│ │ └── LiveMonitor.js
│ ├── package.json
│ └── Dockerfile
├── init-db/
│ └── 01-schema.sql # Initial database schema
├── docker-compose.yml
├── axonflow-config.json
└── README.md
Learn More
Source Code
GitHub: platform/examples/support-demo