Olympus
Olympus is the administration and operations platform powering everything behind Frontlyne's product suite. It's a production-deployed web application that gives super-admins full control over tenant onboarding, configuration, customer support, licensing, and platform health. The platform comprises four major pillars: Front Desk (multi-channel customer support), Tenant & Customer Management, License Management, and Platform Administration & Security.
Key Highlights
- Multi-channel support system (WhatsApp, Email, In-App) with SLA engine, CSAT surveys, agent capacity tracking, and canned responses
- 21-section tenant dashboard controlling AI models, voice providers, guardrails, OpenSearch indices, RAG cache, and per-channel Front Desk configuration
- Dual database architecture separating transactional data (fql_master) from analytics snapshots (fql_dev_admin) for query isolation
- 3-layer authentication: Google OAuth 2.0 SSO, mandatory TOTP 2FA, and IP whitelisting with self-service approval requests
- License management with usage-based billing, overusage cost calculation, ElevenLabs quota tracking, and per-tenant cost analytics (AI, embeddings, TTS, STT)
- 59 models, 50+ API endpoints, 10+ background jobs, 20+ pages, and 50+ React components in a single Docker multi-stage deployment on ECS Fargate
The Problem
Frontlyne's products serve frontline retail workers at scale, but who manages the tenants, monitors usage, handles customer support, and controls costs? The platform needed an enterprise-grade operations layer: tenant lifecycle management, multi-channel customer support, license tracking, granular access control, and real-time analytics, all serving multiple companies from a single deployment.
Front Desk: Multi-Channel Support
A full-featured ticketing system supporting three channels. WhatsApp via Meta Cloud API with opt-in consent tracking, 24-hour Customer Service Window enforcement, and per-tenant Business configurations. Email via AWS SES receipt rules, S3 storage, and a Node.js Lambda that parses MIME content, extracts threading headers, and forwards structured payloads. In-App via native REST API. Tickets follow a new-to-closed workflow with priority levels, category tagging, round-robin agent assignment with capacity tracking, ticket merging, canned responses, and S3 file attachments. An SLA engine auto-applies configurable policies per priority with breach detection and escalation alerts. CSAT surveys are sent after resolution with per-agent and per-tenant analytics.
Tenant & Customer Management
Full lifecycle management: create tenants with unique customer codes, test database connectivity before saving (encrypted password storage), toggle active/inactive with trial period tracking, and soft delete with restore capability. The tenant dashboard is a 21-section configuration hub covering setup wizard (guided DB, AWS, AI model, language onboarding), AI model settings (Bedrock model ID, temperature, max tokens, system prompts), audio and voice (TTS provider mapping per language with pronunciation dictionaries), guardrails (blocked topics, competitor brand filtering), OpenSearch (index status, document counts, provisioning), RAG cache browser (stale/unused/high-hit filtering with manual invalidation), personnel, user sessions, audit logs, and more.
License Management & Cost Analytics
Configurable licensing for users and stores with flexible counting methods (highest usage vs. last day of month), billing cycles (monthly/quarterly/yearly), and custom fiscal year start months. Real-time utilization tracking with overusage cost calculation, monthly consumption trends, and overage alerts. ElevenLabs quota tracking with monthly character limits and warning thresholds. Per-tenant cost breakdowns across AI generation, embeddings, TTS, and STT with budget vs. actual spend analysis and cost-per-interaction metrics.
Security & Access Control
Three-layer authentication: Google OAuth 2.0 as primary SSO, mandatory TOTP 2FA for all admins (QR code setup via rotp + rqrcode), and IP whitelisting at global and per-admin scope with self-service approval requests. Role-based access with super_admin, reviewer, and analyst roles, plus granular per-admin per-tenant permissions (can_view/can_edit) across 30+ sections. Every admin action is logged with actor, resource, field-level changes (old to new values), IP address, and user agent. JWT sessions use unique JTI per session with expiry tracking and explicit logout with token invalidation.
Architecture
Dual database design: a master DB for tenant configs, admin users, 14 Front Desk tables, audit logs, and feature access rules, and a separate admin DB for analytics snapshots, sync logs, and license usage snapshots, keeping analytics queries fast and isolated from transactional data. The backend comprises 59 models, 20+ controllers, 50+ API endpoints, and 10+ background jobs (SLA checker, auto-close, CSAT surveys, WhatsApp sender, re-verification checker) managed by Sidekiq + Sidekiq-Cron. The React 19 frontend delivers 20+ pages and 50+ components with a distinct indigo/violet palette and dark sidebar for Front Desk. Deployed as a Docker multi-stage build (Rails backend + compiled React static assets) on AWS ECS Fargate with a single build-push-deploy script.