Auth — every path schools actually use
Email + password, magic link, Google OAuth, school code + student ID (for young students with no email), biometric mobile, 2FA TOTP with recovery codes.
The foundation everything else stands on. Auth, identity, RBAC (16 roles × 365 permissions), audit trail (immutable, signed), school branding (every page re-tints from one variable), multi-tenancy via RLS on every table, super-admin command-centre, owner portal for school founders, and the school websites built into the platform.
What this cluster carries
8 signature capabilities
16 roles × 365 permissions
43 modules × 8 actions + 21 custom permissions. Pre-seeded role-permission mappings, per-school override, program-scoped permissions.
Multi-tenancy by RLS
Every tenant table carries `school_id`. RLS uses `auth.school_id()` JWT claim. School A cannot see school B under any circumstance — enforced at the database, not the application.
School branding — re-tints everything
Logo, primary colour, secondary, fonts, animations, dark-mode pair, custom CSS. Every page reads from CSS variables. One save, the entire platform re-skins.
School public websites
Built into the platform. `sites/[school]/[[...path]]` template family. Zero YESS chrome by default, school owns the domain. Auto-publishes alumni success stories.
Super-admin command-centre
Tenant management, plans, subscriptions, feature flags, audit logs, tickets, impersonation (fully audit-logged), platform fee, YELE compliance across schools.
Owner portal — executive view
School founder/director sees: financials, enrolment, academics, staff, compliance, reports. Multi-pillar chrome, reading-pleasure layout, wider gutters.
Immutable audit log
Every sensitive mutation: who did it, when, with full delta. Write-once trigger. Signed. Searchable by super-admin across all tenants.
Real-world use case
“A parent calls the principal about a grade that was 75 yesterday and 68 today. The principal opens the audit log, filters by that student and that subject. Three rows appear: the original entry by the teacher, an edit by the head of department with the reason « Scoring error on Q4 — re-marked, 4 marks deducted », and a confirmation by the vice principal. The principal calls the parent back with the full timeline in 90 seconds. No ambiguity, no investigation, no he-said-she-said.”
What makes Platform Core elite
The receipts
Multi-tenancy enforced at the database — RLS on every table, not application-layer.
365 permissions × 16 roles — fine-grained access for every school structure.
School branding re-tints the entire platform from CSS variables. One save.
Immutable audit log on every sensitive mutation. Every change has a paper trail.
Keep going