Scanix Docs
Capture data & automateAI capture

AI providers, routing & privacy

Connect cloud keys or on-device models, choose a routing policy, and control cloud egress.

This is the reference for how Scanix decides which AI model reads each document and what is allowed to leave the machine. Use the tables below to look up every provider, routing policy, and privacy control, plus exactly where each one lives. Scanix is bring-your-own-cloud: cloud calls go straight from your machine to your own Anthropic or OpenAI account, and on-device extraction is always available.

Providers

You choose between running extraction on this machine or sending it to a cloud provider you supply the key for.

ProviderKindWhere data goesKey needed
On-device (local)LocalStays on the machine — no cloud egress; uses installed local modelsNo
Anthropic (Claude)Cloud (BYO key)Your own Anthropic accountYes
OpenAI (GPT)Cloud (BYO key)Your own OpenAI accountYes

Bring your own cloud

Cloud calls bill to your Anthropic or OpenAI account, not to Scanix — Scanix never sees your key or your documents on that call and never bills for tokens. Bring-your-own cloud key is a plan entitlement: without it, the cloud options appear with a lock and an upgrade prompt, while on-device extraction stays available on every plan.

Screenshot

Settings → AI Providers: the Cloud providers (BYO key) card with Anthropic (Claude) and OpenAI (GPT) rows, each showing a Configured / Not configured status pill. — shot ai-capture-providers-and-privacy-01

Provider routing policy

A routing policy decides which provider handles each document. It is set per template and per Job Group on the AI Services tab (under Provider routing), and a global default is set in Settings → AI Services.

PolicyWhat it does
Local first, cloud fallbackRuns the on-device model first; escalates to the cloud only when verification fails. The recommended default.
Local onlyNever calls the cloud. Fails the run if the local model can't satisfy it.
Cloud onlyAlways uses the configured cloud provider. No local fallback.
Pinned to one providerForces one fixed provider and model, with no fallback — for reproducible, audit-friendly runs.

Depending on the policy, an extra provider picker appears:

PolicyExtra pickerChoices
Local first, cloud fallbackCloud fallback providerAnthropic (Claude) / OpenAI (GPT)
Cloud onlyCloud providerAnthropic (Claude) / OpenAI (GPT)
Pinned to one providerPinned providerAnthropic (Claude) / OpenAI (GPT)
Local only

Privacy mode wins over routing

When Privacy mode: local only is on, routing is locked to local-only and the radio buttons above are disabled, whatever policy was selected.

Screenshot

The Provider routing section on a template's AI Services tab: the four policy options as radio cards with Local first, cloud fallback selected, and the Cloud fallback provider picker beneath. — shot ai-capture-providers-and-privacy-02

Privacy & cloud egress

Two controls govern what may leave the machine. Privacy mode: local only is a hard block; I acknowledge cloud egress is the consent required before any cloud call.

ControlWhereEffect
Privacy mode: local only (per template / per group)AI Services tab → PrivacyHard-blocks the document from leaving the machine — overrides any routing policy.
Privacy mode: allow cloud egress (per template / per group)AI Services tab → PrivacyPermits cloud calls when the routing policy needs them.
I acknowledge cloud egressAI Services tab → Privacy (shown only when cloud is allowed)Must be ticked before the template or group can make cloud calls; the save is rejected without it.
Local-only mode (no cloud egress)Settings → AI ServicesPrivacy & fallbackGlobal hard-block: stops every AI service from sending document content to a cloud provider, regardless of per-group routing.

Ticking egress sends document text to the cloud

When you tick I acknowledge cloud egress, document text — including any names, IBANs, or other PII it contains — is sent to the configured cloud AI provider. Leave Privacy mode: local only on for material that must stay on the device.

Screenshot

The Privacy section on the AI Services tab: the Privacy mode: allow cloud egress toggle with the amber I acknowledge cloud egress consent checkbox shown beneath it. — shot ai-capture-providers-and-privacy-03

Auto-accept confidence threshold

Straight-through processing is governed by a single confidence bar in Settings → AI ServicesAutomation.

SettingRangeDefaultEffect
Auto-accept above N% confidence50–99%97%Documents whose extracted fields all clear the bar export automatically; anything below is held for review. Raise it for more checking, lower it for more automation.

Where to configure

You want to…Go to
Add or remove a cloud API keySettings → AI ProvidersCloud providers (BYO key)
Set the global default provider & routing policySettings → AI ServicesDefault provider & routing
Set the global auto-accept thresholdSettings → AI ServicesAutomation
Set the global local-only hard blockSettings → AI ServicesPrivacy & fallback
Set routing & privacy for one templateTemplate DesignerAI Services tab
Set routing & privacy for one Job GroupJob Group DesignerAI Services tab

Default provider options

In Settings → AI Services, Default provider offers Automatic, Anthropic (Claude), OpenAI (GPT), and On-device (local). The cloud options note that they require a configured key in AI Providers.

Cloud API keys

Add a key in Settings → AI Providers: expand the Anthropic (Claude) or OpenAI (GPT) row, enter the key, and Save. The row then shows a Configured status with the last four characters; Test verifies it and Clear removes it.

Environment-variable fallback

If no key is stored in AI Providers, Scanix falls back to the ANTHROPIC_API_KEY or OPENAI_API_KEY environment variable for that provider, and the key row flags when a key is coming from the environment. A stored key takes precedence over the environment.

Good to know

Next steps

AI providers, routing & privacy — Scanix Docs · Scanix