Hybrid Tenancy SaaS Foundation
One codebase. Multi-tenant B2B or single-tenant B2C — switch with a config flag.
Four production-ready services: IAM, Gateway, Billing, and Audit. Two React SPAs: Tenant App and Platform Admin. Kubernetes-native with Helm charts.
Four Production-Ready Services
Each service ships with its own Helm chart, CI/CD pipeline, and dedicated database
IAM Service
Full identity lifecycle — signup, JWT RS256 auth, multi-tenant membership, token exchange, avatar uploads, announcements, and in-app notifications.
Gateway Service
Reactive Spring Cloud Gateway — JWT validation via JWKS, header sanitization, audit context propagation, per-tenant metrics, and Swagger aggregation.
Billing Service
Gateway-agnostic payment abstraction — Stripe integration, per-tenant customer provisioning, subscription lifecycle, refunds API, and Customer Portal sessions.
Audit Service
Centralized event-driven audit trail — passive RabbitMQ consumption, SPI-based extensibility, JSONB metadata, and PLATFORM_ADMIN search API.
Hybrid Tenancy Model
Deploy as multi-tenant B2B SaaS (schema-per-tenant PostgreSQL isolation) or single-tenant B2C (all users in one default workspace) — from the same codebase. Switch via a single config flag, no code changes required.
One flag, two models
platform.rolloutMode: MULTI_TENANT or SINGLE_TENANT
Administration & Self-Service
Complete platform management, tenant self-service, and centralized observability
Centralized Audit Trail
Passive event consumption from RabbitMQ, SPI-based extensibility, PLATFORM_ADMIN search API with JSONB metadata.
Global Announcements
Multi-lingual announcements with async fan-out, real-time WebSocket push, and delivery tracking.
In-App Notifications
Persistent notifications with unread badges, mark-as-read, dismiss, and real-time WebSocket delivery.
Token Exchange
Seamless tenant switching without re-authentication — POST /auth/exchange for new tenant-scoped tokens.
Avatar Uploads
Two-phase presigned S3/MinIO flow, auto-cleanup old avatars, tenant-isolated storage.
Refunds API
Full refund management for tenants, PLATFORM_ADMIN global overview, Stripe integration.
Two Production React SPAs
Ship with tenant-facing and platform-admin frontends — React 19, Mantine UI, and Feature-Sliced Design
Tenant App
The workspace interface for your customers. Scoped to a single tenant with dedicated session management.
- Sign-in with tenant discovery & self-service signup
- Team management & invitation workflows
- Billing self-service & Stripe Customer Portal
- In-app notifications & announcements
- Lingui i18n support & Dark/Light themes
Platform Admin
Internal operator console for platform-wide administration. Manage the entire SaaS ecosystem.
- Dashboard with real-time metrics & count cards
- Global User & Organization management
- Subscription monitoring & Refunds overview
- Global audit logs & announcements management
- Plan catalog CRUD & RBAC enforcement
Built for Business Growth
Accelerate your journey from startup to scale-up
Launch in Days
Skip months of infrastructure work. IAM, Gateway, and Billing are production-ready — deploy with Helm and start building your vertical.
Security by Default
RS256 JWT, JTI denylist, brute-force lockout, header sanitization, BCrypt strength 12, and two-layer token revocation out of the box.
True Data Isolation
Schema-per-tenant PostgreSQL with Liquibase per-tenant migrations. Tenant context flows automatically from JWT claims through the gateway.
Zero Licensing Cost
Apache 2.0 — use it for personal projects, commercial products, or anything in between. No usage limits, no vendor lock-in.