Core concepts
Everything you build on Overturo is made of a few objects. This page walks through them in the order you'll meet them — from your application to the decisions your users see.
Looking for the map of everything Overturo covers? See the Seven Surfaces
Application — your workspace for one integration
An application is the container for one product or brand you connect to Overturo. It owns your credentials, the flows you publish, the connectors you enable, your webhooks, and your branding. One account can hold many applications.
- Environments
- Five isolated environments — from development to production — each with its own credentials, so testing never touches live data.
- Visibility
- An application starts private. You can list it for your organization, publish it to the shared gallery, or apply for a verified badge.
- Who can own one
- An organization, an individual, or an AI agent — trust runs in every direction.
Example: a clinic registers one application for its patient portal — its intake flow, verification checks, and audit trail all live there.
See complete application starting points →Building blocks — capabilities you compose
Building blocks are ready-made capabilities you assemble into your application: sign-in providers, verification checks, agent connectors, compliance modules, and supporting infrastructure.
You compose blocks in a visual builder. The result is one flow, one screen for your users, one integration to maintain.
Browse blueprints and their building blocks →Connectors — data sources you plug in
Connectors are third-party data and verification providers your application can draw on — financial data, identity verification, background checks, and more. You bring or configure the provider credentials; Overturo handles the integration.
How they differ: a building block is a step in your flow — something your users experience. A connector is a source that step can call — where the data or verification comes from.
Flows, policies, agreements, authorities
What you publish comes in four families — 15 types in all. Each is designed in the setup wizard, previewed exactly as participants will see it, and versioned once live.
Flows
Collect consent or gate access to something you offer.
- Standard consent
- Access gate
Policies
Encode a data-rights rule: preferences, requests, licenses, offers.
- Privacy preference
- Data request
- Recurring obligation
- Data license
- Data portability
- Bounty
- Data offer
- Broadcast
Agreements
Bind multiple parties: signatures, negotiations, group votes.
- Mutual agreement
- Group decision
- Collaboration
Authorities
Grant bounded power to act — to a person, a stand-in, or an AI agent.
- Emergency plan
- Agent authority
Any of them can be authored by a business, by a person, or jointly — trust on Overturo runs both ways.
Start from a ready-made template →Which starting point is right for you?
A whole application, pre-assembled — blocks, connectors, and modules included. Adapt and go.
SolutionA bundle for one use case — meetings, onboarding, venues — ready to configure.
TemplateA single ready-to-use flow, agreement, or policy. The fastest way to publish one thing.
VerticalYour industry's recommended set — solutions, templates, and modules that fit its rules.
Decisions — what your users see
Every flow, agreement, or approval reaches a person as a Decision: a clear page that says who's asking, what for, and what saying yes means. Decisions handle consent, approvals, and signing.
- Where it appears
- On a hosted page you share as a link, embedded inside your product, or by redirect — the same decision, your choice of delivery.
- The Inbox
- Every pending decision also lands in the person's Inbox, so nothing gets lost between channels.
Trust progression — earned, not assumed
Trust builds stepwise. Trust Levels let your application unlock more access as a relationship matures — start with an email address, earn the rest. Trust scores and vouches let good actors carry their reputation with them.
Building for AI agents? Agent authorization uses its own verification-strength model, with its own checking and recording of every decision.
Explore AI Agent Authorization →Compliance & the audit trail
Compliance modules overlay regulation-specific behavior — GDPR, CCPA, healthcare, and more — onto the flows you already have. Enable a module and your flows gain its required disclosures, records, and safeguards.
Underneath everything, every decision lands in a tamper-proof audit trail you can export as evidence when an auditor or regulator asks.
See our security and compliance posture →