Home / Products / OpenLI Codex
Foundation tier · powers every OpenLI product

The third-generation agentic AI runtime for regulated enterprise.

OpenLI Codex is the AI-native foundation that every other OpenLI product is built on. A purpose-built runtime for production agentic workflows in regulated environments — combining the Claude Agent SDK and the OpenAI Codex SDK with multi-tenant governance, policy-controlled execution, and audit trails on every action.

We do not wrap LangGraph. We do not wrap LangChain. We have built our own runtime, on the same foundations Anthropic and OpenAI ship, because production agentic systems in healthcare, finance and clinical research need governance built in — not bolted on.

Open OpenLI Codex Portal View on GitHub Talk to the team
v0.6.8 production Dual-runner Multi-tenant AGPL-3.0 / commercial dual Whitelabel-ready
9Products in the family powered by Codex
2Production AI runtimes (Claude SDK + Codex SDK)
7RBAC role tiers, audit-logged on every action
0LangChain or LangGraph dependencies

Our vision: natural language is the only programming language enterprises need.

In tomorrow’s software, every developer interface is conversational. Every legacy system can be modernised in plain English. Every agent action is governed, auditable and reversible. OpenLI Codex is the runtime that makes that real for buyers in regulated industries today — not in some indefinite future.

AI-native, not AI-bolted-on

Codex is purpose-built for production agentic workflows. Tool surfaces, multi-turn reasoning, structured output extraction, runner orchestration, prompt template versioning — all built into the runtime, not stitched together at the application layer.

Governance-first, not governance-bolted-on

Human approval gates at every state transition. 7-tier RBAC. Audit trails on every agent action. PII sanitisation hooks. Tenant isolation. Aligned with EU AI Act, ISO/IEC 42001, NHS DSPT and UK GDPR from day one — before a single line of product code is written.

Sector-specialised, foundation-shared

Same engine. Same governance. Same audit story. HIE, Integrai, IRIS CoPilot, IMX Monitor, DMM, OpenCT, OpenTrial, OpenInvestor and the GSJ Platform all run on Codex. One security review covers the entire portfolio. One operational model. Lower TCO when you adopt more than one product.

Dual-runner architecture — no vendor lock-in.

Codex supports two production-grade AI runtimes side by side, switchable per task, per workspace and per tenant. This is a deliberate architectural choice: regulated enterprise buyers cannot accept single-vendor lock-in for the AI substrate that powers their mission-critical workflows.

Claude Agent SDK · Claude Code

Anthropic’s agentic runtime, used for long-context reasoning, tool-calling chains, and complex multi-turn workflows. The default runtime for most OpenLI products, including HIE, IMX Monitor and Integrai. Claude Code drives our own development workflow on the OpenLI website itself.

  • Strong long-context behaviour and reasoning
  • Mature tool-use and structured output
  • Production-grade safety and refusal behaviour
  • Used for: HIE, Integrai, IMX Monitor, OpenTrial (planned)

OpenAI Codex SDK

OpenAI’s code-aware runtime, used where deterministic code transformation, language conversion, or tight integration with the OpenAI platform is preferred. Switchable per tenant for customers who already operate on Azure OpenAI.

  • Strong code generation and refactoring
  • Tight integration with Azure OpenAI deployments
  • Cost-efficient for high-throughput workloads
  • Used for: OpenCT, DMM, IRIS CoPilot code generation

Capabilities

The capabilities below ship in OpenLI Codex v0.6.8 today — not on a roadmap. They are the building blocks that every other OpenLI product reuses.

Workspace registry

Multi-tenant workspace management with GitHub repository import or local folder mounting. Each workspace has its own isolated state, skills, prompt templates and audit trail.

Skills management system

Reusable platform skills (10+ shipped) plus tenant-specific skill definitions. Each skill has versioned prompts, defined tool surfaces and explicit input/output contracts.

Prompt template library

Versioned, reviewable prompt templates with tenant-scoped overrides. Templates are first-class artefacts — not strings buried in code — so they can be audited, diffed and rolled back.

RBAC with approval workflows

Seven role tiers (super_admin, org_admin, project_admin, editor, viewer, plus tenant-scoped variants) with admin approval workflows for state transitions and high-risk agent actions.

Session-based transcript UI

Every agent session is recorded as a transcript with tool calls visible, structured output extraction, and the full conversation persisted for audit. Operators can review and replay any session.

SSE streaming runtime

Server-sent events for real-time updates from agents to operator UIs. No polling. No websockets complexity. Production-tested at scale across the IMX Monitor and HIE deployments.

Audit trail on every action

Immutable event log of every state transition, every tool call, every prompt sent and every response received. Exportable for regulatory submission and internal forensics.

Runner switching per tenant

Configure Claude Agent SDK or OpenAI Codex SDK per tenant, per project, per task. Customers on Azure OpenAI can run Codex without ever touching the Anthropic API, and vice versa.

Open source core

AGPL-3.0 with a commercial dual licence for enterprises. Auditable by your security team. Self-hostable. No black box. The core is on GitHub at zhongli1990/saas-codex.

How it works

Three steps from natural language to a governed, auditable, reversible action.

1. Define

A skill or workflow is defined as a versioned prompt template with an explicit tool surface and output contract. Templates are reviewable artefacts in the prompt manager — not strings buried in code.

2. Run

The runtime invokes the chosen runner (Claude Agent SDK or OpenAI Codex SDK), passes the template, the workspace context and the tool surface, and streams the response back via SSE. Tool calls go through the tenant’s policy hooks.

3. Govern

Every action is recorded in the audit log. State transitions require explicit human approval where the policy says so. The operator UI shows the full transcript with tool calls and structured output. Roll back via config snapshots.

Every OpenLI product runs on this foundation.

That’s the commercial point of Codex. Buy one product, get the same governance, audit, multi-tenancy and runner orchestration that every other OpenLI product uses. One security review. One operational model. One AI substrate strategy.

Pharma & Clinical

More clinical research products in development.

Finance & Compliance

See the full product family tree →

Whitelabel for OEM partners

OpenLI Codex is whitelabel-ready. System integrators, healthcare consultancies, and technology partners can deploy Codex under their own brand, with their own tenant management, their own skills library, and a commercial model that fits their channel.

Branding & tenant config

Per-tenant logo, colour, copyright notice, and domain. Each tenant feels like a first-class product, not a re-skinned multi-tenant SaaS.

Custom skills & templates

Bring your own skills, prompt templates, and tool surfaces. Codex skills are first-class objects, not hard-coded in the runtime.

Commercial model

OEM licence, revenue share, or annual platform fee — we work with the model that fits your channel motion. Talk to the team to scope a partnership.

Talk to us about whitelabeling

Compliance & assurance

Every product in the OpenLI family inherits the same compliance posture from Codex. One security review covers the entire portfolio.

EU AI Act UK AI governance guidance UK GDPR EU GDPR Data Protection Act 2018 ISO/IEC 27001 ISO/IEC 42001 SOC 2 control mapping NIST AI RMF NHS DSPT readiness