Knogin
[Developers]

LLM Domain

When an analyst needs to summarise a 300-page financial intelligence report in under a minute, or translate a foreign-language intercept on the fly, the LLM domain handles it without leaving the investigation context. It

Back to All Modules
Category: Api DomainsLast Updated: Feb 5, 2026
api-domainsaireal-time

Overview#

When an analyst needs to summarise a 300-page financial intelligence report in under a minute, or translate a foreign-language intercept on the fly, the LLM domain handles it without leaving the investigation context. It provides a unified interface for interacting with multiple large language model providers, supporting distinct assistant modes, adjustable response depth, and context scopes tailored to case-specific AI interactions.

Key Features#

  • Multi-provider support across multiple AI provider families
  • Multiple assistant modes: research, analysis, writing, coding, summarisation, translation, and general
  • Configurable response depth: brief, standard, detailed, and exhaustive
  • Context scope management: current page, investigation, organisation, and global
  • Investigation-aware context for case-specific AI interactions
  • Secrecy level alignment to match data classification requirements
  • Page context support for UI-aware AI responses

Use Cases#

Relevant sectors include law enforcement, financial crime investigation, and intelligence agencies.

  • Conducting deep research queries within investigation context using advanced AI models
  • Generating executive summaries of investigations for stakeholder communication
  • Analysing transaction patterns and identifying anomalies with AI assistance
  • Drafting investigation reports with investigation-scoped context awareness

Integration#

The LLM domain integrates with RAG for document Q&A, Chatbot for chat interface, AI Triage for automated prioritization, and Analysis for analytical tools.

Open Standards#

  • GraphQL (June 2018 Specification): All LLM capabilities are exposed via a GraphQL API (queries and mutations), allowing clients to request precisely the fields they need across provider management, chat, and usage reporting.
  • EU AI Act, Regulation (EU) 2024/1689, Article 12: Every LLM invocation is logged to a dedicated AI audit log with input hash, output summary, model identifier, token count, and user context, fulfilling the record-keeping obligation for high-risk AI systems under Annex III.
  • ISO/IEC 42001:2023: The management-system framework for responsible AI, covering risk assessment, transparency obligations, and continual improvement; the LLM domain's provider governance, usage logging, and secrecy-alignment controls map directly to its Annex A controls for AI system operation.
  • FIRST Traffic Light Protocol (TLP): LLM response secrecy alignment maps directly to TLP:WHITE, TLP:GREEN, TLP:AMBER, and TLP:RED markings, ensuring outputs are handled in accordance with the data-sharing restrictions established by the analyst's investigation context.
  • JSON (RFC 8259): All provider request payloads, structured outputs, token-usage records, and persisted analysis results are serialised as JSON; providers that return free-form text are wrapped in a normalised JSON envelope before the response leaves the service layer.
  • OAuth 2.0 / JSON Web Tokens (RFC 7519): Access to every LLM operation is gated by bearer-token authentication; JWT claims are also used to select the appropriate real-time LLM provider in voice and streaming scenarios.
  • Role-Based Access Control (NIST SP 800-207 / ANSI INCITS 359-2004): Provider registration and configuration are restricted to super-admin roles; chat operations enforce investigation-level access control tied to the case object type, preventing cross-investigation data exposure.

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14

Ready to Build?

Get started with our APIs or contact our integration team for support.