CITADEL Your Business Operations, Fortified
Seven applications that work together to run your backoffice. Manage contracts, track time, send invoices, support customers, and measure what matters.
The Suite
Seven applications, one integrated platform. Each built to solve a specific operational challenge, all designed to work together.
Auth
OpenID Connect 1.0 identity provider that serves as the authentication backbone for the entire suite.
- Authorization code flow with PKCE (S256)
- RS256-signed JWT access and ID tokens
- Refresh token rotation with reuse detection
- TOTP multi-factor authentication
- Per-IP and per-key brute-force protection
- Admin API for user and client management
Contracts
End-to-end document and contract lifecycle management with templates, approvals, and e-signatures.
- Custom document types: MSAs, SOWs, NDAs, Change Orders, Rate Cards, SLAs, Proposals, and more
- Template system with variable substitution and calculated fields
- Multi-step approval workflows with delegation and escalation
- Redlining with threaded comments and side-by-side version diff
- PDF generation with auto TOC, cover pages, and branding
- Client portal for external review and digital signatures
Time
Time tracking with timesheets, utilization analytics, and intelligent automation.
- Start/stop timer with weekly timesheet grid view
- Natural language input: “2h on Project Alpha meeting”
- Pattern-based suggestions from historical behavior
- Multi-level approval workflows with budget alerts
- Utilization reporting: billable vs non-billable by person and project
- Google Calendar and Microsoft 365 sync via OAuth
Invoice
Invoicing, Stripe payments, recurring billing, and financial operations.
- Generate invoices from approved time entries automatically
- Native Stripe integration for online payment collection
- Recurring billing with customizable schedules and reminders
- Quotes with conversion tracking and credit notes
- Product/service catalog with tax configuration
- Branded PDF generation with custom CSS per organization
Support
Enterprise ticketing, SLA tracking, and customer self-service with email integration.
- Multi-tenant ticketing with queue-based routing
- SLA management with automatic breach detection
- Email-to-ticket via IMAP, Microsoft 365, and Google Workspace OAuth
- Real-time HTMX dashboards with Chart.js analytics
- Customer self-service portal with knowledge base
- Dark mode support with system-aware theme detection
Events
Event management with registration, QR check-in, and post-event analytics.
- Recurring events: daily, weekly, bi-weekly, monthly with series
- Free, paid, and donation-based ticket types with waitlists
- QR code tickets with scanning check-in and bulk operations
- Customizable email notifications, reminders, and invitations
- Post-event surveys with response analytics
- Google Calendar sync and iCal export
Engage
Client engagement lifecycle management, QBRs, and strategic planning.
- Full engagement lifecycle: onboarding through renewal
- Multi-stream budget tracking and allocation
- Auto-populated Quarterly Business Reviews from suite data
- Application portfolio health scoring with trend analysis
- Risk registers with severity scoring and mitigation plans
- Customer portal for QBR review and sign-off
How It Works
Applications integrate via secure webhooks with HMAC-SHA256 signatures, forming a seamless operational pipeline with centralized identity.
Event-Driven
Apps communicate through webhook events. When a contract is signed, time tracking starts automatically. When time is approved, invoices generate.
Cryptographically Secure
Every webhook is signed with HMAC-SHA256. Receiving apps verify signatures and reject payloads older than five minutes. No tampering, no replay attacks.
Loosely Coupled
Each app runs independently with its own database. Deploy, scale, or update one without affecting the others. No monolith, no single point of failure.
Platform Capabilities
Cross-cutting features shared by every application in the suite.
Multi-Tenant SaaS
Every tenant's data is fully isolated by organization ID. Run a single deployment serving multiple clients with complete data separation and row-level security.
Role-Based Access
Two-tier RBAC enforced at the route level. Platform roles (super admin, admin, user) and organization roles (org admin, project manager, team lead, member) with portal access for clients.
Self-Service Portals
Give clients their own portal view with token-based authentication. Review contracts, track projects, view invoices, submit tickets, and sign off on QBRs.
Real-Time Dashboards
Live analytics with Chart.js visualizations and HTMX polling. Utilization rates, revenue trends, SLA compliance, ticket volumes, and engagement health.
API-First Design
Webhook-based integration with HMAC-SHA256 signed payloads. Token-authenticated REST APIs, SSRF-protected webhook registration, and 5-minute timestamp validation.
Enterprise Security
Argon2id password hashing, CSRF double-submit cookies, per-IP rate limiting (Governor), TOTP 2FA, AES-256-GCM encryption, CSP/HSTS headers, and parameterized SQL queries.
Built Different
CITADEL is engineered with Rust for performance, reliability, and security that mainstream frameworks can't match.
Rust + Axum
Memory-safe, zero-cost abstractions, and async-native. Sub-millisecond response times with minimal resource usage.
Security-First
Argon2id password hashing, HMAC-SHA256 webhook signatures, TOTP 2FA, AES-256-GCM encryption, and hardened HTTP headers in every app.
Self-Hostable
Deploy on your own infrastructure. Single binary per app, PostgreSQL database, no external dependencies beyond SMTP.
No Lock-In
Standard PostgreSQL, Askama HTML templates, HTMX, Tailwind CSS. Your data and your code stay yours.
Ready to Fortify Your Operations?
See how CITADEL can transform your backoffice operations. Talk to the Gallantic team.
Contact Gallantic