SaaS

About

The platform is a multi-tenant SaaS starter kit: a complete base (auth, tenants, billing, RBAC, observability) shipped as an empty box, with a plugin contract for layering complete products on top.

Each product becomes a SaaS in its own right by binding to a domain and a Docker image with branding baked in.

Principles

  • Tenant isolation enforced at the ORM, not just the controller.
  • Disable, don't delete — the codebase is preserved.
  • Audit logs for every cross-tenant access by platform admins.
  • Production-safe defaults: bcrypt cost 12, JWT rotation, RLS on.
About