Cosmic XRM
Architecture

Isolation isn't a tier. It's the architecture.

Cosmic XRM deploys as an Azure managed application into your subscription. There is no shared multi-tenant database anywhere in the design.

Your deployment

What lands in your subscription

Your Azure subscription Managed resource group End-user app Generative UI runtime Admin app Metadata & plugin authoring API Integration surface Designer Visual canvas studio Dedicated DocumentDB cluster Your data — nobody else's instance Microsoft Entra ID Your tenant, your roles Publisher registry Health-gated updates Installed from Azure Marketplace

Dedicated DocumentDB cluster

Every deployment provisions its own MongoDB-compatible DocumentDB cluster. Your data is physically separate — not row-filtered in a shared store.

The application suite

The end-user app, admin app, API, and designer run as containers in your managed resource group, wired to your cluster and nobody else's.

Microsoft Entra ID

Sign-in and role-based access bind to your own Entra tenant. Admins, makers, and users are governed by roles you control.

Operations

Managed, but not opaque

The managed application model means upgrades and infrastructure are handled — while everything still runs where you can see it, in your subscription, under your policies, on your bill.

Environments

Separate development, test, and production environments within your deployment, with metadata promotion between them.

High availability

Opt-in zone-redundant mode for the database tier when your workload warrants it — a toggle, not a re-architecture.

Continuous delivery

Application updates flow from the publisher registry with health-gated rollout. Your model and your plugins are untouched by platform upgrades.

Run the platform, own the data

Install from Azure Marketplace into your subscription today.

Get started Back to the platform