Overview#
During an active investigation, investigators, analysts, supervisors, and legal counsel need to communicate in context without mixing operational discussions with their personal email or corporate chat tools. A public channel keeps the investigation team aligned. Direct messages between the lead investigator and the prosecutor stay private. Threaded discussions on a specific evidence point remain searchable after the investigation closes.
The Communication domain provides that secure, organised messaging environment, purpose-built for the operational context of investigations rather than adapted from a general-purpose chat product.
Key Features#
- Channel types: public, private, and direct message with role-based membership (owner, admin, member).
- Threaded conversations with parent-child message relationships.
- Message reactions, @-mentions, and file attachments.
- Read receipts and per-channel unread count tracking.
- Real-time message streaming via WebSocket subscriptions.
- Message editing and soft deletion with audit trail.
- Multi-tenancy with organisation-level isolation.
- Channel lifecycle management including archival.
Use Cases#
Investigation team coordination channels keep all team members aligned on case developments, with threaded discussions maintaining context for specific evidence items or analytical threads.
Investigator-to-supervisor direct messaging enables sensitive escalations and approvals without creating a paper trail in team channels where all team members would see them.
Active incident communication during major operations uses real-time messaging with threaded discussions, keeping the primary incident channel clear while allowing parallel discussions on specific sub-issues.
Post-investigation compliance teams use searchable archived channels to reconstruct the communication history of an investigation, demonstrating that all parties were properly informed and that decisions were appropriately documented.
Integration#
Integrates with user management for authentication, notification system for push delivery, and file storage for attachment handling. Supports WebSocket-based real-time communication.
Open Standards#
- GraphQL (June 2018 specification): the entire API surface, channels, members, messages, read receipts, and typing indicators, is exposed as GraphQL queries, mutations, and subscriptions using the Strawberry implementation of the specification.
- RFC 6455 (WebSocket Protocol): real-time message delivery and typing-indicator broadcasts are carried over persistent WebSocket connections, with JWT tokens passed via the
Sec-WebSocket-Protocolbearer subprotocol header. - RFC 7519 / RFC 7517 (JSON Web Tokens and JSON Web Key Sets): access to all communication endpoints is gated by RS256-signed JWTs whose signing keys are verified against a JWKS endpoint, providing standards-compliant bearer-token authentication.
- RFC 4122 (UUID Version 4): every entity, channels, channel members, messages, and read receipts, is assigned a randomly generated UUID v4 as its primary identifier.
- RFC 3339 / ISO 8601 (Date and Time Formats): all timestamps (message creation, edits, read receipts, typing events) are serialised to and parsed from ISO 8601 strings, ensuring interoperable datetime exchange between server and clients.
- RFC 8259 / ECMA-404 (JSON): message payloads, reactions, attachments, metadata, and all pub/sub broadcast events are serialised as JSON for transport and storage.
- ANSI INCITS 359-2004 (Role-Based Access Control): channel membership enforces a three-tier RBAC hierarchy (owner, admin, member) that controls who may read, post, edit, delete, or administer each channel, consistent with the NIST/ANSI RBAC reference model.
Last Reviewed: 2026-02-05 Last Updated: 2026-04-14