OS-level accessibility automation, for the enterprise apps that have no API.

It means the runtime drives Windows applications by reading the UI Automation (UIA) tree the operating system publishes for every UI thread, then acting on the resolved element. UIA is the same accessibility framework Narrator and other screen readers consume. The tree exposes ControlType, Name, AutomationId, ClassName, BoundingRectangle, IsKeyboardFocusable, and a set of patterns (ValuePattern, SelectionPattern, InvokePattern, TogglePattern). An automation runtime that addresses elements through UIA reads structured data the OS already exposes, instead of inferring structure from pixels or recorded coordinates. Microsoft documents the framework at learn.microsoft.com/en-us/windows/win32/winauto/entry-uiauto-win32.

Enterprise workflows live on apps that have no public API: SAP GUI, SAP B1, Oracle EBS, mainframe 3270 emulators, Jack Henry, Fiserv, FIS, Epic, Cerner, eClinicalWorks, custom Win32 admin tools. Browser-based agents cannot see those apps at all. Pixel matchers can, but they break on every theme change, DPI change, and minor UI patch, and they cannot survive a Citrix session resize. UIA is the layer that exists for all of these apps, and the tree is identical regardless of resolution or scaling. That is what makes the same workflow run inside an RDP window, on a 4K monitor, on a published Citrix app, and on a developer laptop with no rewrites.

Both UiPath and Power Automate Desktop have UIA backends; the difference is what they make you key your workflow on. The classical RPA recorder generates a recorded path through the UIA tree (visual ancestor chain plus index) and falls back to image matching when the path breaks. That is why a B1 9.3 to 10.0 upgrade typically requires re-recording. The Mediar approach keys on Name plus AutomationId first, falls back to ClassName, and only uses a structural path when nothing else is populated. The Selector primitives that express this are open source under MIT at github.com/mediar-ai/terminator/blob/main/src/selector.rs, so the resolution logic the runtime uses against your enterprise apps is auditable.

Real answer: most enterprise Win32 and WinForms apps publish populated AutomationIds because the form designer auto-assigned them at compile time. The exceptions are old C++/MFC apps with hand-coded HWNDs and apps that render into a DirectX or canvas surface and never register a UIA provider. For sloppy-but-present cases, the runtime falls back through the primitive ladder: Name, then Role plus Name, then ClassName, then Path, then Attributes (HelpText, ItemStatus). For pure render-only apps, the clustered tree in the open-source SDK fuses UIA with optional vision detection from Omniparser or Gemini Vision; UIA elements get the #u prefix, vision elements get #p or #g. The workflow can target a vision element only when UIA returns nothing, instead of using vision for everything.

Yes, that is one of the load-bearing reasons enterprises use this layer. UIA is published by the OS hosting the application, not by the client connecting to it. When a workflow runs inside the RDP or Citrix session (which is how Mediar deploys for banks and insurance carriers), it reads the UIA tree of the apps inside the session. The Citrix HDX wrapper does not introduce a pixel layer the runtime has to interpret. This is why pixel-matcher RPA struggles in Citrix farms: the same workflow that works on the RDP host fails on a published app because the framing pixels changed. UIA is identical in both.

Every step the executor runs lands in a structured StepResult: step_id, tool_name (the UIA primitive), status (Pending, Running, Success, Failed, Skipped, Retrying), the structured result payload, the error string if any, duration in milliseconds, and retry count. The execution row stores the full step list as JSON with screenshots per step, the trace_id, the client_id, and an error_category that distinguishes Infrastructure failures from WorkflowLogic failures. For an auditor, the value of an OS-level layer is that every step is a typed UIA call against a named element, not a click at (x, y). The audit replay reads the same Name and AutomationId an automation engineer would have written into the workflow, which is what compliance reviewers can actually verify against a process narrative.

30 seconds per app. inspect.exe ships with the Windows SDK at C:\Program Files (x86)\Windows Kits\10\bin\10.0.x.x\x64\inspect.exe. Open it, set Hover Mode, launch your app, walk through the form your team uses every day. For most enterprise apps you will see ControlType.Edit on editable fields, populated Name properties pulled from the form definition, and AutomationId values on most controls. If those properties are populated, any UIA-based runtime can drive them deterministically. Where Name is empty and AutomationId is missing on a control you need, that is the part where you would write a Selector.attributes or Selector.path fallback, or escalate to the vision overlay. The pre-pilot inspect.exe walk takes an hour and tells you exactly what surface area is going to be deterministic versus probabilistic.

The execution layer is open source under MIT at github.com/mediar-ai/terminator. That is the package that wraps UIA, exposes the Selector primitives shown on this page, and runs the deterministic actions (type_into_element, click_element, set_value, get_text, run_command). A team can drive any Windows desktop app through Terminator alone with no Mediar cloud. The recording app, the orchestrator, the no-code workflow builder at app.mediar.ai/web, the SOC 2 control plane, and the audit trail are commercial. Pricing is $0.75 per minute of runtime and a $10,000 turn-key program fee that converts to credits.

Three failure modes, in order of frequency. First, an app that renders into pure DirectX, GPU canvas, or an embedded Chromium with no accessibility bridge enabled, and never registers a UIA provider. The fallback is the vision overlay, which is the worst case but rarely the whole workflow. Second, an app that publishes UIA but with empty Name and missing AutomationId on the field you care about. The fix is one of the lower primitives (ClassName, Path, Attributes) or a re-record against the parent window. Third, a major version upgrade that renames the field across the board (B1 9.3 to 10.0 reflowed the line item grid). The runtime emits structured failures so a human can re-record that one branch in the recording app, instead of silently retrying. For posting workflows like AP cash, silent retry is disabled by default because half-posting an invoice is worse than not posting it.

$0.75 per minute of workflow runtime, no per-seat licensing, no per-bot licensing. The $10,000 turn-key program fee covers a dedicated implementation engineer for the pilot and converts to runtime credits with a bonus, so it is effectively prepaid usage. The math an enterprise can run before the call: pick the workflow with the highest weekly volume that lives on a UIA-addressable app, multiply minutes saved per run by runs per week, divide by your current FTE-hour cost, and compare to runtime cost at $0.75 per minute. The deployments where this approach has shipped (insurance claims at 30 minutes to 2 minutes per claim for $750K per year, bank onboarding at 8 weeks to 2 weeks, F&B SAP B1 chains at 70 percent versus prior UiPath spend) all started from that arithmetic.