AI overview

Dalea exposes AI capabilities through two surfaces, with different audiences and trust models. Knowing which one you're using matters: they have different security properties, different action sets, and different user-experience.

In-app chat

A side panel that lives inside dalea.app. Authenticated as you. Can call destructive tools, but always asks for confirmation.

External MCP

Your Claude Desktop, Cursor or ChatGPT, connecting via OAuth. Read-only by default — destructive actions stay in the in-app chat.

The in-app chat

Open it with ⌘/ or the sparkle icon. The panel is multi-turn, streaming, tool-using, and aware of:

• the workspace you're in
• the document you're currently viewing (if any)
• your selection inside that document
• your role and permissions

It can do everything you can do — find documents, read data records, create new documents, append blocks, register objects, run saved queries, and compose follow-up questions about the results. Because it acts as your user, it can also do destructive things, which is why every destructive call is confirmed by a card in the chat before execution.

Approval cards

When the assistant proposes to run a destructive tool (manage_documents:create, data_objects:bulk_create, placements:check_out, …), it pauses and emits an approval card. You see:

• the tool and action
• the arguments (resource name, payload summary)
• buttons: Approve once, Reject, Always approve this action type

The "always" toggle is per-workspace; you can revoke from Settings → AI Approvals.

Models and providers

Workspace admins configure which model providers are enabled: OpenAI, Anthropic, Google. Per user, you can pick a default model from Settings → AI models. There is also an on-device option (Gemma via WebGPU) which runs in your browser with zero network egress.

Frontend tools

A small set of tools execute in the browser without server confirmation: navigate, open_search, show_document. These can't change anything; they just steer your UI in response to a request like "open the IFN-γ protocol".

The external MCP server

Dalea's MCP server exposes your workspace as a set of tools that any MCP-compatible LLM can call. The flow is OAuth 2.1; the connection is HTTP-streaming. See Connect Claude Desktop for the step-by-step setup.

External clients see roughly 70 tools grouped by domain — documents, blocks, data, queries, inventory, files, search. Destructive actions (delete, archive, supersede) are deliberately not exposed via MCP; if Claude Desktop wants to delete a document, it has to ask you to do it in the in-app chat (which then confirms via an approval card).

External clients are bound by:

• Workspace scope — each token authorises exactly one workspace, enforced server-side on every call.
• Role intersection — the OAuth client is created with a role; effective permissions are the intersection of your role and the client's role.
• Rate limits — per-user, per-workspace token budgets.
• Audit — every tool call is logged with operator, timestamp, args and a hash of the response.

Privacy

Tool inputs and outputs go to the LLM provider you configured. Dalea never sends data to a model unless you opted into a chat session that uses it. On-device models keep everything in your browser.

What's next