Enterprise onboarding in 30 days
Every onboarding promise is a lie until you actually deliver it. We promise 30-day onboarding, and we mostly keep it. Here is the week-by-week recipe, plus two outliers: one where we went live in 9 days, and one where 30 days became 11 weeks.
The 30-day structure
Week 1 â data audit + tenant provisioning
- New tenant row in the central backend's Postgres under FORCE RLS. Slug, legal name, host, billing settings.
- Sealed Secret rotates on NIP (Nortinia Internal Platform); Flux pushes it to the nodes automatically.
- We run a data audit against the customer's existing systems: what ERP, what API surface, which identity provider, how we want to SSO.
- Output: a signed scope document and the tenant in
provisionedstate on the central backend.
Week 2 â storefront branding + first webhook
- A new storefront app gets deployed (Next.js 16, scheduled to one of our XCP-ng hypervisor nodes as a Kubernetes pod).
- The customer's logo, palette, typography land in the tenant-config JSONB.
- The first webhook integration ships: usually the customer's existing ERP â us. Of 14 design partners, 11 had ERP as the first integration; 3 had CRM.
- Output: working storefront at
<customer>.nortinia.com+ live ERP webhook.
Week 3 â first workflow + first AI assistant tour
- We set up the first Nortinia Engine workflow for the tenant. Usually an order-processing flow or a quote-routing flow.
- The AI assistant (chat-panel) ships to both the storefront and admin. The customer's staff meets it in a 90-minute guided tour. SITE_NAV MCP tools introduce themselves.
- Output: a live workflow, and the staff knows what the chat agent is and what it is good for.
Week 4 â training + go-live
- Two role-specific trainings (admin, operator), 3 hours each.
- Go-live checklist: all monitoring green, all webhooks have passed test orders, graceful shutdown rehearsal passed, Sentry project active, backup pipeline triggered.
- Cutover.
The 9-day outlier
A logistics customer came in October 2025 with a working in-house ERP that handed us a clean OpenAPI 3.1 spec. They wanted SSO via Microsoft Entra ID, which is standard for us. Branding was minimal. Their workflow was an almost 1:1 mirror of our existing order flow. Two roles, eight users.
We went live in 9 days. Not because we were fast. Because every input was unambiguous and there was no internal politics on their side.
The 11-week outlier
A financial advisory firm whose audit-trail compliance was so strict that every mutation needed an internal legal review first. By week 4 we realised their audit_event masking needs were deeper than the regex+ML masker we had built. We needed a custom rule set. Then in week 6 they asked for a never-built GDPR data-export pipeline ("give us every data point on a user as one CSV within 30 days"). The last three weeks were writing a custom job runner that walks Postgres by hashed user-id.
The lesson is not "don't take financial customers". The lesson is: ask for the compliance document in week 1, not week 4.
What we made non-negotiable
- The 90-minute tour is mandatory. Tenants who skipped it generated 5x more support tickets two months in.
- The week-1 scope document is signed. No signature, no deploy.
- Sealed Secret rotation runs from a checklist. Not manual. We have not had a secret leak in six months.
How many onboardings have we run
14 design partners + 9 paying customers = 23 onboardings in 2026 so far. 19 stayed within 30 days. 2 outliers (9 days and 11 weeks). 2 currently in flight.
The pipeline is predictable now. That does not mean every tenant looks the same. It means the pipeline knows what to ask them in week 1.