Introduction

Note

This documentation aims to guide our partners through Toucan Toco architecture, introducing design choices and the security norms it respects.

Specific emphasized blocks like this one provide a high-level view in order to keep things simple and quick while the rest covers topics in depth.

Business owners and administrative users, this will show you an overview of our architecture and answer some of your questions about how Toucan Toco works. You can forward it to your IT department if they need more information.

IT departments & architects, this gives you a complete overview of the architecture of our apps, and will help you identify how Toucan Toco can be integrated easily with your information system. It also describes the prerequisites needed to install our components as on-premises software.

Security experts, this aims to transparently let you assess our security level and answer questions and address possible concerns you have regarding our authentication and authorization processes. It also shares the practices and processes we implement in our own information system to ensure that the data you transmit to us stays in good hands.

Definitions

Like most web apps, Toucan Toco is mainly made up of two distinct parts: the client and the server.

Web application

Important

Toucan Toco is a web application. Meaning it can be visited in a web browser.

The app is compatible with recent versions of Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Edge. Microsoft Internet Explorer 11 is also supported in a slightly degraded way, where some animations are broken.

The client / front-end stack

Important

The client (or front-end) lives in your web browser and is downloaded when you go to the web address we provided you. It does not contain any data or app-specific configuration. It’s just the engine, not the fuel.

The front-end isn’t client-specific. It’s a configurable engine that renders an app from a set of configuration files and some data. It’s made up of HTML, CSS and JavaScript files that can be delivered by a static file server or a CDN. Moreover, it can be embedded in a mobile app (with Apache Cordova) to be distributed in a store.

The server / back-end stack

Important

The server (or back-end) is a machine either in our french datacenter or, if you choose to, on your own machines (on-premises offer). It’s responsible for the delivery of the data to the client.

The server is essentially a REST API. It has routes (URL) on which the client can identify itself and ask for the configuration of the app it wants to display. It’s the only part of the architecture that directly requests the required data to build the charts.