Paxy is restricted to admin and executive users and is designed as a read-only reporting assistant.
Who can use Paxy
The Paxy launcher is shown only to users with admin or executive access.
The backend also checks role access on Paxy routes. Hiding the launcher is not the only control.
PAX supports multi-role users. A user with any allowed role can use Paxy; a user without admin or executive cannot.
Tenant isolation
Paxy uses the same tenant-scoped request protections as the rest of PAX.
Before Paxy routes run, PAX verifies the logged-in session and tenant. A request is rejected if the session tenant does not match the request tenant.
Read-only behavior
Paxy is read-only.
It cannot:
- Create records.
- Update records.
- Delete records.
- Post journal entries.
- Ship orders.
- Receive purchase orders.
- Create invoices or payments.
- Reconcile statements.
- Close periods.
- Change settings.
For data reports, PAX validates that the generated query is a single SELECT or WITH ... SELECT statement. Write operations, admin commands, transaction commands, and other unsafe SQL operations are rejected.
PAX runs the report query inside a read-only transaction with a short statement timeout.
Data areas Paxy can use
Paxy can use curated data groups, depending on the question:
| Data group | Examples of included data |
|---|---|
| Sales | Customers, prospects, quotes, sales orders, shipments, invoices, invoice lines, returns, payments, activity, campaigns, sort codes, tax rates, and related tables. |
| Manufacturing and Inventory | Inventory, lots, adjustments, usage history, cycle counts, BOMs, routers, work centers, work orders, materials, labor, completions, scrap, overhead rates, and employees. |
| Purchasing | Vendors, contacts, purchase orders, PO lines, receipts, work-order PO links, vendor invoices, vendor payments, check runs, payment terms, and purchasing summaries. |
| Accounting | Chart of accounts, journal entries, fiscal periods, fiscal balances, payments, customer credits, AP/AR data, bank reconciliation, credit cards, depreciation assets, projects, invoices, and invoice lines. |
| Shared tables | Common lookup and reference tables such as customers, vendors, inventory, accounts, addresses, payment terms, shipping methods, sort codes, tax rates, and projects. |
| System context when relevant | Audit log, tenant configuration, system settings, FedEx configuration, and email configuration. |
Paxy does not send the entire database to the AI model by default. It selects relevant groups and sends a filtered schema summary.
Data not sent to the AI model
PAX omits known private fields from AI-facing schema summaries and from rows sent to the summary model.
Examples include:
- Password fields.
- User session fields.
- API keys, tokens, and secrets.
- Employee PINs.
- Raw receipt attachment data.
- FedEx label data.
- Tenant logo data.
- Email HTML body content.
- Email template content and attachments.
PAX also treats future column names containing private patterns such as password, api_key, token, or secret as model-private unless reviewed.
Export behavior
In normal UI use, Paxy CSV and PDF exports are downloaded from the answer in the same Paxy session.
CSV export uses a signed export token when available. The token is tied to the tenant and user and expires after 2 hours.
PDF export uses the result already returned to the user. It does not ask the AI model to reinterpret the question.
Troubleshooting
A user cannot see Paxy
Likely cause: The user does not have admin or executive access.
Safe fix: Use normal PAX reports, or ask an admin to review whether Paxy access is appropriate.
Contact support if: The user has the correct role but cannot see or open Paxy.
Paxy says tenant access is denied
Likely cause: The logged-in session tenant does not match the request tenant.
Safe fix: Sign out and back in on the correct PAX tenant site.
Contact support if: The message continues after a fresh login.
Paxy cannot answer a question about sensitive setup data
Likely cause: The field may be intentionally excluded from AI-facing schema or summary data.
Safe fix: Use the appropriate protected PAX screen or controlled export workflow instead of asking Paxy for private fields.
Contact support if: A non-private field appears to be unavailable.