DevDesk began as a fully-featured, single-tenant support ticketing system designed to help teams track user issues, assign agents, and monitor resolution workflows. As the application matured, it became clear that a single-tenant architecture was a bottleneck for scalability.
To solve this, DevDesk evolved into a robust Multi-Tenant SaaS Architecture. The system now elegantly supports countless distinct organizations operating under a single centralized platform, while guaranteeing strictly enforced data isolation.
To provide ultimate control over the platform, a global Super Admin layer was introduced. Super Admins bypass all tenant-level restrictions, allowing them to oversee, manage, and debug the platform across all isolated organizations from a single pane of glass.
- Isolated Environments: Users, tickets, comments, attachments, and dashboard metrics are strictly bound to an
Organization. - Tenant Autonomy: When a new user registers, an isolated Organization is automatically provisioned for them. They become the localized
ADMINand can invite their ownAGENTs andUSERs to their closed ecosystem.
- Global Context: The
SUPER_ADMINrole operates outside the boundaries of any single organization. - Platform Management: Super Admins have their own dedicated "Organizations" dashboard to monitor the usage (ticket volume, user count) of all tenants simultaneously.
- Secure Bootstrapping: To prevent security vulnerabilities, the Super Admin account is never manually promoted in the UI. Instead, it is securely seeded on backend startup using local environment variables (
SUPER_ADMIN_EMAIL,SUPER_ADMIN_PASSWORD).
- Role-Based Access Control (RBAC):
USER: Submits tickets and tracks their own support requests.AGENT: Works across the tenant to resolve issues, update statuses, and communicate with users.ADMIN: Manages the tenant's team, assigns tickets to agents, and views organization-wide analytical dashboards.
- Rich Activity Feeds: Every status change, priority shift, and assignment is tracked in an immutable activity log.
- File Attachments: Users can securely attach images and documents to their tickets (powered by Cloudinary).
Frontend (React + Vite)
- UI Architecture: React functional components using Hooks and Context API.
- Routing:
react-router-domwith secure, role-based route guards. - Styling: Tailwind CSS for a modern, responsive user interface.
- API Interactions: Centralized Axios client with automatic JWT token injection and 401 interception.
Backend (Node.js + Express)
- Database: PostgreSQL (hosted on NeonDB) managed via Prisma ORM.
- Authentication: Stateless JSON Web Tokens (JWT) and bcrypt password hashing.
- Security: Robust rate-limiting and comprehensive
zodschema validation for all incoming requests. - Architecture: Clean Model-View-Controller (MVC) separation of concerns.
Navigate to the backend/ directory:
- Copy
.env.exampleto.envand fill in your connection strings and SMTP credentials. - Ensure you set the
SUPER_ADMIN_EMAILandSUPER_ADMIN_PASSWORDin your.env. - Install dependencies:
npm install - Apply Prisma migrations to your database:
npx prisma migrate dev - Start the server:
npm run dev
Read the Backend README and API Docs for deeper details.
Navigate to the frontend/ directory:
- Ensure your
.envconnects to the running local backend (VITE_BASE_URL=http://localhost:5000). - Install dependencies:
npm install - Start Vite:
npm run dev
- Launch the frontend.
- Log in using your Super Admin credentials to view the global Organizations dashboard.
- Create new accounts from the standard Sign-Up page to mimic generating isolated tenant workspaces!