public active Last verified 2026-04-15

Topolo Support

Public overview of the Topolo support platform for internal operations and customer-organization ticket workflows.

Owners
support-operations, platform-experience
Source Repos
PlatformApplications/TopoloSupport
Systems
Topolo Auth, Topolo Support
Tags
support, tickets, auth

What It Is

Topolo Support is the support platform for the Topolo ecosystem, used for both Topolo internal support operations and customer-organization ticket workflows.

Architecture

The application is a standalone Worker-hosted frontend at support.topolo.app. It relies on Topolo Auth for sign-in and requester-context reads, while ticket workflow state lives in the app’s own support-owned D1 schema. Public entry now uses the shared Auth-managed landing and login pages, and the signed console now uses the shared first-party shell and browser auth packages from PlatformApplications/packages instead of active Support-local copies. The signed desk now follows the same responsive shared shell pattern as the other first-party apps, including the shared launcher and local command palette surfaces. The shared public copy, provider visibility, and accent colors for Support are Auth-owned configuration under svc_topolo_support, and the same-origin /api/auth/* gateway is also the required path for shared launcher catalog reads. Signed access is tenant-scoped through explicit support workspaces and inboxes: Topolo operators can switch across workspaces, org operators can work only their own organization workspace, and requester-grade users can create and follow only their own public ticket threads. Support also keeps its own activity ledger, outbound notification outbox, and signed inbound webhook ledger so ticket creation, replies, assignment changes, and provider callbacks remain auditable while outbound email is delegated to Nexus. A scheduled Worker retry loop now re-attempts due queued or failed notifications with backoff, so customer-facing delivery does not depend on a currently signed-in operator.

Runtime Surfaces

The primary runtime host is https://support.topolo.app, with public entry routes at / and /login, and signed routes for /tickets, /tickets/:ticketId, and /macros.

API Reference

Topolo Support owns a dedicated /api/support/* route family for workspace context, tickets, messages, per-ticket notification dispatch, and signed inbound webhook ingestion. Auth remains the source of truth for identity and service access only, and Nexus is the outbound email delivery layer for queued Support notifications.

Auth and Permissions

Topolo Support uses the shared Topolo browser auth client and Auth-managed service access under svc_topolo_support.

Data Ownership

Topolo Support owns support workspaces, inbox metadata, tickets, message history, inbound webhook audit state, activity history, queued notification intents plus retry state, assignment state, SLA tracking, and workspace-scoped macros. Topolo Auth owns identity, organization, permission, and launcher metadata only, and Topolo Nexus owns the downstream email-provider delivery hop.

Deployments

Topolo Support deploys as the Cloudflare Worker topolo-support on support.topolo.app.

Failure Modes

  • the wrong Worker deployment or route serves support.topolo.app
  • the support-owned D1 binding is missing or misconfigured
  • the app bypasses Auth for requester context and drifts from the canonical identity source of truth
  • signed inbound provider calls reach Support without the configured webhook secret or with an invalid signature
  • queued outbound notifications cannot leave Support because no Nexus sender profile is available, the Support-to-Nexus service token is mismatched, or automated retries are not running

Debugging

Start with /systems/topolo-support, then verify the Worker deployment, support D1 binding, Auth session/context reads, inbound webhook audit rows, queued notification delivery metadata, and retry timestamps.

Change Log / Verification

  • Added dedicated Support-to-Nexus trusted service auth and scheduled outbox retries on 2026-04-15 so queued or failed customer-facing notifications now back off and retry automatically without relying on a signed-in operator
  • Added signed inbound webhook ingestion and Nexus-backed outbound notification delivery on 2026-04-15 so Support now records provider callbacks, retries queued per-ticket notifications from the signed desk, and hands actual email delivery off to Nexus
  • Added a support-owned communications ledger on 2026-04-15 so ticket creation, workflow updates, and replies now record activity events plus queued requester or agent notifications inside Support’s own data boundary
  • Introduced explicit support workspaces and inboxes on 2026-04-15 so customer organizations now land in a concrete workspace and inbox model instead of relying only on tenant-filtered queues, and workspace switching now drives which queue and macros the signed desk uses
  • Hardened Topolo Support to a tenant-scoped queue model on 2026-04-15 so signed users now see only the queues and replies appropriate to their Topolo or organization role, with guest/requester users limited to their own public ticket threads
  • Corrected the signed Support shell on 2026-04-15 so the app now follows the same responsive shared first-party shell composition and local command palette contract as the other Topolo apps instead of keeping a Support-local signed layout inside the shell container
  • Corrected the shared Support experience contract on 2026-04-15 so Auth now serves Support-specific landing/login copy and readable shared color tokens, while the local /api/auth/* gateway correctly forwards shared launcher catalog reads instead of returning 404s
  • Standardized Topolo Support public entry on the shared landing and login surfaces on 2026-04-15 so unauthenticated visitors now enter through the Auth-managed shared pages instead of a Support-specific public shell
  • Standardized Topolo Support on the shared first-party shell and browser package contract on 2026-04-15 so the signed desk now uses the shared launcher/shell/auth surfaces instead of the old Support-local package copies in the active build path
  • Created Topolo Support on 2026-04-13 as the dedicated internal support desk, replacing the old Admin placeholder route with a standalone application boundary
  • Switched Topolo Support to a Worker-with-assets deployment on 2026-04-13 after the Pages asset layer proved unreliable in production