How It Works - CSA Demo Portal

Tech Stack

Built with modern, Microsoft-friendly technologies:

Node.js Express SQLite Docker Traefik Let's Encrypt

Azure OpenAI (GPT-4o) Azure AI Search Microsoft Learn MCP Azure Communication Services

Architecture Overview

User

CSA Team Member

Traefik
Reverse Proxy + TLS

Node.js App
Express + SQLite

Azure OpenAI

GPT-4o

AI Search

RAG Knowledge

MS Learn MCP

Documentation

Demo Builder Pipeline

When you request a custom demo, here's what happens:

1

Request Submitted
Customer name, requirements, options saved to queue

2

AI Research Phase
GPT-4o researches the customer's mission, challenges, and tech landscape

3

Demo Generation
AI generates tailored demo HTML with customer-specific use cases

4

Deployment
Demo files written to /demos/{customer-slug}/, immediately accessible

5

Notification
Webhook callback updates status, optional email notification

Typical build time: 2-3 minutes

Ask FACTS (AI Assistant)

The floating AI assistant uses function calling to provide grounded, accurate answers:

// Function calling with MCP tools
const tools = [
    {
        type: "function",
        function: {
            name: "microsoft_docs_search",
            description: "Search Microsoft Learn documentation",
            parameters: { query: "string" }
        }
    },
    {
        type: "function",
        function: {
            name: "microsoft_docs_fetch",
            description: "Fetch full content from a docs URL",
            parameters: { url: "string" }
        }
    }
];

// GPT-4o decides when to call tools
const response = await openai.chat.completions.create({
    model: "gpt-4o",
    messages: conversation,
    tools: tools,
    stream: true  // SSE streaming for real-time responses
});
            

When you ask about Azure or Microsoft 365, the AI can search official documentation in real-time via the Microsoft Learn MCP server.

Security Model

Authentication

bcrypt password hashing (cost factor 10)
Session-based auth with secure cookies
Role-based access (admin/editor/viewer)
Account request workflow with approval

Audit Logging

All page views logged with timestamp
User actions tracked (demo views, requests)
Admin access to full audit trail
IP address recording

Infrastructure

Docker containerization
Traefik with auto-TLS (Let's Encrypt)
Secrets via environment variables
Webhook auth with HMAC signatures

Azure Services

API keys stored in .env (gitignored)
Azure AD ready for SSO integration
Content Safety filtering on AI responses

Learn More

Interested in building something similar? Check out these resources:

Azure OpenAI Docs

Azure AI Search

MCP Protocol