Thaliq
Get started
Solution playbook · Embedded SaaS

Ship agents inside your SaaS, scoped per tenant.

A complete implementation guide for embedding AI agents inside your own product — where each of your tenants gets isolated state, isolated data, isolated audit, and the plan they pay for is enforced on the server, not in their browser.

10 min read Industry fit: vertical SaaS · PMS · EHR · HRIS · marketplaces Stack: Multi-tenant product with server-side plan logic
Talk to sales Start free
The challenge

Why embedding AI in a multi-tenant product is harder than it looks.

Adding 'AI features' to your roadmap is one thing. Building an agentic engine that respects your tenant model, plan gating, white-label and audit story — that's a year of platform work most product teams don't have.

Tenants leak into each other
Conversation state, RAG documents, audit logs — without strict per-tenant isolation, a bad query or a buggy webhook ends up showing tenant B's data to tenant A. The blast radius is huge.
Plan gating gets bypassed in the client
If your free-tier check lives in your React code, your customers will find it. Plan limits have to be enforced on the server, or they're not enforced at all.
White-label is manual and brittle
Each new tenant means another widget config, another logo upload, another set of CSS overrides. Without a clean primitive for per-tenant branding, you ship the next bug per release.
Building from scratch is a year you don't have
Multi-tenancy + agentic loop + RAG + HITL + audit + billing instrumentation — six platform problems your product team isn't staffed to solve while shipping the rest of the roadmap.
The approach

Four primitives that make embedding tractable.

Thaliq's architecture is multi-tenant by default — not as a feature, as a foundation. Embedding inside your SaaS uses all four primitives without any 'tenancy retrofit' work on your side.

01
One tenant in Thaliq per tenant in your SaaS
Each of your customers maps 1:1 to a Thaliq tenant. Conversations, documents, agents and audit logs are isolated automatically. There is no shared state to leak.
02
Plan gating enforced on the server
Each tenant has a plan with limits (requests/month, RAG storage, channels). Limits are checked in the Thaliq backend on every request. The client UI is informed, not the source of truth.
03
Embed widget with one line
Your customer's site embeds a script tag tied to their Thaliq tenant. Branding (colors, copy, logo) is configured per-tenant. White-label removes the 'Powered by Thaliq' on Enterprise.
04
Audit and observability per tenant
Each tenant sees only their own audit log, only their own metrics. You see the global view across all your customers. Compliance asks: you answer per-tenant in under five minutes.
Division of labor

What Thaliq handles. What you control.

Thaliq is the agentic engine your product calls into. The opinionated parts — pricing, packaging, branding rules, your customer relationships — stay yours.

Thaliq handles
  • Per-tenant isolation of conversations, documents and audit
  • Plan-limit enforcement at the API boundary
  • Embed widget with per-tenant branding
  • Model routing and MCP gateway per tenant
  • Resumable HITL flows scoped to each tenant
  • Multi-channel delivery (widget, WhatsApp, Telegram, Slack)
  • API keys + rotation per tenant
You control
  • Your tenant model and onboarding flow
  • Plan packaging (what's in Free / Pro / Enterprise)
  • Billing collection and dunning
  • Branding kit per tenant (logos, colors, copy)
  • Which integrations each tenant can wire up
  • Tenant data residency and compliance posture
Implementation

From first tenant to GA in four weeks.

A typical deployment for a SaaS team with one backend engineer on point. Faster if your tenant model is already clean; slower if you need to add a tenant primitive on your side first.

  1. Week 1 01
    Tenant mapping and API keys

    Map your tenant entity to a Thaliq tenant. Decide the 1:1 (your tenant id → Thaliq tenant id). Generate API keys per tenant via our backoffice or our API. Stage the integration.

    Tenant mapping spec API key rotation policy Staging integration
  2. Week 2 02
    First agent + widget

    Configure the first agent (the one you'll ship to all tenants by default). Embed the widget in your product behind a feature flag. Onboard 2-3 internal tenants and pressure-test isolation.

    Default agent v1 Widget behind flag Isolation tests passed
  3. Week 3 03
    Plan gating and per-tenant config

    Map your plans to Thaliq plans. Decide what each plan unlocks (model access, channels, RAG storage). Add per-tenant branding controls in your admin UI.

    Plan mapping live Per-tenant branding UI Server-side limits verified
  4. Week 4 04
    Open beta to real tenants

    Pick 5-10 paying tenants for an opt-in beta. Monitor isolation, plan enforcement and channel delivery. Tune. GA to the rest of the base.

    Beta with real tenants Monitoring dashboard GA rollout plan
Scenario walkthrough

A new tenant onboards and turns on AI.

What it looks like when one of your SaaS customers signs up, configures their agent and goes live — without any work on your end beyond shipping the embed.

conversation · agent-7711
channel: web
event: tenant.onboarding · plan: Pro · tenant_id: acme-corp
Your SaaS triggers a Thaliq webhook on tenant creation. The Thaliq tenant is provisioned with the matching plan.
Customer
How do I set up my own agent?
channel: in-app studio · auth: tenant-scoped JWT
The customer accesses Studio embedded inside your product. The session is scoped to their Thaliq tenant — they cannot see or touch anything outside of it.
Agent
Welcome. I see you're on the Pro plan: 20,000 requests/month, Claude Sonnet routing, custom widget branding. What kind of agent do you want to build?
plan_limits_resolved: ok
The agent reads the plan from Thaliq and tailors the experience. The customer can't lie about their plan — it's read server-side.
Customer
A support agent that helps end-users with appointment booking and cancellations. Brand colors are in our admin.
Agent
Configuring: appointment-support agent · channel: widget · branding: pulled from your tenant config. Connecting to your booking API as a tool. Ready to test?
tool: configure_agent · tool: register_tool(booking_api) · branding: applied
Branding inheritance is automatic. The booking API integration uses the tenant's own credentials, stored in Thaliq's secret manager.
Customer
Yes, test against my staging data first.
Agent
Staging mode on. The widget preview is now live in your admin. Send a test message; I'll route it through your booking tool against staging credentials.
Staging vs production is a tenant flag — no shared environments between your tenants.
Outcomes

What SaaS teams typically see after 90 days.

Ranges, not promises. Variability comes from how clean your tenant model is, what plans you offer, and how aggressively you market the new AI features to your base.

<4 wks
Time to first AI feature
From integration kickoff to GA across the base
30-50%
Tenant activation on AI
% of paying tenants who turn on the feature in Q1
0
Cross-tenant incidents
Isolation enforced at the API boundary
100%
Plan-gate accuracy
Every plan limit checked server-side, never bypassable

Activation depends heavily on your in-product messaging and the agent's first-run quality. We don't quote numbers we can't replay.

Side by side

What changes vs building it in-house.

Comparing a year of in-house platform work (multi-tenant agentic loop + plan gating + white-label) to embedding Thaliq.

Aspect Build in-house Thaliq embedded
Time to first AI feature 9-12 months 2-4 weeks
Tenant isolation Custom architecture Built into every request
Plan gating Server logic to add per feature Plan config object, enforced API-side
Widget branding Build a theming layer Per-tenant config, ready to use
Audit per tenant Plumb logs by tenant id Native, filterable, exportable
Model routing Pick one, regret later Claude / GPT / Llama / custom
Multi-channel Build per channel Widget / WhatsApp / Telegram included
Compliance posture Document yourself SOC2 / GDPR / DPA inherited
Readiness check

Is your product ready to embed AI?

Embedding pays back fast when your tenant model is already clean. If your SaaS is single-tenant or your tenancy is informal, fix that before adding agentic features.

Is your product genuinely multi-tenant with a clear tenant_id on every record?
fit

Strong fit — Thaliq maps 1:1 to your tenant model. The isolation work is done.

Do you already have plans or tiers in production?
fit

Strong fit — plan gating becomes a config translation, not a build.

Can your customers' end users authenticate to your product today?
fit

Strong fit — the same auth flows the agent. No new identity layer needed.

Are you in a vertical with strict compliance (health, finance, government)?
consider

Consider — fit, but plan for HIPAA / SOC2 / DPA conversations in week 1. These are paths we walk often; we'll bring the templates.

Does your product treat tenancy as a soft convention (logical separation but shared tables)?
consider

Consider — Thaliq will still work, but you'll inherit your existing isolation risks. Worth a hardening pass before scaling agents.

Is your product still single-tenant or pre-product-market-fit?
caution

Caution — embedded agents are an amplifier. If the underlying product isn't ready for multi-tenant scale, AI features will surface that fact faster than expected.

Ready to embed?

We'll scope the tenant mapping and the first agent in one call. Bring your tenant model and your plan structure; we'll show you the integration end to end.

Talk to sales Start free
Other playbooks
Customer support
HITL · escalation · multi-channel
Internal copilot
MCP · token passthrough · for ops teams