Skip to main content

Architecture Overview

KNX Clarity is a cloud-hosted SaaS platform. This page gives a high-level, black-box view of how the system is organised — what you'd want to know to evaluate KNX Clarity in a procurement or integration context.

Shape

  • Web application. A modern single-page web app, accessed at knx-clarity.com. Works on current desktop and mobile browsers; no installation required.
  • Cloud backend. Multi-tenant SaaS hosted in the European Union. Each organisation is isolated from every other organisation at the data layer.
  • Authentication. Email + password sign-in with optional multi-factor authentication. Per-user session timeout and device-bound credentials.
  • File storage. ETS exports, plan PDFs, and other attachments are encrypted at rest and accessible only through the platform (no direct-bucket links).

Tenancy & data isolation

Every read and write is scoped to the caller's organisation. A user who belongs to org A cannot read, list, or mutate data belonging to org B, regardless of how a request is constructed — the gate sits in the backend, not the client.

Sharing is opt-in: an integrator explicitly grants a customer read-access to a specific project, with the option to redact rooms or sub-trees before sharing.

Audit

Significant actions (project create/archive, member add/remove, role change, ETS upload, share grant/revoke, etc.) are written to an append-only audit log scoped to the org. Admins can review the log under Settings → Audit log.

Operational notes

  • Region. Production runs in eu-central-1 (Frankfurt).
  • Backups. Automated daily backups with point-in-time recovery.
  • Updates. Continuous deployment behind a beta feature flag. Breaking changes are announced in the in-app changelog.
  • Status. Service status and incidents are published at status.knx-clarity.com.

Questions

Use the in-app feedback button (bottom-right on every page) or email info@knx-clarity.com.