Docs

Greenhaus architecture at a glance

This public excerpt provides a non-sensitive look at how we assemble security, data, and workflow components.

Security architecture Request a Property Operations Fit Review

Client surfaces

Next.js app router, Expo mobile clients, and kiosk experiences share a design system powered by Tailwind and shadcn/ui.

Edge orchestration

Vercel Edge functions power public surfaces, rate limiting, and hCaptcha verification. Resend handles double opt-in emails.

Core services

Core records, role-based access controls, workflow routing, and approval history keep operations and accounting context attached to the same workspace.

Data platform

Reporting, exports, and analytics are structured around the operating record so finance and workflow context stay easier to trace.

Glossary

RLS: Row-level security. Restricts dataset rows based on policies tied to the authenticated identity.
Default deny: Baseline posture where all access is denied until explicitly granted through policy assignments.
Tenant isolation: Mechanisms that keep portfolio data scoped to the right workspace and authenticated role.
Observability fabric: Event history that supports workflow dashboards, alerts, and operational review.