Help · 115 articles
How to use Kodori.
Plain-language guides for every feature. The AI agent inside the app retrieves answers from this same content — so anything you can read here, you can ask the agent instead.
Getting started
Sign in to Kodori
Sign in with your Google or Microsoft work account — no passwords to manage.
Workspaces, tenants, and your role
How Kodori isolates teams, what each role can do, and how to invite teammates.
Try Kodori with sample data (no upload required)
Click "Load sample data" on the dashboard and Kodori seeds a matter, a project, a legal hold, and a retention class so every screen has something to show.
Finding your way around — sidebar quick-access, /browse explorer, and stuck-files drill-in
Recent uploads + Saved searches in the sidebar; /browse for collections-tree → docs → metadata navigation; /extraction-issues to see exactly which files got stuck.
Glossary — what every Kodori term means
Plain-English definitions of every domain term you'll see — Collections, Cabinets, Drawers, Matters, Projects, Sensitivity, Retention, Legal Hold, Extraction, Audit, Cap warning, Quota, Cost budget, Permissions, ACL, Tombstone.
Documents
Bulk operations on /search results
Select multiple search results and apply collection membership, retention class, or trash in one click. The 200-doc invoice batch that used to be 200 trips is now one trip.
How extraction works — what file types Kodori reads, in what order
Kodori's extractor registry routes each upload to the right adapter — Azure / Google Document AI for PDFs and scans, pure-JS adapters for Office, sharp for TIFF / HEIC, Claude vision as the LLM fallback.
Upload documents
Drag-and-drop a file (or a whole folder) onto /upload. Bytes go straight to object storage; extraction starts in the background.
Capture from your phone — photos and voice notes
Open /capture on your phone, take a photo OR record a voice note, and Kodori files what you captured — no app install, no scan-to-email.
Email documents into your workspace
Each tenant has a unique inbox address. Send mail there and every attachment becomes a Kodori document.
Versioning a document
Upload a new version of an existing record without creating a duplicate. Optionally label and compare versions.
Document templates — mark + clone
Mark any live document as a template; "New from template" forks a fresh document at the same content hash with new metadata. Zero blob duplication thanks to content-addressable storage.
Previewing documents
PDFs render inline through pdfjs with find-in-document + page navigation; images, audio, video, and text-shaped formats render natively. Office formats show their extracted text. TIFF / HEIC convert to PNG server-side so browsers render them inline.
Sensitivity labels and auto-classification
Every document carries a sensitivity tier from public to regulated. The agent proposes a label on upload; you confirm.
DLP scanning on ingest
Every uploaded document is pattern-scanned for SSNs, credit cards, routing numbers, MRNs, AWS keys, and other regulated PII / credentials. High-confidence findings auto-escalate sensitivity to "regulated" before the document is searchable.
AEC metadata (project, drawing, revision, currentSet)
Stamp construction-document facets — project / phase / discipline / spec section / drawing number / revision / currentSet — onto any document. Auto-supersedes prior current revisions.
Pre-trained document type hints
Kodori knows what an NDA, invoice, RFI, or W-9 looks like — a deterministic pattern matcher recognizes the top US Legal / Finance / AEC document types alongside the LLM classifier.
Share a document with a teammate
Share read access per-document by email, or share an entire collection in one click. Owners and admins see everything; others see only what they are granted.
Annotations — threaded notes, @mentions, resolved state
Capture context next to a document, reply in threads, @mention a teammate to pull them in, and mark a thread resolved when it's done. Per-document, audit-logged, never duplicates the file.
Legal citation extraction
Kodori extracts citations (cases, statutes, regulations, rules, evidence rules, dockets, constitutional clauses) from a legal document's text and surfaces them as a per-doc index. Regex-driven, deterministic, idempotent.
Trash bin and restore
Soft-deleted (tombstoned) documents land in /trash where owners and admins can restore individually or in bulk before a hard purge sweep runs.
Check-in / check-out (soft edit lock)
Claim an exclusive edit window so two people don't upload competing new versions of the same document.
Mobile capture — perspective correction + offline buffer
Browser-side perspective correction de-skews phone captures before upload. Offline buffer queues failed uploads to IndexedDB and drains via Background Sync when connectivity returns.
Collections
Bulk metadata — set custom keys across many documents at once
Tag every doc in a matter with matter number, client code, or any custom field — one agent call, up to 500 docs, paginated for larger batches.
Export a collection as a ZIP
One-click download of every pinned document in a matter / project / cabinet, plus a manifest.csv with metadata. Caps: 200 documents and 1 GB per call.
Collections — folders, matters, projects
Collections are saved views over your documents. One blob can live in many Collections without duplicating storage.
Rule-driven Collections
Describe a Collection in declarative terms — "every regulated PDF", "all NDAs from 2024" — and Kodori auto-includes matching documents.
Rename a collection
Inline Rename affordance on /collections/[id] for the creator and tenant owner / admin. Membership, rules, and ACL grants are preserved.
Search
How search works (hybrid keyword + semantic)
Type natural language, quoted phrases, or "-word" exclusions. Kodori combines exact-term matching with concept matching.
Saved searches: new-since-last-viewed badges
Each saved search carries a count of new documents matching its query since you last opened it — clearer than email digests, no inbox noise.
Search documents, conversations, and audit events together
/search has a "Search in" pill row toggling Documents / Conversations / Audit. Documents stays the default; expanding to other sources fans out three searches in parallel and renders three labelled sections.
Working with the AI agent
Smart automations — programmable agent in plain English
Type a rule like "every Monday at 8am run my saved search and email me the hits" or "when DLP flags a doc, ask the agent what obligations apply" — Claude compiles it, scheduled rules fire on cron, event rules fire on the audit log.
Generate new documents from a template
Use any Kodori document with extracted text as a template — describe what you want and Kodori drafts a new document via Claude Opus.
Conversation history with the agent
Every chat with Kodori is saved automatically and resumes after a refresh. Use the History rail in the expanded drawer to switch threads or "+ New chat" to start fresh.
What the AI agent can change for you
The agent can move, rename, retag, soft-delete, restore, and re-classify documents — all in plain English, all logged to the audit trail.
Asking the AI agent
Open the agent drawer (⌘K) and ask in plain English. The agent has tools to search, read, and act inside your workspace.
Agent activity page
See what the AI did this week without learning audit-log filter syntax. /agent-activity is the management view scoped to actorKind=agent.
Pin a custom system prompt to a conversation
Set per-thread instructions that travel with every turn — "drafting agent" / "research agent" / firm-style — without touching the global system prompt.
What the agent can tell you about your workspace
A catalog of the read-only "what is the state of my workspace" questions the agent can answer in one round-trip — quotas, members, holds, retention, anomalies, DLP, version history, extraction status, audit chain.
Conversational canvas — branchable agent runs
Multi-step agent workflows render as a tree of nodes (tool-call, human-approve, branch, reduce). Admins gate consequential actions with Approve / Reject before the run continues.
searchExternalContent — agent search across connector content
MCP tool the agent uses to query synced Slack messages, Outlook / Gmail emails, and SharePoint / OneDrive / Drive files alongside your Kodori documents.
searchExternalContent — hybrid search across Slack + email + Drive + SharePoint
FTS + pgvector + Reciprocal Rank Fusion across all six connectors. Mirrors hybridSearch quality for documents.
Compliance and governance
Collection-driven sensitivity and retention inheritance
Set a default sensitivity tier or retention class on a matter / project / drawer once, and every doc filed there inherits automatically — highest-tier-wins for sensitivity, no-override for retention.
Why low-confidence metadata proposals disappear after 30 days
Auto-classify proposes metadata on every uploaded doc. Proposals below 0.5 confidence that go un-reviewed for 30 days flip to 'expired' so the review queue stays focused on actionable items.
Public share links — tokenized read-only URLs for external recipients
Generate a token-protected URL that delivers a doc, collection, or production to opposing counsel without requiring an account. Auto-expires; revocable; every access audit-logged.
Matter binder export — compile a matter into a single PDF
Pick a collection or production. Kodori merges every PDF into one binder with a cover page, table of contents with Bates ranges, and the docs themselves in alphabetical order.
Production set tracker — every discovery production, on one screen
Every Bates batch becomes a production record with recipient, date, Bates range, and the EXACT version hash of every doc delivered. Closes the discovery production loop.
Bates stamping batch — page-bottom numbers across an entire production
Pick a source + prefix + start. Every PDF in the source gets sequential Bates numbers stamped on every page; results land as new immutable versions.
PDF redaction — draw boxes, burn to a new immutable version
Click Redact on any live PDF. Draw boxes on each page, click Burn — Kodori rasterizes the boxes onto the bytes and creates a new immutable version. The original is preserved.
Privilege log builder — FRCP-26 log in seconds
Pick a collection, click Build. Kodori produces a privilege log (Bates / Date / Author / Recipients / Doc Type / Privilege Basis / Description) ready for production.
Projects — every active job's health on one screen
Joins RFIs, submittals, and change orders by project reference. The strategic morning view a project executive runs across all active jobs.
AEC drawing register — sheet extraction + per-project rollup
Kodori extracts AIA/CSI standard sheet numbers (A-201, S-101, M3.05, etc.) from drawing PDFs and surfaces a per-doc index plus a per-project drawing register grouped by discipline.
Spec sections — project heatmap by CSI MasterFormat
Joins RFIs, submittals, and change orders by spec section. The "where are reviews piling up across the project?" view a PM looks at on Monday morning.
Change-order tracker — every PCO and CO with cost + schedule impact
AEC change-order tracking. Auto-classified COs and PCOs land here with signed cost + schedule impact; pipeline vs. executed totals roll up automatically.
Submittal tracker — under-review queue, by spec section
AEC submittal tracking for product / material approvals. Auto-classified submittals land here with the disposition preserved verbatim.
Inspection / daily report tracker — open findings, by trade
Auto-classified inspection + daily reports land on /inspection-tracker. Open findings surface by trade for the project executive view; per-row Haiku-extracted summary explains what is still blocking.
Conflict checking on matter creation
Open a new matter on /collections/new with kind=matter — Kodori runs a debounced hybrid search across existing matters and surfaces potential conflicts inline before you create the duplicate.
Linking response packets to RFIs and submittals
"Mark answered" button on every open RFI / under-review submittal row. Pick the response doc from a workspace search, set the status, confirm — the tracker row flips to answered/approved/rejected with the response doc id captured in the projection.
RFI tracker — open RFIs, overdue, by project
AEC Request For Information tracking. Auto-classified RFIs land here with structured fields; overdue + due-soon highlight the morning stand-up view.
Auditor-ready compliance reports
Pre-baked reports for SOC 2, GDPR, retention disposal, legal-hold log, and audit-chain verification — all backed by the hash-chained audit log.
Scheduled deletion — auto-tombstone a document on a date
Set an explicit deletion date on a single document. The daily 02:00 UTC sweep auto-tombstones at the date with the standard legal-hold deny-wins gate still applying. Distinct from retention classes — this is one-off automatic action, not class-level policy.
Bring-your-own KMS key
Register a customer-managed Key Encryption Key (KEK) so every blob your tenant uploads is wrapped against a key in your own AWS / Azure / GCP account.
Audit log CSV export + filters
Filter the audit log by date range and actor, then export to CSV for legal review or external-auditor handoff.
Anomaly detection and step-up controls
Behavioural signals from the audit log — high-volume regulated reads, cross-tier bursts, off-hours spikes, agent runaways. High-severity agent signals auto-pause via a deny rule that an admin reviews on /anomalies.
Retention auto-apply rules
Map a docType pattern to a retention class — Kodori auto-suggests the right class for every NDA, invoice, 1099, etc. Acceptance is still human; the rule never auto-mutates retention.
AP invoice review workflow
Upload an invoice → Kodori extracts vendor / total / PO number → it lands on the AP review queue → an approver flips status. The full chain runs automatically.
The audit log
Every consequential mutation appends a hash-chained event. /audit is the readable view; the chain is tamper-evident per tenant.
Legal holds
Bind documents to an active matter. Held documents can't be deleted or have their retention disposed until the hold releases. Bulk apply by collection or saved search.
Retention classes and the review queue
Tag records with a retention class (e.g. "Tax records — 7 years"). The review queue surfaces eligible records for human disposal.
The compliance overview page
/compliance gives a one-page snapshot: live records, holds, queue depth, sensitivity histogram, and audit chain tip.
Activity digest email — daily / weekly
Optional Resend-backed email summarizing open @mentions, new documents, new legal holds, and retention queue depth in your readable scope. Off by default; opt in from /settings/account.
Compliance evidence packet — one-click audit-prep PDF
Bundles a live audit-chain integrity verification, holds, retention classes, member roster, and an event-type summary into a single hash-stamped PDF an auditor can take. Owner / admin only.
Access requests — ask for read on a doc / collection you can't see
Workspace members submit a UUID + reason at /request-access; owners + admins approve from /access-requests. Granting creates a permission grant that lands on the audit chain.
Two-person delete on regulated documents
Regulated-sensitivity documents require a second admin (≠ the requester) to approve before the tombstone executes. Standard dual-control governance for healthcare / finance / government workspaces.
Reversibility — undoing a mistake
Most mutations can be reverted from /audit. Reverts append a fresh forward event so the chain is intact.
SOC 2 controls mapping at /security/controls
Every AICPA Trust Services Criterion mapped to a concrete Kodori control, with a pointer to where evidence lives in the running product. Designed as the first thing your security review hands an auditor.
Verify the audit-chain integrity in one click
Owner / admin button on /audit that re-runs SHA-256 over every event in the tenant's chain and confirms each prev_hash matches its predecessor.
Sub-processors and data-flow transparency
Every third-party service that may process Kodori customer data, with vendor / purpose / what-they-actually-see / region / compliance reports.
Weekly audit-chain integrity verification
Every Sunday 02:00 UTC, Kodori walks every tenant's hash chain and emits an audit.verification.completed event with the result. On failure, an alert email goes to every workspace member.
Integrations and API
Save Excel workbooks to Kodori from the ribbon
Install the Kodori task pane in Excel. Save the active workbook as a new Kodori record, or as a new version of an existing one — from the Home ribbon.
Save PowerPoint decks to Kodori from the ribbon
Install the Kodori task pane in PowerPoint. Save the active deck as a new Kodori record, or as a new version of an existing one — from the Home ribbon.
Save Word documents to Kodori from the ribbon
Install the Kodori task pane in Word. Save the open document as a new Kodori record, or as a new version of an existing one — from the Home ribbon.
File email and attachments from Outlook
Install the Kodori task pane in Microsoft Outlook. Open any email, click "File to Kodori", and the message + selected attachments file as Kodori documents — with per-filing sensitivity and collection picker.
API keys and the public REST API
Mint API keys at /api-keys with opt-in scopes. The /api/v1 REST surface covers read AND write; the /api/mcp endpoint speaks Model Context Protocol so any AI client (Claude Desktop, Cursor, ChatGPT desktop, Kodokyo) can call the full tool catalog with the same key.
Bulk ingest via the REST API
POST raw bytes to /api/v1/documents with metadata in headers. Designed for watch folders, ETL jobs, scanners — anywhere browser presigned-PUT is overkill.
Webhooks — getting push notifications
Subscribe an HTTPS URL to event types you care about. Kodori POSTs a signed payload whenever a matching event lands.
Verify webhook signatures
Recompute the HMAC-SHA256 over <X-Kodori-Timestamp>.<body> with your signing secret. Reject mismatches and timestamps drifting more than 5 minutes.
TypeScript SDK — @kumokodo/kodori-sdk
Official TypeScript client for the Kodori public API + MCP endpoint. ESM-only, types included, no @types install required. Works on Node 18+, Bun, Deno, Cloudflare Workers.
Connect your AI client via the public MCP server
POST /api/mcp speaks JSON-RPC 2.0 over Streamable HTTP per the Model Context Protocol spec. Any MCP-conformant client (Claude Desktop, Cursor, ChatGPT desktop, the Kodokyo agent, custom integrations) can connect with a Kodori API key and call the same 75+ tools the internal agent uses.
Send webhook deliveries as Slack Block Kit
Pick "Slack" as the format when creating a webhook subscription and Kodori renders each event as Block Kit at the destination URL — readable messages in your Slack channel instead of raw JSON.
Watch-folder sync companion (CLI)
A Node CLI that watches folders on your workstation and POSTs new + modified files to Kodori — replaces the "scan to email, file later" pattern.
External connectors — Slack, Google Drive, Gmail, SharePoint, OneDrive, Outlook
Read-only connectors for six vendor kinds. OAuth tokens encrypted at rest; per-connector incremental-sync cursors; Pause / Resume / Revoke per connector; full lifecycle on the audit chain.
Slack connector — connect a workspace and search messages from the agent
Read-only Slack connector via bot-token OAuth. Per-channel incremental sync, deterministic permalinks, searchable from the agent via searchExternalContent.
Microsoft connectors — Outlook, SharePoint, OneDrive (one OAuth dance)
Single Microsoft Graph OAuth flow covers all three connector kinds. Delta-cursor sync per surface, encrypted token storage, refresh-token rotation handled.
Email + chat attachments — Outlook, Gmail, Slack files
Files attached to messages flow into external_documents alongside file-storage vendors. Same extraction pipeline, same searchable surface, same retry coverage.
Connector content via the public REST API
Search synced connector content + list configured connectors programmatically via the kodori-sdk or direct REST calls. Required scope: search:read.
Per-connector sync cadence
Tune how often each connector syncs — from 5 minutes (active workspaces) to 24 hours (archives). Per-row override with safe defaults.
Connector file text extraction (SharePoint, OneDrive, Drive)
Files synced from SharePoint, OneDrive, and Google Drive get their bytes downloaded and extracted to plain text — searchable on body content, not just filename.
Google connectors — Gmail and Google Drive (one OAuth dance)
Single Google OAuth flow covers both Gmail and Drive. Delta-cursor sync per surface, encrypted token storage, refresh-token rotation handled.
Workspace administration
Managing members — roles, remove, leave, transfer
Per-row role dropdown + Remove on /members for owners and admins. Members can leave on their own; owners can hand off the keys via Make-owner.
Onboarding emails — what arrives and when
A welcome email on first sign-in plus three follow-up tips on days 3, 7, and 14. Sent via Resend; per-user idempotency means each tip arrives at most once.
Invite teammates
Owners and admins issue invites from /members — one at a time or paste a list of up to 100 emails for bulk onboarding. Kodori emails each invitee a branded link; the link expires in 14 days.
Migration connectors — pull from your incumbent DMS
Connect Kodori to iManage, NetDocuments, FileHold, or any S3-compatible bucket. Probe credentials, preview what would migrate, then ingest.
Bulk metadata import via CSV (incumbent-DMS migration)
Drag-and-drop your files first, then upload a CSV that maps each filename to its sensitivity, collection, retention class, and metadata fields. Owner / admin only.
Bulk operations — apply to every doc in a collection or saved search
Three operations sharing one form: bulk add-to-collection, bulk retention class, bulk sensitivity. Source = collection or saved search. Permission-trimmed; one audit event per affected doc.
Access explorer — who can see what
Current-state view of every grant in the workspace. Two queries: who has access to this resource, what does this user have access to.
Workspace overview — the five-second read
A single-pane executive view of every signal Kodori already tracks. Document velocity, AP queue health, compliance posture, agent activity — all on one page.
Cost dashboard
Per-tenant spend on Anthropic Claude, OpenAI embeddings, R2 storage, and PDF extraction — with microcent resolution so per-token pricing is captured exactly.
Inviting teammates (multi-user onboarding)
Send a workspace invite by email; the invitee signs in with Google or Microsoft and is moved into your tenant with the role you picked.
Billing, plans, and usage caps
Four tiers: Free (forever), Team ($30/seat/mo), Business ($80/seat/mo), Enterprise. Caps protect both sides — pricing math is grounded in actual per-token costs.
Managing workspace members
Owners and admins manage roles and revoke pending invites from /members.
Export the entire workspace as a ZIP
Owners can download every readable document plus structured exports of collections, retention classes, legal holds, members, audit log, and their own agent conversations as a single ZIP. Built for GDPR Article 20, pre-migration backup, and SOC 2 evidence handoff.
Download your own data (DSAR)
Available to every member: download your authored documents, your audit events, your agent conversations, and your profile as a single ZIP. Covers GDPR Article 15 + 20.
Configure Google Document AI as the OCR fallback
Wire a Google Document AI processor into the Kodori extraction pipeline as the second-tier cloud OCR. Falls back from Azure (when configured) to DocAI to Claude vision to built-in text. 20 MB sync cap.
Tenant policies — Cedar DSL with shadow rollout
Author tenant-specific permission policies in Cedar DSL, simulate against recent decisions, ship in shadow mode while TS gates remain authoritative.