Enterprise starter kitBackoffice-aligned design system

Calm operational UI for multi-tenant product teams.

The web surface now follows the same visual system as backoffice: compact IBM Plex typography, blue-gray tokens, border-led depth, restrained motion, and clearer workflow framing.

Multi-tenant authRBAC enforcementTyped contractsReal E2E coverage
Start workspaceSign in
Open API docsPublic and protected entry points stay connected to the same product surface.

Security-first

Tenant isolation from the first route

Operationally ready

Docs, auth, and verification included

Delivery speed

Reduce setup drag before product work starts

Operational baseline

Auth

Sessions, reset, invite acceptance

Access

RBAC and tenant-aware middleware

Platform

Next.js, NestJS, and typed contracts

Verification

Playwright, API tests, container-backed flows

Verification path

pnpm --dir apps/api test:e2e:setup
pnpm exec playwright test --config apps/web-e2e/playwright.config.ts
pnpm --dir apps/api test:e2e:teardown
Identity and access

Email auth, invitation flows, protected routes, and session lifecycle.

Tenant boundaries

Organization-aware request handling and scoped membership controls.

Policy enforcement

Role-based access control with middleware and auditable permission paths.

Operating model
Start from real sign-in and protected flows, not static mocks.
Keep API documentation available from the public entry point.
Verify browser, web, API, and infrastructure together for critical journeys.
At a glance

Security-first

Tenant isolation from the first route

Operationally ready

Docs, auth, and verification included

Delivery speed

Reduce setup drag before product work starts