{ "generated_at": "2026-06-12T22:05:57.098Z", "system": { "id": "topolo-one", "name": "TopoloOne", "slug": "topolo-one", "kind": "application", "summary": "Unified personal and organization live workspace, personal-profile family management, authenticated app catalog, worker-backed pricing, owner-linked subscription billing, content, growth, and developer-acquisition surfaces for TopoloOne.", "aliases": [], "lifecycle": "active", "last_verified": "2026-06-05", "owners": [ "platform-experience" ], "repo_paths": [], "external_repo_paths": [ "Apps/shared/TopoloOne" ], "service_ids": [ "srv_B6QXlas6w9V0" ], "visibility": "public", "api_contract": { "type": "curated", "source": "PlatformApplications/TopoloOne/apps/dashboard-web/src/lib/api.ts", "notes": "The dashboard contract is defined by the Auth-backed client routes it calls, including the app-switcher catalog for installed live-workspace widgets, the same-origin `POST /api/widgets` batch route that fans out server-side to native app `GET /api/widget` endpoints, anonymous Developers-owned store catalog/search/detail routes for the authenticated /apps catalog, Auth service-surface metadata for separating launchable applications from technical services, active-context routing, selected-household state for personal-profile family flows, backend launcher preferences, app commerce metadata, org-user install assignment data, household-management routes, API-key management routes, Auth recovery-email status through `/api/auth/me/recovery-email`, and the TopoloNotify-backed live `/actions` queue, which renders Notify `surface=action` rows without P2P-specific APIs or app-switcher catalog enrichment. Worker-fronted dashboard shell routes strip inbound Cloudflare loop/proxy headers before serving or forwarding dashboard assets so `one.topolo.app` and `one.stg.topolo.us` can deliver the dashboard bundle without Cloudflare loop protection blocking the custom host. /dashboard is workspace-only, /apps is the canonical authenticated app catalog, /actions is the full human-required platform action surface backed by Notify row metadata, short-lived live tokens, WebSocket invalidations, and Notify-owned S2S operation receipts, and /store is not a supported alias. The authenticated dashboard uses TopoloAppShell navigationMode=topbar, including shared mobile nav/header behavior, forwards only `personal` or `organization` active context into the shared launcher, keeps the brand lockup to the Topolo mark plus wordmark without the trailing One suffix, and keeps Improve Topolo in the shared account menu rather than the main header; household is not a peer workspace and instead stays attached to personal context through Auth `selectedHouseholdId` plus `selectedHousehold` with the Auth catalog entry for slug `topolo-one` marked `household_capable`. /dashboard must open directly into live workspace widgets without context/status chips, installed-app counts, pinned-count badges, or manual refresh controls above the widget grid because widget refresh is automatic; app-catalog hydration should show widget skeletons rather than an empty shell. The dashboard browser callback delegates Auth SSO one-time sso_code exchange to the shared Auth client and does not accept direct bearer-token callback URLs or expose a legacy `/sso?token=` handoff helper. The dashboard /login route is the first-party embedded password-login surface for One, lands password-authenticated users on /dashboard, and requires /api/auth/me hydration before organization-context users are treated as ready so service onboarding state is available and the login route does not visibly bounce after success. The dashboard /onboarding route starts with mandatory personal recovery-email verification, then completes organization service onboarding through the fixed TopoloOne Auth service id `srv_B6QXlas6w9V0`, and redirects already-complete users back to /dashboard on direct refresh. The widget batch route caches successful native payloads per user and active context for 45 seconds, keeps a five-minute KV stale fallback for degraded app responses, renders metadata-backed overview widgets only when native fetches fail, excludes merely available catalog apps from the live workspace grid so widget fan-out stays scoped to installed context apps, carries Developers catalog icon assets into widget chrome, and supports explicit widget-host overrides for apps whose native widget endpoint is not served from the canonical browser origin, including Commerce, Learn, Nexus, Quro, Forecast, Roadmapper, and Socialize. Browser widget launches and shared app-switcher launches must mint Auth SSO handoff codes before opening destination tabs, carry the target app icon asset through the handoff callback so destination loading/error surfaces do not fall back to generated placeholder icons, and must surface handoff failures instead of leaving `about:blank` tabs or falling back to unauthenticated app landing pages. The authenticated `/apps` catalog now mirrors the active workspace contract as well: organization context may surface the full business catalog, while personal context must use personal-context Auth access metadata, avoid borrowing an org id, and hide apps without explicit `personal` supported-context or personal-profile household capability metadata. The marketing worker adds public checkout, waitlist, demo-booking, contact/feedback submission, admin-session, owner-linked subscription-webhook ingestion, org billing preview, org billing portal, and internal seat-reconciliation endpoints plus static portfolio and developer acquisition routes. The marketing site dogfoods Topolo Consent through the `topolo-one-marketing` project; the host banner remains local-first, while accept/decline decisions sync analytics, personalization, and advertising purposes through the Consent web SDK, with staging pointed at `https://consent.stg.topolo.us`. Paid checkout carries TopoloOne package metadata for three, five, ten, and everything bundles through Nexus/Stripe; those bundles define paid Topolo app access while third-party apps and customer-built apps remain unlimited through the app store. The free workspace path uses a $1/year Stripe verification subscription and stores completed free-workspace subscriptions separately from paid subscription records. Platform subscription records now live in D1 by `owner_type` and `owner_id`. Public pricing includes the honest 80%-and-growing comparison against mature specialist SaaS stacks, states that each paid seat can be used by a human or one Topolo agent, frames the listed public price as the minimum, routes enterprise pricing through the request-based demo flow for larger rollouts and custom security, compliance, procurement, rollout, or usage needs, and says 50% of paid seat revenue goes directly back into tokens for improving Topolo and its available tools and applications. Public launch CTAs now route to signup or demo requests instead of an inert waitlist button, public roadmap feedback routes to the `/feedback` form backed by `POST /api/contact`, and public social metadata points to `https://x.com/topolotech`, `https://www.instagram.com/topolotech/`, and `https://github.com/Topolo-io`. Public developer CTAs now hand off from TopoloOne into the separate TopoloDevelopers application on developers.topolo.app/signup. The TopoloOne mobile shell at PlatformApplications/TopoloOne/apps/mobile is a Flutter launchpad for iOS and Android that mirrors /dashboard, /apps, /actions, and /settings, but replaces in-app launching with install-aware app-store handoff: tapping a catalog entry first attempts the universal link at one.topolo.app/launch/?code= minted from the dashboard worker, falls back to the platform-appropriate App Store or Play Store URL when the target native app is not installed, and falls back to the browser web launch URL when no native build exists. The shared PlatformApplications/TopoloOne/packages/topolo_mobile_core package is the canonical Dart/Flutter implementation of TopoloAuthClient OAuth/PKCE refresh-token storage in the iOS Keychain access group group.io.topolo.shared, the TopoloApi catalog and handoff-code mint client, and the TopoloAppShell wordmark lockup, and is the only place other Topolo Flutter apps adopt platform identity, design tokens, and deep-link reception." }, "primary_hosts": [ "https://one.topolo.app", "https://topolo.app", "https://www.topolo.app", "https://one.stg.topolo.us", "https://api.one.stg.topolo.us", "https://topolo.io", "https://www.topolo.io", "ios-app://io.topolo.topolo_one", "android-app://io.topolo.topolo_one" ], "doc_paths": [ "applications/one", "internal/apps/topolo-one" ], "security_assurance": { "risk_tier": "critical", "auth_boundary": "Topolo Auth service access, active-context selection, and membership-bound authorization with TopoloOne dashboard and app-switching authorization. The first-party embedded password-login path persists through the shared Auth client before dashboard-owned navigation. Protected dashboard-worker API routes validate bearer tokens through Auth `/validate` with `X-Service-ID` set to the configured TopoloOne service id `srv_B6QXlas6w9V0`, use Auth-returned permissions as the authorization source, and fail closed with 503 when that service identity is missing.", "tenant_isolation": "mixed", "external_inputs": [ "browser", "api", "callback", "third_party_app" ], "sensitive_data": [ "identity", "org_data", "customer_content", "telemetry" ], "last_security_review": "2026-04-30", "security_review_status": "reviewed", "pentest_status": "passed", "evidence_doc": "internal/apps/topolo-one" }, "data_privacy": { "classification": "restricted", "sensitive_data_classes": [ "customer_content", "identity", "organization", "telemetry" ], "storage_locations": [ "d1", "external_provider", "kv" ], "encryption_at_rest": "application_layer_required", "encryption_in_transit": "https_only", "key_management": "versioned_platform_key_required", "retention_policy": "partial", "deletion_export_status": "planned", "logging_redaction_status": "needs_review", "privacy_review_status": "reviewed", "enterprise_ready": false, "evidence_doc": "internal/apps/topolo-one" }, "dependencies": [ "topolo-auth", "topolo-nexus", "topolo-developers", "topolo-p2p", "applications-packages", "topolo-agent" ], "bugfix_policy": { "tier": "autonomous", "preferred_agent": "either", "require_validator": false }, "public_hub_url": "/systems/topolo-one", "internal_hub_url": null, "application_api_url": "/reference/apps/topolo-one", "generated_openapi_url": null, "machine_urls": { "system": "/machine/systems/topolo-one.json", "application": "/machine/applications/topolo-one.json" } }, "docs": { "public": [ { "id": "applications/director", "title": "Topolo Director", "summary": "Public overview of Director as the Topolo workspace for proof-driven product demo runbooks and readiness gates.", "audience": "public", "tags": [ "director", "demos", "runbooks" ], "url": "/applications/director", "last_verified": "2026-05-13" }, { "id": "applications/forecast", "title": "Topolo Forecast", "summary": "Public overview of the forecasting product for cash-flow, P&L, KPI, and multi-scenario planning workflows.", "audience": "public", "tags": [ "forecasting", "finance", "planning" ], "url": "/applications/forecast", "last_verified": "2026-05-13" }, { "id": "applications/one", "title": "TopoloOne", "summary": "Public overview of the TopoloOne dashboard, worker-backed growth surfaces, and the public developer-acquisition funnel.", "audience": "public", "tags": [ "dashboard", "operators", "api-keys" ], "url": "/applications/one", "last_verified": "2026-05-14" }, { "id": "guides/quick-start", "title": "Quick Start", "summary": "Fast onboarding path for developers integrating with Topolo services.", "audience": "public", "tags": [ "onboarding", "auth", "api-keys" ], "url": "/guides/quick-start", "last_verified": "2026-04-07" }, { "id": "platform/api-keys", "title": "API Keys", "summary": "Central API key model, scope ownership, and resource binding behavior across Topolo services.", "audience": "public", "tags": [ "api-keys", "security", "platform" ], "url": "/platform/api-keys", "last_verified": "2026-04-07" }, { "id": "platform/architecture", "title": "Platform Architecture", "summary": "Top-level platform shape, authority boundaries, and how the unified documentation platform maps onto the codebase.", "audience": "public", "tags": [ "architecture", "platform", "systems" ], "url": "/platform/architecture", "last_verified": "2026-04-10" } ], "internal": [], "runbooks": [] }, "authority": { "owners": [ "platform-experience" ], "repo_paths": [], "service_ids": [ "srv_B6QXlas6w9V0" ], "dependencies": [ "topolo-auth", "topolo-nexus", "topolo-developers", "topolo-p2p", "applications-packages", "topolo-agent" ], "aliases": [] }, "interfaces": { "contract_type": "curated", "contract_source": "PlatformApplications/TopoloOne/apps/dashboard-web/src/lib/api.ts", "contract_source_exists": false, "openapi": null, "readme": null }, "auth": { "depends_on_topolo_auth": true, "api_key_scopes": [ { "id": "aks_oneclick_api_keys_write", "name": "api_keys.write", "description": "Manage Topolo One machine credentials", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_one_apps_read", "name": "apps.read", "description": "View application catalog", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_one_apps_write", "name": "apps.write", "description": "Manage applications and deployments", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_one_dashboard_read", "name": "dashboard.read", "description": "View OneClick dashboard", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_one_entitlements_read", "name": "entitlements.read", "description": "View per-user entitlements and seat assignments", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_one_launcher_read", "name": "launcher.read", "description": "Read launcher state and pinned apps", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_one_launches_read", "name": "launches.read", "description": "Generate or inspect launch flows", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_one_notifications_read", "name": "notifications.read", "description": "View notification state", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_one_notifications_write", "name": "notifications.write", "description": "Manage notification subscriptions", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_one_settings_read", "name": "settings.read", "description": "View system settings", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_one_settings_write", "name": "settings.write", "description": "Manage system configuration", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_one_widgets_read", "name": "widgets.read", "description": "Read widget and summary data", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_one_workflows_read", "name": "workflows.read", "description": "View automation workflows", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_one_workflows_write", "name": "workflows.write", "description": "Create and edit workflows", "resourcePattern": null, "kind": "api_key_scope" } ], "service_permissions": [ { "id": "perm_oneclick_api_keys_write", "name": "api_keys:write", "description": "Manage Topolo One machine credentials", "resourcePattern": null, "kind": "permission" }, { "id": "perm_oneclick_apps_read", "name": "apps:read", "description": "View application catalog", "resourcePattern": null, "kind": "permission" }, { "id": "perm_oneclick_apps_write", "name": "apps:write", "description": "Manage applications and deployments", "resourcePattern": null, "kind": "permission" }, { "id": "perm_oneclick_dashboard_read", "name": "dashboard:read", "description": "View OneClick dashboard", "resourcePattern": null, "kind": "permission" }, { "id": "perm_one_entitlements_read", "name": "entitlements:read", "description": "View per-user entitlements and seat assignments", "resourcePattern": null, "kind": "permission" }, { "id": "perm_one_launcher_read", "name": "launcher:read", "description": "Read launcher state and pinned apps", "resourcePattern": null, "kind": "permission" }, { "id": "perm_oneclick_launches_read", "name": "launches:read", "description": "Generate or inspect launch flows", "resourcePattern": null, "kind": "permission" }, { "id": "perm_oneclick_notifications_read", "name": "notifications:read", "description": "View notification state", "resourcePattern": null, "kind": "permission" }, { "id": "perm_oneclick_notifications_write", "name": "notifications:write", "description": "Manage notification subscriptions", "resourcePattern": null, "kind": "permission" }, { "id": "perm_oneclick_settings_read", "name": "settings:read", "description": "View system settings", "resourcePattern": null, "kind": "permission" }, { "id": "perm_oneclick_settings_write", "name": "settings:write", "description": "Manage system configuration", "resourcePattern": null, "kind": "permission" }, { "id": "perm_oneclick_widgets_read", "name": "widgets:read", "description": "Read widget and summary data", "resourcePattern": null, "kind": "permission" }, { "id": "perm_oneclick_workflows_read", "name": "workflows:read", "description": "View automation workflows", "resourcePattern": null, "kind": "permission" }, { "id": "perm_oneclick_workflows_write", "name": "workflows:write", "description": "Create and edit workflows", "resourcePattern": null, "kind": "permission" } ] }, "runtime": { "primary_hosts": [ "https://one.topolo.app", "https://topolo.app", "https://www.topolo.app", "https://one.stg.topolo.us", "https://api.one.stg.topolo.us", "https://topolo.io", "https://www.topolo.io", "ios-app://io.topolo.topolo_one", "android-app://io.topolo.topolo_one" ], "repo_entries": [], "wrangler_surfaces": [], "packages": [] }, "data": { "env_vars": [], "bindings": [], "queue_bindings": [], "storage_kinds": [], "workflow_signals": [] }, "deployment": { "commands": [], "routes": [], "environments": [], "assets_directories": [], "observability_enabled": false }, "debugging": { "failure_modes": [ "No wrangler.toml surface was discovered under the registered repo paths.", "The registered contract source is missing: PlatformApplications/TopoloOne/apps/dashboard-web/src/lib/api.ts", "Neither OpenAPI nor README-derived interface detail was found." ], "entrypoints": [ "PlatformApplications/TopoloOne/apps/dashboard-web/src/lib/api.ts" ] } }