Configuration Guide
What this document is: A guide to configure Clawscan after deployment.
Why this matters: Defines how the system behaves, what is analyzed, and how results are handled.
When to use this: Immediately after deployment and during ongoing system adjustments.
Overview
Once Clawscan is deployed, configuration allows you to:
- connect all required components
- define what types of risks are detected
- control system behavior and scope
Configuration is primarily handled through:
- environment variables (technical setup)
- Admin Control Center (functional configuration)
See:
Environment variables
The Clawscan Engine relies on environment variables to connect to your infrastructure and the Clawscan control plane.
These are configured during container deployment.
Core variables
| Variable | Description |
|---|---|
| SHARED_MAILBOXES | mailbox(es) to monitor |
| TENANT_ID | Azure tenant identifier |
| GRAPH_CLIENT_ID | application (client) ID |
| GRAPH_CLIENT_SECRET | application secret |
| FOUNDRY_API_KEY | AI API key |
| FOUNDRY_URL | AI endpoint |
| GET_CONFIG_URL | retrieves configuration from control plane |
| POST_RESULT_URL | sends scan results |
These variables enable:
- mailbox access
- AI analysis
- communication with Clawscan services
⚠️ All credentials must be securely stored and rotated according to your internal policies.
Detection domains
Clawscan allows you to activate specific detection domains, corresponding to different compliance risks.
Examples include:
- competition law
- anti-corruption
- other regulatory or internal policy domains
Each domain uses dedicated analysis logic.
Activation and management are handled via the Admin Control Center.
Configuration retrieval
The Clawscan Engine dynamically retrieves its configuration via:
GET_CONFIG_URL
This allows:
- centralized configuration management
- updates without redeployment
- consistency across environments
Result transmission
Analysis results are transmitted via:
POST_RESULT_URL
Only the following data is transmitted:
- risk classification
- risk score
- reasoning summary
- operational metadata
No raw communication content is transmitted.
See:
Admin Control Center
The Admin Control Center allows you to:
- activate or deactivate detection domains
- monitor aggregated results
- manage system configuration
- access billing and usage information
This interface is the primary tool for functional configuration.
See:
Configuration principles
Clawscan configuration follows key principles:
- client control → you define scope and behavior
- minimal exposure → only necessary data is shared
- flexibility → configuration evolves without redeployment
Next steps
➡️ Manage and operate the system: