This article explains how the Rackwave ecosystem is structured — how your client account, billing portal, platform workspaces, SSO, and webhooks all fit together. Understanding this architecture helps you integrate confidently and troubleshoot issues faster.
High-Level Architecture
Rackwave operates as a multi-layer platform with three distinct tiers:
| Layer | System | Purpose |
|---|---|---|
| Layer 1 | Rackwave Client Portal | Account management, billing, invoicing, subscriptions, SSO orchestration, support tickets, knowledge base |
| Layer 2 | Platform Applications | Independent SaaS platforms — MigoSMTP, Telnxo — each with their own dedicated infrastructure, database, and API |
| Layer 3 | Sending Infrastructure | Email delivery servers, SMS carrier routes, voice gateways, WhatsApp BSP — the actual communication delivery layer |
Client Portal (Layer 1)
The Rackwave Client Portal is your billing and account management hub. It handles:
- Authentication — your Rackwave username and password live here.
- Subscription management — creating, upgrading, suspending, and cancelling platform services.
- Billing & invoicing — generating invoices, processing payments, applying GST.
- SSO orchestration — generating time-limited tokens to log you into platform dashboards.
- Webhook dispatcher — broadcasting lifecycle events (plan activated, invoice paid, etc.) to your configured endpoints.
- Notification engine — sending email alerts for subscription events to your registered contacts.
Platform Applications (Layer 2)
Each platform — MigoSMTP, Telnxo — runs as a completely independent application on its own infrastructure:
- Isolated databases — your email logs, SMTP accounts, domain settings, and SMS history are stored separately per platform.
- Independent APIs — each platform has its own REST API with its own base URL, authentication, and rate limits.
- Separate dashboards — each platform has its own UI accessible at its own domain (
app.migosmtp.com,app.telnxo.com). - Per-platform API keys — API keys generated in MigoSMTP cannot be used in Telnxo and vice versa.
How Single Sign-On (SSO) Works
SSO is the mechanism that links your Rackwave account to your platform workspace without requiring a separate login. The flow is as follows:
- You click Access Platform in the Rackwave portal.
- The portal generates a unique, single-use SSO token — a cryptographically random string tied to your client ID, your workspace ID on the target platform, and a short expiry window (typically 5 minutes).
- The portal redirects your browser to the platform URL with this token as a query parameter.
- The platform receives the token, validates it against the portal via a server-to-server API call, confirms the token is genuine and unused, then creates an authenticated session for you.
- The token is immediately marked as used and cannot be reused.
- You land on the platform dashboard, fully logged in.
Webhook Architecture
Rackwave fires webhooks to your configured HTTP endpoint when key lifecycle events occur. This allows your internal systems to react automatically to subscription changes.
| Event | When It Fires |
|---|---|
trial_activated |
When a free trial is started on any platform |
service_activated |
When a paid subscription becomes active |
service_suspended |
When a subscription is suspended (billing or admin) |
service_cancelled |
When a subscription is permanently cancelled |
invoice_created |
When a new invoice is generated |
invoice_paid |
When an invoice is marked as paid |
invoice_overdue |
When an invoice passes its due date unpaid |
All webhook payloads are signed with an HMAC-SHA256 signature using your platform-specific webhook secret. Always verify this signature before processing the payload in your system.
Multi-Tenancy & Data Isolation
Rackwave is a multi-tenant system — meaning multiple clients share the same underlying platform infrastructure, but with strict data isolation:
- Your email logs, SMTP credentials, domain records, and API keys are never accessible to other tenants.
- Each workspace is identified by a unique tenant ID or workspace ID on each platform.
- Platform databases use row-level tenancy — every record is scoped to a workspace ID.
- API requests are authenticated using per-workspace API keys that enforce tenant scope server-side.
Data Flow — Sending an Email via MigoSMTP
- Your application sends an SMTP request (or API call) to
smtp.migosmtp.comusing your SMTP credentials. - MigoSMTP authenticates the request against your SMTP account, checks your daily quota, and accepts the message.
- The message is queued in the delivery engine and dispatched to the recipient's mail server.
- The recipient's server returns a delivery status — accepted, deferred, or bounced.
- MigoSMTP records the delivery event in your workspace logs.
- If you have open/click tracking enabled, a tracking pixel and link wrapping are injected before dispatch.
- Delivery events are pushed to your webhook endpoint (if configured) in real time.