Skip to content

Core concepts

Everything you build on Overturo is made of a few objects. This page walks through them in the order you'll meet them — from your application to the decisions your users see.

Looking for the map of everything Overturo covers? See the Seven Surfaces

Application — your workspace for one integration

An application is the container for one product or brand you connect to Overturo. It owns your credentials, the flows you publish, the connectors you enable, your webhooks, and your branding. One account can hold many applications.

Environments
Five isolated environments — from development to production — each with its own credentials, so testing never touches live data.
Visibility
An application starts private. You can list it for your organization, publish it to the shared gallery, or apply for a verified badge.
Who can own one
An organization, an individual, or an AI agent — trust runs in every direction.

Example: a clinic registers one application for its patient portal — its intake flow, verification checks, and audit trail all live there.

See complete application starting points →

Building blocks — capabilities you compose

Building blocks are ready-made capabilities you assemble into your application: sign-in providers, verification checks, agent connectors, compliance modules, and supporting infrastructure.

Sign-in · 11 Verification · 6 AI agents · 7 Compliance · 5 Infrastructure · 3

You compose blocks in a visual builder. The result is one flow, one screen for your users, one integration to maintain.

Browse blueprints and their building blocks →

Connectors — data sources you plug in

Connectors are third-party data and verification providers your application can draw on — financial data, identity verification, background checks, and more. You bring or configure the provider credentials; Overturo handles the integration.

How they differ: a building block is a step in your flow — something your users experience. A connector is a source that step can call — where the data or verification comes from.

Financial data · 5 Identity verification · 4 Age verification · 2 Address verification · 3 Credit assessment · 3 Venue platforms · 3 Meeting platforms · 3 Background checks · 2 Phone & email verification · 2 Sanctions & compliance · 2 Health data · 1 Learning platforms · 1
See recommended connectors by blueprint →

Flows, policies, agreements, authorities

What you publish comes in four families — 15 types in all. Each is designed in the setup wizard, previewed exactly as participants will see it, and versioned once live.

Flows

Collect consent or gate access to something you offer.

  • Standard consent
  • Access gate

Policies

Encode a data-rights rule: preferences, requests, licenses, offers.

  • Privacy preference
  • Data request
  • Recurring obligation
  • Data license
  • Data portability
  • Bounty
  • Data offer
  • Broadcast

Agreements

Bind multiple parties: signatures, negotiations, group votes.

  • Mutual agreement
  • Group decision
  • Collaboration

Authorities

Grant bounded power to act — to a person, a stand-in, or an AI agent.

  • Emergency plan
  • Agent authority

Any of them can be authored by a business, by a person, or jointly — trust on Overturo runs both ways.

Start from a ready-made template →

Decisions — what your users see

Every flow, agreement, or approval reaches a person as a Decision: a clear page that says who's asking, what for, and what saying yes means. Decisions handle consent, approvals, and signing.

Where it appears
On a hosted page you share as a link, embedded inside your product, or by redirect — the same decision, your choice of delivery.
The Inbox
Every pending decision also lands in the person's Inbox, so nothing gets lost between channels.
See how a decision reaches people →

Trust progression — earned, not assumed

Trust builds stepwise. Trust Levels let your application unlock more access as a relationship matures — start with an email address, earn the rest. Trust scores and vouches let good actors carry their reputation with them.

Building for AI agents? Agent authorization uses its own verification-strength model, with its own checking and recording of every decision.

Explore AI Agent Authorization →

Compliance & the audit trail

Compliance modules overlay regulation-specific behavior — GDPR, CCPA, healthcare, and more — onto the flows you already have. Enable a module and your flows gain its required disclosures, records, and safeguards.

Underneath everything, every decision lands in a tamper-proof audit trail you can export as evidence when an auditor or regulator asks.

See our security and compliance posture →

Ready to build?