...
The Maestrano platform is composed of the following components:
1 - Frontend App(s)
The frontend applications are interfaces between the users - customers, staff, partners - and the actual Maestrano platform. While most implementations only include one frontend application - usually a customer portal/marketplace/dashboard - one could decide to create a different application for staff users such as support or administrator people. One could also decide to use the Maestrano platform in order to serve multiple business purposes - multiple business units - and create multiple frontend applications accordingly.
...
While Maestrano provides a RoR template to build frontend applications, one could easily choose another application stack to build their own frontend as the only hard dependency is to be able to consume the MnoHub JSON REST API.
2 - MnoHub
The Maestrano Hub acts as an orchestrator for the whole platform. It holds any data related to customer identification, billing and product purchase/subscription. The hub is also responsible for maintaining the Access Control Lists (ACL) for all platform users.
...
Finally, the hub also contains an authorisation API called "IDM" (Identity Manager) that can be used by other services - such as Connec!™ - to authorise API queries. This is typically the case when users load their Impac!™ dashboard. A session token is enclosed in the query and transmitted through Impac!™ to Connec!™ which then contacts the hub to verify that the provided token (user) has access to the data. While Connec!™ is currently the only service to use the IDM, other services - such as Nex!™ for third party access to the apps - are expected to leverage the IDM in the near future.
3 - Nex!™
Nex!™ is Maestrano's Platform as a Service (PaaS). It has the ability to deploy and host applications on-demand. Some applications such as vTiger, Dolibarr, WordPress cannot be shared by multiple customer at once and require to be individually hosted for each customer. These applications are different from the likes of Ranqx, SignMee and other which have this multi-tenancy ability - cloud service able to handle multiple customers.
...
When a customer requests a new application from a frontend application, this request gets passed to the hub which asks Nex!™ to provision an instance of specific application. Once provisioned, customers can access them like any other Single Sign-On ready application.
4 - Connec!™
Connec!™ is Maestrano's data sharing platform. It seamlessly synchronise data between applications in real-time so that users do not need to re-enter data twice in different applications.
...
Connec!™ is stateless from an authorisation point of view. Any API query gets authorised by contacting the MnoHub IDM which then handles authorisation. This makes ACL management much easier to maintain from Connec!™ point of view.
5 - Impac!™
Impac!™ is Maestrano's reporting engine and frontend. It allows users, application providers and enterprise customers to retrieve aggregated data from Connec!™ around Finance, HR, Payroll, Sales and more. Data can be either nicely presented to end users using a series of widgets or be directly accessed via API.
...
While Maestrano publicly provides Impac-Angular as a convenient way to display data provided by Impac!™ engine, one could easily choose to implement their own frontend using any technology/framework that they may see fit.
6 - Internal - Nex!™ Applications
The Nex!™ web applications are all packaged using Docker. Docker allows one to define an OS image containing everything that is needed to run a particular web application such as vTiger, Dolibarr, WordPress and Joomla. So far, all applications hosted by Nex!™ are open source. Examples of these applications can be found on Github under Maestrano's account (e.g.: https://github.com/maestrano/vtiger6). Actual Docker packages can be found on Docker Hub under Maestrano's account (e.g.: https://hub.docker.com/r/maestrano/vtiger6).
...
While most Nex!™ applications are served using HTTPS, some applications - such as Joomla and WordPress - require to be served under HTTP. At first, this may be considered as a potential security issue but most of these applications require a custom domain and a custom SSL certificate in any case. Therefore this "HTTP vulnerability" is only a temporary situation that any customer would resolve anyway after purchasing a custom domain and certificate.
7 - External - Cloud Applications
Cloud applications are online services that have used Maestrano's SDK to integrate with the platform and enable features such as Single Sign-On, Single Billing and Data Sharing. They reside outside of the Maestrano infrastructure but are still considered part of the ecosystem.
...
Cloud applications are expected to communicate with two components of the platform: MnoHub and Connec!™. MnoHub is used by cloud applications to retrieve information about their customers as well as submit bills related to customer subscriptions. Connec!™ is used for Data Sharing, meaning that cloud applications are expected to send data updates to Connec!™ when records are updated on their side as well as receive updates whenever things get updated on the Connec!™ side (= data pushed by another application).
8 - External - Connector Applications
Connector applications are online services that exchange data with Connec!™. These applications did not integrate using one of Maestrano's SDKs. Instead Maestrano connected them to Connec!™ using their public APIs.
These applications do not feature any Single Sign-On or Single Billing capability. Customers are required to have an account on these services before connecting them to the platform.
9 - Overview Diagram
The diagram below show how all components interact together.
...