Introduction

Business owners and administrative users, this will show you an overview of our architecture and answer some of your questions about how Toucan works. You can forward it to your IT department if they need more information.

IT departments & architects, this gives you a complete overview of the architecture of our apps, and will help you identify how Toucan can be integrated easily with your information system. It also describes the prerequisites needed to install our components as self-hosted software.

Security experts, this aims to transparently let you assess our security level and answer questions and address possible concerns you have regarding our authentication and authorization processes. It also shares the practices and processes we implement in our own information system to ensure that the data you transmit to us stays in good hands.

Definitions

Like most web apps, Toucan is mainly made up of two distinct parts: the client and the server.

Web application

Supported browsers

The studio is compatible and battle-tested with Chrome, Firefox and Edge on their latest versions. Visualizing and using the small apps is supported on those browsers and their mobile counterparts (Chrome, Safari (iOS), Firefox Mobile, Edge Mobile).

Internet Explorer 11 isn't supported anymore since November 2021.

The client / front-end stack

The front-end is evolving to a collection of components (Micro Front-End aka MFE) evolving independently and aiming to render an aspect of an app from a set of configuration files and some data Toucan. The front ends are not client specific. Each micro front-end is composed of HTML, CSS and a javascript framework that can be delivered from a static file server or a CDN.

The server / back-end stack

Toucan backend is a hybrid architecture between a single tenant stack and multi-tenant services. All these services exchange between them via REST or GraphQL APIs.

Technical Stack Details

Toucan is built with awesome open source blocks that have proven their reliability and efficiency.

We use the C4 model a visual representation of Toucan software system.

Detailed Workflow

Big Picture

• This scheme provides an overview of Toucan software system and its surrounding environment showing the main components and how they interact each other.

• all connections are in HTTPS. The connection between Toucan and other software system on the internet are performed through a Nginx web server which acts as a Reverse proxy.

• only the HTTPS port is exposed in Toucan

• This scheme provides a more detailed view of the software system by showing the high-level components that make up the system and how they interact with each other.

• Toucan has an hybrid architecture of multi-tenant containers and a single tenant stack divided in multiple containers.

• All multi-tenant containers are running on Kubernetes and are redundant

• The components of the single-tenant stack are running in a private network and all exchanges with the outside world go through a Nginx web server used as a reverse proxy.

• On all the services only the HTTPS ports are exposed

• the Toucan frontend is made up only of static assets (js, css, html...). There is no data or specific information on the frontend side.

Open Source

We also contribute by publishing some of our work in the open source community.

Feel free to look at our public repositories on GitHub.