HorixOS — Complete Business & Technical Blueprint

Consolidated presentation document built from all requirement files: macro architecture, workflow, SaaS services, monorepo directory design, RBAC permission matrix, and API/route catalog — all in a light-theme, structured format.

Multi-tenant SaaS AI-Powered Recruitment OS Event-Driven Analytics Communication Intelligence Stripe + OAuth + RBAC

Primary Architecture Blocks

RBAC Permission Domains

API Module Groups

Core User Roles + Platform Admin

Logical DB Schemas

View Business Flow Jump to RBAC Jump to API Catalog Open Layman Diagrams

1) Macro Architecture

Platform Control Plane

Tenant registry, subscription/billing, plan enforcement, usage metering, Redis rate limiting, feature flags, tenant provisioning, telemetry, internal admin.

API Gateway

Subdomain resolver, JWT auth middleware, tenant resolver, plan validator, rate limiter, request router.

Product Execution Plane

Data acquisition, ATS core, matching engine, workforce intelligence, compliance manager, supervised AI execution.

Communication Intelligence Layer

VOIP, call recording, STT, NLP/sentiment, talk/listen ratio, compliance phrase detection, email intent analysis, engagement scoring.

Intelligence & Data Plane

Event bus backbone, real-time analytics, ROI engine, behavioral/burnout models, vector database, AI services, audit & observability.

Data Storage Layer

PostgreSQL (platform/product/analytics), object storage (calls/resumes/docs), Redis (queues/rate/session), vector DB (pgvector or Pinecone).

Three-Plane System Model (Textual)

Platform Control Plane
        ↓
     API Gateway
        ↓
Product Execution + Communication Intelligence + Intelligence/Data Plane

Critical Event Types

candidate_created

job_posted

call_completed

email_sent

pipeline_stage_changed

ai_suggestion_generated

recruiter_session_started

compliance_flag_detected

Tenant Isolation & Economic Governance

Subdomain resolution
Tenant lookup
Subscription validation
Rate limit check
Usage quota validation
Execution

2) SaaS Service Architecture

Users (Owner | Manager | Recruiter)
  → Frontend (Next.js)
  → API Gateway
  → Auth + Tenant + Plan + Rate Guard
  → Core Services
  → Queues/Workers (heavy tasks)
  → DB + Event Bus
  → Analytics + Dashboard updates

Core Backend Service Layer

Auth Service

JWT + OAuth (Google/Microsoft), request validation.

Tenant Service

Multi-tenant isolation and provisioning.

Billing Service

Stripe checkout, subscriptions, invoices, portal, usage metering.

ATS Service

Jobs, candidates, pipeline, placements, compliance.

Scraping Service

Playwright worker + parsing + AI structuring into ATS.

Matching Engine

Rule filtering + pgvector cosine similarity + weighted rank.

Communication Service

Twilio/VOIP + Email provider + transcript/email intelligence.

AI Adapter

OpenAI/Gemini/Anthropic for parsing, generation, analysis, embeddings.

Workforce Analytics

Sessions, activity, productivity, burnout indicators.

Usage Metering

AI tokens, call minutes, storage, API and seats.

Event Bus Service

Redis streams consumers for analytics, ROI, notifications, billing.

Authentication Flow
Login → Auth Service → JWT/OAuth
JWT in HTTP-only cookie
Every request validated at gateway

Billing Flow (Stripe)
Owner selects plan → Checkout session
Payment → Webhook → subscription update
Plan enforcement + metering active

Call Intelligence
Recruiter call → Twilio
Recording stored → Webhook
Transcription queue → AI analysis
Sentiment/engagement stored → Event emitted

Email Intelligence
Email send/receive → provider webhook
Thread stored → AI context extraction
Intent + engagement score updated

Service Options Table

Function	Primary	Alternatives
Hosting	Oracle / AWS	GCP / Fly.io
Frontend	Vercel / Next.js	Cloudflare Pages
Backend	NestJS	Fastify / Express
Database	Postgres	MySQL
Vector	pgvector	Pinecone
AI	OpenAI	Gemini / Anthropic
VOIP	Twilio	Plivo / Vonage
Email	Resend	SendGrid / SES
Payments	Stripe	Paddle / Razorpay
Queue	Redis	Kafka / SQS
Auth	JWT	Clerk / Auth0

Upgrade Path After Revenue

Self-host Postgres → AWS RDS
Self-host Redis → ElastiCache
pgvector → Pinecone cluster
Redis streams → Kafka
Single API instance → Kubernetes autoscaling + CDN + WAF
Enterprise: dedicated tenant DB, regional isolation, dedicated AI keys, SLA monitoring

3) Business Workflow (End-to-End)

Agency signs up → Tenant provisioned → Owner configures org
→ Jobs created → Data ingestion/sourcing → Matching ranks candidates
→ Recruiters communicate → Calls & emails analyzed
→ Candidate moves in pipeline → Placement completed
→ Performance & ROI tracked → AI optimizes decisions

Operational Timeline

Tenant onboarding: signup, subdomain, plan selection, tenant provisioning, owner creation, quota setup.
Org setup: managers/recruiters added, hierarchy and weights configured, email/VOIP/scraping connections.
Execution loop: job creation, sourcing, matching, communication, stage movement, placement.
Intelligence loop: transcript/email analysis, engagement scoring, performance and burnout insights.
Business loop: usage metering, overage calculations, invoices, upgrade prompts, suspension logic when needed.

Role Workflows

Owner

Dashboard: total jobs, active candidates, productivity, revenue/recruiter, cost/placement, AI savings, utilization, burnout.
Actions: create managers, upgrade plan, adjust quotas, configure compliance and feature controls, review ROI.

Manager

Dashboard: activity score, open jobs, pipeline velocity, call/email effectiveness, conversion rate, burnout, capacity.
Actions: assign/reassign work, review transcripts, coaching feedback, trigger AI shortlist, monitor compliance alerts.

Recruiter

Daily flow: login → dashboard → AI suggestions → open tasks → pipeline.
Execution: create jobs, source candidates, run matches, call/email outreach, move candidates across stages.

Communication + Candidate Lifecycle

Call Workflow
Call initiate → record → store → transcribe
→ AI transcript analysis → engagement score
→ metrics saved → event emitted → dashboard update

Email Workflow
Email sent via platform → thread stored
→ intent extraction → engagement scoring
→ response tracking → pipeline suggestions

Candidate Lifecycle
Profile created → Enriched/classified → Matched → Contacted → Screened
→ Interview → Offer → Placement → Post-placement tracking

AI Feedback Loop

Recruiter action → event generated → event bus storage
→ AI learns patterns → predictive model updated
→ future recommendations improved

Examples: recruiter-close-rate learning, burnout trend detection, matching-weight adjustment, drop-off prediction.

4) Implementation Directory Blueprint

Recommended monorepo: pnpm + Turborepo (or Nx).

Monorepo Structure

horixos/
├── apps/
│   ├── web/       # Next.js frontend
│   ├── api/       # NestJS backend
│   └── workers/   # background worker processes
├── packages/
│   ├── shared-types/
│   ├── shared-config/
│   ├── shared-utils/
│   └── ui-kit/
├── infra/
│   ├── docker/
│   ├── nginx/
│   ├── terraform/
│   └── scripts/
├── docs/
├── .env.example
├── package.json
└── turbo.json

Frontend Structure (apps/web)

web/
├── app/
│   ├── (marketing)/
│   ├── (auth)/login | register | oauth-callback
│   ├── (dashboard)/owner | manager | recruiter | analytics | billing | settings
│   ├── jobs/ | candidates/ | pipeline/
│   ├── communication/calls | emails | transcripts
│   ├── admin/
│   └── layout.tsx
├── components/ui | dashboard | pipeline | communication | charts | billing
├── hooks/
├── lib/api-client.ts | auth.ts | tenant.ts | stripe.ts
├── middleware.ts  # subdomain -> tenant resolver
└── styles/

Backend Structure (apps/api)

src/
├── core/ (database, redis, storage, event-bus, logging, guards, interceptors, middlewares)
├── auth/
├── platform/ (tenants, billing, usage, rate-limit, feature-flags, admin)
├── ats/ (jobs, candidates, pipeline, placements, compliance)
├── scraping/ (controllers, services, workers, parsers, dto)
├── matching/ (scoring, vector, services)
├── communication/
│   ├── voip/ (twilio.service.ts, call.controller.ts, call.webhook.ts)
│   ├── email/ (smtp.service.ts, email.webhook.ts)
│   ├── transcription/ (transcription.worker.ts, whisper.adapter.ts)
│   └── nlp/ (sentiment, engagement, compliance services)
├── ai/ (providers, resume-parser, jd-generator, transcript-analysis, embeddings, recommendations)
├── workforce/ (sessions, activity, productivity)
├── analytics/ (aggregations, roi, dashboards, reports)
└── events/ (publishers, consumers, event-types.ts)

Workers, Database, Queue, Auth, Billing, AI Adapter

Workers

scraping.worker.ts, transcription.worker.ts, ai.worker.ts, analytics.worker.ts, billing.worker.ts, worker.module.ts.

Database Schemas

platform.* (tenants, subscriptions, usage_logs, feature_flags), product.* (users, jobs, candidates, applications, pipeline_stages, calls, transcripts, emails), analytics.* (recruiter_metrics, roi_metrics, engagement_scores, burnout_index).

Queue Structure

scraping.queue.ts, transcription.queue.ts, ai.queue.ts, analytics.queue.ts, billing.queue.ts.

Auth Flow Files

jwt.strategy.ts, google.strategy.ts, microsoft.strategy.ts, auth.controller.ts, auth.service.ts.

Billing Files

stripe.service.ts, webhook.controller.ts, subscription.service.ts, metering.service.ts.

AI Adapter Pattern

ai.interface.ts, openai.provider.ts, gemini.provider.ts for provider switching per tenant/plan.

Clean Separation Principle

Product Plane

ats, scraping, matching, communication, workforce.

Platform Plane

billing, usage, tenant, rate-limit.

Intelligence Plane

ai, analytics, events.

✔ Multi-tenant SaaS ready ✔ Stripe billing integrated ✔ OAuth login ✔ AI provider abstraction ✔ Queue-based background processing ✔ Event-driven analytics ✔ Clean modular boundaries

5) RBAC Permission Matrix (Complete)

Roles: Platform Admin (internal), Owner (tenant), Manager (team), Recruiter (operational).

✅ Allowed 🟡 Limited / Scoped ❌ Not Allowed

Role Definitions

Platform Admin

Cross-tenant management, system health, global billing oversight; no recruitment execution.

Owner

Full tenant access including billing, team management, strategic analytics, feature control.

Manager

Team oversight, supervision, performance/compliance monitoring; no billing control.

Recruiter

ATS execution, communication, AI-assisted tasks; no team/billing control.

Permission Categories

Authentication, Tenant/Platform, Billing, User Management, ATS, Scraping, Matching, Communication, AI Usage, Workforce Analytics, ROI Analytics, Compliance, System Flags, Notifications, Event Audit.

1) Auth & Profile

Action	Platform Admin	Owner	Manager	Recruiter
Login	✅	✅	✅	✅
Update own profile	✅	✅	✅	✅
Reset own password	✅	✅	✅	✅

2) Tenant Management

Action	Platform Admin	Owner	Manager	Recruiter
View tenant info	✅ (all tenants)	✅	🟡 (view only)	❌
Update tenant config	✅	✅	❌	❌
Suspend tenant	✅	❌	❌	❌
View feature flags	✅	✅	🟡	❌

3) Billing (Stripe)

Action	Platform Admin	Owner	Manager	Recruiter
View subscription	✅	✅	❌	❌
Upgrade/downgrade plan	❌	✅	❌	❌
View invoices	✅	✅	❌	❌
Access billing portal	❌	✅	❌	❌
View usage metering	✅	✅	🟡 (team level)	❌

4) User Management

Action	Platform Admin	Owner	Manager	Recruiter
Invite user	❌	✅	🟡 (recruiter only)	❌
Change role	❌	✅	❌	❌
Remove user	❌	✅	❌	❌
View team	❌	✅	✅	❌

5) ATS - Jobs

Action	Platform Admin	Owner	Manager	Recruiter
Create job	❌	✅	✅	✅
Edit job	❌	✅	✅	🟡 (own jobs only)
Close job	❌	✅	✅	❌
Delete job	❌	✅	❌	❌

6) ATS - Candidates

Action	Platform Admin	Owner	Manager	Recruiter
Create candidate	❌	✅	✅	✅
Edit candidate	❌	✅	✅	🟡 (assigned only)
Delete candidate	❌	✅	❌	❌
Upload resume	❌	✅	✅	✅

7) Pipeline

Action	Platform Admin	Owner	Manager	Recruiter
Move candidate stage	❌	✅	✅	✅
Create stage	❌	✅	❌	❌
Edit stage	❌	✅	❌	❌

8) Scraping

Action	Platform Admin	Owner	Manager	Recruiter
Create scrape job	❌	✅	🟡 (if enabled)	❌
Cancel scrape job	❌	✅	❌	❌
View scrape results	❌	✅	✅	🟡

Scraping is often plan-restricted.

9) Matching

Action	Platform Admin	Owner	Manager	Recruiter
Run matching	❌	✅	✅	✅
Adjust matching weights	❌	✅	❌	❌
View match explanation	❌	✅	✅	✅

10) Communication - Calls

Action	Platform Admin	Owner	Manager	Recruiter
Initiate call	❌	✅	✅	✅
View all call logs	❌	✅	✅	❌
View own call logs	❌	❌	❌	✅
Delete recording	❌	✅	❌	❌
View transcript analysis	❌	✅	✅	🟡 (own only)

11) Communication - Email

Action	Platform Admin	Owner	Manager	Recruiter
Send email	❌	✅	✅	✅
View all threads	❌	✅	✅	❌
View own threads	❌	❌	❌	✅
View AI email insights	❌	✅	✅	🟡

12) AI Usage

Action	Platform Admin	Owner	Manager	Recruiter
Use AI tools	❌	✅	✅	✅
View AI token usage	✅	✅	🟡	❌
Override AI limits	❌	✅	❌	❌

13) Workforce Analytics

Action	Platform Admin	Owner	Manager	Recruiter
View personal productivity	❌	❌	❌	✅
View team productivity	❌	❌	✅	❌
View company productivity	❌	✅	❌	❌
View burnout indicators	❌	✅	✅	❌

14) ROI & Business Analytics

Action	Platform Admin	Owner	Manager	Recruiter
View ROI dashboard	❌	✅	❌	❌
View revenue impact	❌	✅	❌	❌
View AI efficiency gains	❌	✅	🟡	❌

15) Compliance

Action	Platform Admin	Owner	Manager	Recruiter
Set compliance rules	❌	✅	❌	❌
View compliance flags	❌	✅	✅	🟡
Edit compliance records	❌	✅	❌	❌

16) Admin (Platform Only)

Action	Platform Admin	Owner	Manager	Recruiter
View all tenants	✅	❌	❌	❌
Suspend tenant	✅	❌	❌	❌
View global usage	✅	❌	❌	❌
System health	✅	❌	❌	❌

Scoping Rules

Recruiter Scope

Own jobs, assigned candidates, own calls/emails.

Manager Scope

Team members and assigned recruiters; no billing.

Owner Scope

Entire tenant, billing access, feature controls.

Platform Admin Scope

Cross-tenant platform controls, no operational recruitment actions.

Implementation Strategy

Use NestJS Role Guard + Permission Guard + Resource Scope Guard + Plan Guard
Example:
@Roles(Role.Owner, Role.Manager)
@Permissions(Permission.VIEW_TEAM_ANALYTICS)

Advanced Enterprise Additions

Custom role creation
Field-level permission control
Data masking for compliance
Temporary access tokens
IP whitelisting

6) API & Route Catalog (Complete)

Base URL: https://{tenant}.horixos.com/api | Admin base: https://admin.horixos.com/api | Auth: JWT cookie or Bearer token | Tenant-scoped endpoints | RBAC via guards.

1) Auth Module — /api/auth

Method	Endpoint	Use Case
POST	/auth/register	Register tenant owner + create tenant
POST	/auth/login	Email/password login
POST	/auth/logout	Invalidate refresh token
POST	/auth/refresh	Refresh JWT
GET	/auth/me	Current user profile
GET	/auth/google	Google OAuth redirect
GET	/auth/google/callback	Google OAuth callback
GET	/auth/microsoft	Microsoft OAuth login
GET	/auth/microsoft/callback	Microsoft OAuth callback

2) Tenant & Platform — /api/platform

Method	Endpoint	Use Case
GET	/platform/tenant	Get tenant info
PATCH	/platform/tenant	Update tenant config
GET	/platform/tenant/usage	Current usage stats
GET	/platform/tenant/features	Feature flags

3) Billing (Stripe) — /api/platform/billing

Method	Endpoint	Use Case
POST	/billing/checkout-session	Create Stripe checkout
GET	/billing/subscription	Subscription details
POST	/billing/portal	Stripe customer portal
POST	/billing/webhook	Stripe webhook handler
GET	/billing/invoices	List invoices
GET	/billing/usage	Metered usage breakdown

Supports plan upgrades, overages, seat billing, AI token metering.

4) User Management — /api/users

Method	Endpoint	Use Case
POST	/users	Invite user
GET	/users	List users
GET	/users/:id	Get user
PATCH	/users/:id	Update role
DELETE	/users/:id	Remove user
POST	/users/:id/reset-password	Reset password

5) ATS Jobs — /api/jobs

Method	Endpoint	Use Case
POST	/jobs	Create job
GET	/jobs	List jobs
GET	/jobs/:id	Job details
PATCH	/jobs/:id	Update job
DELETE	/jobs/:id	Archive job
POST	/jobs/:id/close	Close job
POST	/jobs/:id/match	Run matching engine

6) ATS Candidates — /api/candidates

Method	Endpoint	Use Case
POST	/candidates	Create candidate
GET	/candidates	List candidates
GET	/candidates/:id	Candidate details
PATCH	/candidates/:id	Update profile
DELETE	/candidates/:id	Archive
POST	/candidates/:id/upload-resume	Upload resume
GET	/candidates/:id/matches	Matching jobs

7) Pipeline — /api/pipeline

Method	Endpoint	Use Case
GET	/pipeline/:jobId	Get job pipeline
POST	/pipeline/move	Move candidate stage
GET	/pipeline/stages	List stages
PATCH	/pipeline/stages/:id	Edit stage
POST	/pipeline/stages	Create stage

8) Scraping — /api/scraping

Method	Endpoint	Use Case
POST	/scraping/job	Create scrape job
GET	/scraping/jobs	List scrape jobs
GET	/scraping/jobs/:id	Status
DELETE	/scraping/jobs/:id	Cancel
POST	/scraping/parse	Parse raw data

9) Matching — /api/matching

Method	Endpoint	Use Case
POST	/matching/job/:jobId	Rank candidates
POST	/matching/candidate/:id	Find jobs
POST	/matching/weights	Adjust scoring weights
GET	/matching/explain/:matchId	AI explanation

10) Communication Calls — /api/communication/calls

Method	Endpoint	Use Case
POST	/calls/initiate	Start call
GET	/calls	List calls
GET	/calls/:id	Call details
POST	/calls/webhook	Twilio webhook
GET	/calls/:id/transcript	Transcript
GET	/calls/:id/analysis	AI sentiment
DELETE	/calls/:id	Delete recording

11) Communication Email — /api/communication/email

Method	Endpoint	Use Case
POST	/email/send	Send email
GET	/email/threads	List threads
GET	/email/thread/:id	Thread details
POST	/email/webhook	SMTP webhook
GET	/email/:id/analysis	AI insights

12) AI Module — /api/ai

Method	Endpoint	Use Case
POST	/ai/parse-resume	AI resume parsing
POST	/ai/generate-jd	Generate job description
POST	/ai/analyze-transcript	Transcript NLP
POST	/ai/suggest-tasks	Recruiter suggestions
GET	/ai/usage	Token usage
POST	/ai/test	Debug endpoint

13) Workforce Analytics — /api/workforce

Method	Endpoint	Use Case
POST	/workforce/session/start	Start session
POST	/workforce/session/end	End session
GET	/workforce/productivity	Recruiter metrics
GET	/workforce/team-metrics	Manager view
GET	/workforce/burnout	Burnout indicators

14) Analytics & ROI — /api/analytics

Method	Endpoint	Use Case
GET	/analytics/dashboard	Owner dashboard
GET	/analytics/conversion	Pipeline conversion
GET	/analytics/roi	Revenue impact
GET	/analytics/ai-impact	AI productivity gain
GET	/analytics/capacity	Team capacity

15) Notifications — /api/notifications

Method	Endpoint	Use Case
GET	/notifications	List notifications
PATCH	/notifications/:id/read	Mark read
DELETE	/notifications/:id	Delete notification

16) Admin (Platform Only) — admin.horixos.com/api/admin

Method	Endpoint	Use Case
GET	/admin/tenants	List tenants
GET	/admin/tenant/:id	Tenant details
PATCH	/admin/tenant/:id/suspend	Suspend tenant
GET	/admin/system/health	Infrastructure health
GET	/admin/usage/global	Global usage metrics

Internal Event Endpoints — /api/events

Method	Endpoint	Use Case
POST	/events/publish	Emit event
GET	/events/logs	Debug logs

Typically internal-only endpoints.

End-to-End Request Flow

Client → Frontend → API Gateway
→ Auth Guard → Tenant Guard → Rate Limit Guard
→ Controller → Service → Queue (if heavy) → Worker
→ External API → DB → Event Bus → Analytics update

API Design Principles

RESTful and tenant scoped
Role guarded endpoints
Async heavy task execution
AI calls always metered
Stripe and Twilio webhooks secured/validated
Version all endpoints (recommended: /api/v1/...)

7) Final System Identity

HorixOS is a vertically integrated, AI-powered healthcare recruitment infrastructure operating system combining ATS workflows, autonomous data ingestion, communication intelligence, workforce analytics, billing governance, and tenant-aware SaaS controls into one unified cloud platform.

✔ Multi-tenant ✔ Event-driven ✔ AI-augmented ✔ Communication-intelligent ✔ Behavior-aware ✔ Economically governed ✔ Compliance-ready ✔ Scalable architecture path

Protected Page