Cody was built from the start to be deployable inside a corporate environment without requiring administrator accounts, Microsoft Graph permissions, or a back-end server of any kind. Version 0.8.0 introduced the security hardening necessary to take the application from a developer prototype to an internal pilot candidate. This guide covers what is already ready, what still needs to be done before a wider rollout, the two distribution paths available (NSIS installer and Microsoft Store), and the step-by-step process for getting Cody onto team members’ machines today.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/miu-ll/Cody-assistant/llms.txt
Use this file to discover all available pages before exploring further.
Current pilot readiness
Cody is ready for a limited internal pilot. The following capabilities are already production-quality:Electron security hardening
https:// links open in the system browser. Browser permission requests (camera, microphone, notifications) are denied by default.Local Outlook COM integration
AI classification with Azure OpenAI
Per-user data storage
%APPDATA%/cody-desktop-assistant/ on the individual user’s machine. There is no shared database, no central server, and no data ever written to the repository.Export, backup, and diagnostics
Per-user installer, no admin
Pilot prerequisites
Before rolling out to a pilot group, confirm the following conditions are met:- Users are on Windows with Outlook Classic installed and a corporate profile configured and open.
- The organization accepts that Cody reads email metadata and calendar entries via local COM automation (no cloud permission).
- A responsible person is available to handle support tickets and collect diagnostic exports from users who encounter issues.
- Either AI is disabled (uses local classifier) or an Azure OpenAI endpoint in the corporate tenant is configured — personal OpenAI API keys should not be used in a corporate pilot.
Distribution options
Option 1 — NSIS installer (recommended for direct corporate deployment)
The fastest path to getting Cody on team members’ machines is sharing the NSIS installer produced bynpm.cmd run package:win.
- Windows SmartScreen shows an “Unknown publisher” warning with a “More info → Run anyway” option.
- On Windows 11 machines with Smart App Control (SAC) enabled, the installer may be blocked with no bypass option. See the Code signing section below.
Option 2 — Microsoft Store (resolves code-signing, enables auto-updates)
Publishing Cody on the Microsoft Store eliminates the need to purchase a code-signing certificate — Microsoft signs the package during certification. The Store also manages auto-updates automatically once an update is published.Create a Microsoft Partner Center account
Reserve the app name
Copy identity values into package.json
package.json and replace the placeholder values in the appx section:identityName with the Identity Name from Partner Center (format: <PublisherID>.<AppName>), and replace the publisher CN value with the Publisher GUID-based string from Partner Center.Build and test the MSIX package locally
.appx file in outputs/. Install and test it on a real Windows machine before submission. COM automation and PowerShell operate correctly in MSIX full-trust containers, but the packaging changes the file system context — verify that Outlook sync, task creation, and export all work from the installed MSIX.Upload to Partner Center and complete the listing
.appx, add a description, screenshots (available in presentacion_assets/), and age rating. A privacy policy URL is mandatory — publish PRIVACY.md as a web page (e.g. GitHub Pages or any public URL) and paste that URL into the Store listing.Store technical considerations
COM automation and PowerShell under MSIX
COM automation and PowerShell under MSIX
.appx package runs in an MSIX full-trust container, which means Outlook Classic COM automation and PowerShell scripts do work — but the container imposes its own file system virtualization. Always install and test the .appx locally before submitting it to certification to catch any path or permission issues that do not appear in the unpackaged build.Launch at startup under MSIX
Launch at startup under MSIX
StartupTask manifest declaration. If the Store route is pursued and launch-at-startup is a required feature, the MSIX manifest must be updated to declare a StartupTask entry — the current Settings toggle may have no effect in the Store build.Store commission and B2B licensing
Store commission and B2B licensing
Code signing
Without a corporate code-signing certificate, Windows presents friction at installation time:SmartScreen warning
Smart App Control block
- SmartScreen no longer shows the “Unknown publisher” warning.
- Smart App Control does not block the installer.
- On corporate-managed machines (domain-joined or Intune-enrolled), IT can deploy the certificate to the trust store before distribution.
AI configuration for enterprise
- Email subject line
- Sender name
| Setting | Description |
|---|---|
| Endpoint URL | The Azure OpenAI resource endpoint (e.g. https://your-resource.openai.azure.com/) |
| Deployment name | The name of the deployed model (e.g. gpt-4o) |
| API key | The API key from the Azure portal for that resource |
%APPDATA%/cody-desktop-assistant/ and never transmitted anywhere other than to the configured endpoint.
Alternative: disable AI
If the organization cannot approve Azure OpenAI usage in time for the pilot, AI can be left unconfigured. Cody will use its built-in local keyword classifier for email-to-task suggestions. Classification quality is lower but requires zero network access.
What is needed before a wider deployment
The following items must be completed before Cody is ready for sale or wide deployment beyond a small pilot group:Security and compliance
Security and compliance
- Installer signed with a corporate code-signing certificate from IT
- SCA (Software Composition Analysis) dependency scan reviewed and approved by IT — verify all third-party packages against the organization’s approved-software list
- Formal EULA and privacy policy reviewed by legal (the current
EULA.mdandPRIVACY.mdare drafts) - Defined data retention and data deletion policy (what happens to
%APPDATA%/cody-desktop-assistant/when an employee leaves) - Formal validation of Azure OpenAI data processing requirements if AI is enabled
- Incident reporting procedure and responsible contact defined
Build and release pipeline
Build and release pipeline
- Reproducible build pipeline using GitHub Actions or Azure DevOps (so any developer can produce a verifiably identical installer from a tagged commit)
- Versioned releases published to a private GitHub Release or internal artifact repository
- Defined update strategy: manual distribution, MDM/Intune push, or Store auto-update
- Maintained
CHANGELOG.mdwith notes for each version
Testing and quality
Testing and quality
- Smoke test suite for the installer (install, launch, onboarding, Outlook sync, task creation, export, uninstall)
- Demo environment with synthetic data only — never use real company tasks, emails, or employee names for demonstrations
- Antivirus and application control compatibility verified on representative corporate hardware
Support and product
Support and product
- Defined support channel (email alias, Teams channel, or ticketing system)
- Documented common error resolutions: Outlook closed, profile not configured, antivirus blocking COM, PowerShell execution policy
- Commercial terms defined if selling to external customers: pricing model (per-user, per-area, per-installation), EULA, SLA
- Landing page or product sheet for external presentation
Recommended milestone: version 1.0 enterprise release
The path from the current pilot to a version 1.0 ready for enterprise sale or wide deployment:- Signed installer + completed release checklist
- Final privacy policy and EULA reviewed by legal
- Reproducible build pipeline (GitHub Actions or Azure DevOps)
- Demo prepared with synthetic data (not real company content)
- 2-week pilot with 5–10 users, tracking incidents and usability feedback
- Incident log reviewed and critical issues resolved before expanding rollout
Team rollout steps
Use this procedure to deploy Cody to a team today using the NSIS installer:Build the installer
outputs/Cody Setup <version>.exe and outputs/Cody-<version>-portable.exe, and copies both to the team work folder automatically.Distribute the installer
outputs/Cody Setup <version>.exe with each team member via the shared folder, email, or an internal file sharing system. Include a note that Windows may show a SmartScreen warning for unsigned installers — users should click “More info” → “Run anyway”.Each user installs and completes onboarding
Sync Outlook Classic
(Optional) Configure Azure OpenAI for AI classification
- Azure OpenAI endpoint URL
- Deployment name
- API key