All systems operational

Architecture Overview

DevSphere OS is a multi-tenant SaaS built on a Next.js application, a Supabase (PostgreSQL) data layer, and a separate Python agent service, with Anthropic's Claude powering AI features.

#Purpose

Give developers a single mental model of the system before diving into any component.

#Architecture

The system has three deployable parts: the Next.js application (UI + API routes), the Supabase project (PostgreSQL database, authentication, and storage), and a Python FastAPI agent service used for SEO content generation.

The Next.js app is the core: it renders the UI and hosts the server-side API routes that hold the business logic. It talks to Supabase for data and auth, to Anthropic for AI, and to the agent service for dispatched generation jobs.

Every table is scoped to an organization and protected by PostgreSQL row-level security (RLS), which enforces tenant isolation at the database layer rather than only in application code.

1
Browser
Next.js UI (React).
2
API routes
Business logic, server-side.
3
Supabase
PostgreSQL + Auth + Storage.
4
Anthropic / Agent service
AI generation.

#How it works

1

Request enters the app

The browser loads the Next.js UI and calls its API routes.
2

API route runs logic

Server-side routes authenticate the user, check permissions, and read or write Supabase.
3

RLS enforces isolation

PostgreSQL policies scope every query to the caller's organization.
4

AI and jobs dispatch out

AI calls go to Anthropic; SEO generation is dispatched to the agent service; background jobs run on a schedule.

#Implementation notes

  • The Next.js app directory is the primary codebase; API routes live under its app/api tree.
  • The agent service is a small FastAPI app (Docker) with a health endpoint and an SEO generation router.
  • Supabase provides Postgres, auth, and storage; the service-role key is used server-side only.

#Limitations

Known limitations

  • The agent service currently focuses on SEO content generation; most AI assistance runs inside the Next.js backend.
  • This is a single-provider AI design (Anthropic); other providers are not wired.

#Security considerations

Security

  • Tenant isolation depends on RLS — never bypass it with the service-role key except in trusted server code.
  • Secrets (service-role key, AI keys, integration secrets) are server-side only and must never reach the browser.

#Best practices

  • Treat the Portal source as the source of truth for behavior.
  • Keep business logic in API routes, not the client.
  • Assume every query must be organization-scoped.

Still need help?

Can’t find what you’re looking for? The DevSphere OS team is happy to help.