← All work
Applied AI · Data

Resumate

A structured career-data engine and reference implementation for portable, verifiable work history.

Resumate is the Structured Career Data Engine and the Reference Implementation for Identity Bridge's "Clean Room" architecture.

It proves that you can build highly personal apps (Resume Optimization) without storing toxic PII.

Documentation

  • Strategic Doctrine: ../../Chroma/src/docs/Projects/Resumate/definition.md
  • Architecture: docs/ARCHITECTURE.md
  • API Reference: docs/API.md
  • Runbook: docs/RUNBOOK.md

Note: apps/client/docs/* contains legacy docs from the pre-thin-client implementation and should not be treated as canonical for the current runtime.

Architecture

  • apps/server: Express API for resume analysis/refinement + identity-runtime + notification-plane integration.
  • apps/client: dumb UI client that only calls backend endpoints.
  • No image-generation runtime is used.

Runtime Access Modes

  • standalone_local: keep Resumate isolated and point runtime env at manually managed local services
  • titan_bridge: the canonical local integration path; source eval "$(titan bridge profile resumate)"
  • deployed_remote: use deployment-managed runtime URLs; localhost runtime URLs are not valid there

Run

pnpm install
pnpm dev
  • Client: http://localhost:3002
  • Server: http://localhost:3001
  • Identity Runtime is server-mediated: the browser talks to apps/server, and the server proxies identity-runtime requests.

If Titan is hosting the runtimes, source the bridge profile first:

eval "$(titan bridge profile resumate)"

To verify the bridge-aware local flow end to end, run bash scripts/titan_smoke.sh.

The client defaults to same-origin /api calls. In local dev, Vite proxies /api to the server.

Environment

  1. Copy server env:
cp apps/server/.env.example apps/server/.env
  1. Optionally copy client env:
cp apps/client/.env.example apps/client/.env

Identity Runtime Integration

Resumate server integrates with identity-runtime via:

  • POST /api/identity/session/init -> /v1/identity/session/init
  • GET /api/identity/session/me -> /v1/identity/session/me

For protected route enforcement against identity-runtime session existence:

  • Set IDENTITY_RUNTIME_ENFORCE=true
  • Send X-Session-Id from client (already handled in apps/client/src/services/api.ts)

Notification Plane

Resumate exposes notification intent proxying:

  • POST /api/notify/intent -> /v1/notify/intent
  • POST /api/notify/invite -> /v1/notify/invite

If identity-runtime uses internal plane secret protection, configure:

  • IDENTITY_INTERNAL_SECRET=<same as identity-runtime INTERNAL_PLANE_SECRET>

Commands

  • pnpm dev: run client + server in parallel
  • pnpm build: build all packages
  • pnpm test: run server API tests

API Endpoints

  • GET /health
  • POST /api/identity/session/init
  • GET /api/identity/session/me
  • POST /api/identity/access/request
  • POST /api/identity/access/redeem
  • POST /api/notify/intent
  • POST /api/notify/invite
  • POST /api/jobs/parse-url
  • POST /api/jobs/extract
  • POST /api/resumes/analyze
  • POST /api/resumes/refine-section

Titan Bridge

The browser never talks to runtimes directly. It talks to apps/server, which owns the runtime URLs and proxies to identity-runtime, text-runtime, and browser-runtime as needed. The backend reads IDENTITY_RUNTIME_URL, TEXT_RUNTIME_URL, BROWSER_RUNTIME_URL, and DATABASE_URL from its environment, so the Titan bridge profile and repo-local .env.local keep the server-side runtime wiring aligned.