SaaS Platformssimple complexity

Internal Tools Architecture

Architecture for building internal tools and admin dashboards with rapid development, strong access control, and audit trails that satisfy compliance.

Components

Considerations

Alternatives

simple

Complexity

Fit

When this blueprint fits

And when to walk away from it

When to use this

Customer support, operations, and finance teams need to query and mutate production data without becoming engineering tickets. Build internal tools when the cost of self-serve operations is higher than the cost of building them.

When NOT to use this

If a SQL console plus a couple of saved queries already serves the team and the audit trail is acceptable, do not build a tool. The lowest cost internal tool is the one you do not build.

Architecture

System components

Key building blocks of this architecture, layered from infrastructure up.

Admin UI Framework

Component library optimised for data-heavy interfaces with tables, filters, bulk actions, and inline editing. I default to shadcn/ui primitives layered with table libraries like TanStack Table when the volume is high. Refine or React Admin save time when the team is happy with their conventions.

shadcn/uiTanStack TableRefineReact Admin

Database Access

Safe database queries with audit logging, soft deletes, and impersonation guard rails. Every read and write goes through a typed access layer that records who did what and when. Compare ORM options in Prisma vs Drizzle.

PrismaDrizzleQuery BuilderAudit Logs

Access Control

Role-based access with granular per-resource permissions and just-in-time elevation for sensitive actions. Read-only by default, write requires a role, dangerous actions require a second approver. SSO via your existing identity provider is non-negotiable for compliance.

RBACSSOJust-in-Time AccessAudit Trail

Workflow Automation

Automated workflows triggered by events, schedules, or manual actions. Scheduled cleanups, daily reports, and one-off bulk operations all live here. Wire each workflow to the same audit log as direct user actions so the history is complete.

InngestTemporalCronWebhooks

Integrations

Two-way connections to external services so support agents resolve tickets without leaving the tool. Stripe lookups, Salesforce records, Zendesk tickets, and feature flags should all be visible in context.

RESTWebhooksOAuthiframe Embeds

Search and Navigation

Global search across customers, orders, users, and tickets with keyboard-first navigation. The team will use this 50 times a day. A fast command palette is the highest-leverage feature on the list.

Command PaletteMeilisearchKeyboard Shortcuts

Notifications and Approvals

Slack and email notifications for sensitive actions, with approval flows for high-risk operations. Refunds over a threshold, account deletions, and bulk operations all benefit from an extra pair of eyes.

SlackEmailApproval Workflows

Planning

Critical considerations

The things I have learned the hard way and would not skip on the next build.

Prioritise developer velocity over polish. Internal tools serve internal users who care about speed of iteration more than animation timing.

Implement comprehensive audit logging from the start. Every mutation, every impersonation, every refund. The audit log is your friend during incidents and your protection during disputes.

Consider low-code options for simple CRUD interfaces. Retool, Appsmith, or Internal earn their keep on forms and queries. Switch to custom code when the workflow is the differentiator.

Treat impersonation as a security feature. Log it, expire it, and notify the impersonated user after the fact. Customer support should never be a back door.

Contact me for an internal tooling audit.

Options

Alternative approaches

Where I would consider a different shape entirely, with the trade-offs spelled out.

Alternative 01

Retool for rapid internal tool building with strong database and API integrations.

Alternative 02

Appsmith or Tooljet for open-source alternatives when you want self-hosting and full control.

Alternative 03

Airplane or Briefer for developer-focused internal tools that pair scripts and workflows with a UI.

Alternative 04

Forest Admin when most of your needs are auto-generated admin panels over a known database schema.

Implementation

Related playbooks

Step-by-step guides for the harder parts of this architecture.

Securing Your API Endpoints

API security is not a sprinkle of middleware, it is a layered set of defenses where any one missing layer opens the door. This is my full checklist for hardening API endpoints: authentication, rate limiting, validation, CORS, audit logging, and the response headers that mitigate the long tail of browser-side attacks. Used on every production API I have shipped.

Read playbook

Setting Up Authentication with Next.js

Authentication is the part of an app that has to be boring. This is the exact sequence I follow to bolt secure auth onto a Next.js project without inviting weird edge cases six months later. It covers provider choice, database design, session handling, route protection, and the small UI details that decide whether a login flow feels trustworthy or sketchy.

Read playbook

In practice

Related case studies

Where I have applied this blueprint to real builds and what changed in practice.

Platform Engineering Team Setup

Built and launched an internal developer platform from scratch, codifying golden paths so product teams could ship without filing tickets.

View case study

Thinking

Related insights

Essays where I argue the trade-offs behind the choices in this blueprint.

Complexity Is the Enemy

A meditation on complexity, simplicity, and why the most impactful engineering often involves removing things rather than adding them.

Read essay

Need a partner on this?

Need help implementing this blueprint?

I help teams adapt blueprints like this to their specific requirements and ship from planning through production.

Start a project Get in touch

Next up

Data Pipelines | complex complexity

Event-Driven Architecture

Event-driven system architecture with message queues, event sourcing, CQRS, and sagas for complex workflows that need auditability and decoupling.

SaaS Platforms