Developer Sandbox
The PHX Terminal sandbox is the entry point for every third-party developer. It provides a secure, isolated environment where applications can be built and tested against the platform’s APIs without any risk to production systems or to sensitive client data. The sandbox is what makes an open ecosystem safe enough for the legal industry.
What developers can do
Section titled “What developers can do”The sandbox supports the full development lifecycle for legal applications:
- Build applications against the platform’s APIs and SDKs
- Test integrations with platform services and other apps
- Simulate workflows in a realistic, production-like environment
- Validate compliance before submitting to the marketplace
- Access APIs through managed, scoped credentials
- Train AI models against approved, isolated data
- Deploy securely once an application passes review
stateDiagram-v2
[*] --> Build
Build: Build applications (APIs and SDKs)
Build --> Test
Test: Test integrations
Test --> Simulate
Simulate: Simulate workflows (production-like)
Simulate --> Validate
Validate: Validate compliance
Validate --> Review
Review: Submit to review
Review --> Deploy: passes review
Review --> Build: changes required
Deploy: Deploy securely
Deploy --> [*]: published to marketplace
note right of Build
Every state runs isolated —
no access to other tenants
or production data
end note
The sandbox lifecycle runs build through deploy inside full isolation; an app only leaves the sandbox by passing review on its way to the marketplace.
Sandbox features
Section titled “Sandbox features”| Feature | Purpose |
|---|---|
| Secure isolated environments | Each developer’s code runs contained, with no access to other tenants or production data |
| API libraries | Ready-to-use client libraries for the platform’s API surface |
| SDK access | Official SDKs for popular and platform-specific languages |
| Compliance enforcement | Policies and checks applied automatically within the sandbox |
| Testing frameworks | Tools to validate functionality, integrations, and workflows |
| Identity management tools | Scoped authentication and access control for development work |
Realistic, yet safe
Section titled “Realistic, yet safe”The sandbox is a controlled playground: a realistic environment for testing new software without compromising the stability of live systems. Faults are contained, suspicious behavior is confined, and untrusted code cannot reach the host platform or other tenants. This containment also mitigates software supply-chain risk — a third-party app’s bugs or vulnerabilities stay inside its isolated environment.
Compliance is built in, not bolted on
Section titled “Compliance is built in, not bolted on”Because legal data is involved, the sandbox enforces compliance as a first-class part of development. Developers validate against the platform’s controls early, so that an application’s compliance posture is established before it ever reaches a firm. Combined with ecosystem governance, this ensures applications meet ecosystem-wide standards for security, data handling, and quality.
From sandbox to marketplace
Section titled “From sandbox to marketplace”Applications built and validated in the sandbox move through review and into the marketplace, where firms can discover, deploy, and subscribe to them. The sandbox is therefore both a build environment and the first gate in the platform’s quality and compliance pipeline.