Facilize
A complete SaaS platform that centralizes scheduling, finances, inventory and CRM — from solo professionals to multi-branch networks.
Next.js
NestJS
PostgreSQL
Prisma
Stripe
TypeScript
Tailwind
Docker7+
Modules
100+
Permissions
3
Portals
15+
Services
Service providers waste time and money with spreadsheets, notebooks, and disconnected systems.
The target audience ranges from solo beauty and health professionals to networks with multiple branches and dozens of employees.
Facilize unifies online scheduling, financial control, inventory, CRM, and team management in a single platform — with Stripe, Google Calendar, and real-time notifications.
The Edge
Modular multi-tenant architecture where every completed appointment automatically triggers financial transactions, inventory deduction, commission calculation, and CRM updates — with zero manual intervention.
Modules covering the full business cycle
Scheduling
Real-time coordination layer with specialized services for conflict validation, per-employee availability, time blocks, approvals, notifications, and automatic integration with finances, inventory, and commissions.
Services
Catalog with flexible pricing: fixed, hourly, or quote-based. Cost calculation with ingredients, profit margin, and per-employee assignment. Presential, online, or home visit modalities.
Finances
Encrypted transactions, multiple accounts, credit cards with automatic invoices, recurring reminders, savings goals, and fiscal note emission.
CRM
Organizational customers, notes, interactions, and full history. Invoices, per-customer revenue metrics, and automatic follow-ups.
ERP & Team
Multi-branch, 100+ granular permissions, access levels, commissions (%, fixed, or hybrid), sales goals, ranking, and individual cash registers.
Inventory
Products with automatic movements linked to appointments. Per-branch inventory with automatic deduction and reversal.
Reports
PDF, CSV, and Excel with templates. Scheduling, financial, inventory, commissions, and performance analytics.
Integrations
Payment-provider webhooks for subscription lifecycle, Google Calendar OAuth, WebSocket for real-time notifications, and Prometheus-compatible observability.
From solo professionals to companies with dozens of employees
Solo Professional
Simplified dashboard, personal calendar, public booking link, and integrated financial control. Plans with volume-adjusted limits.
Company
Multi-branch with employee hierarchy, department permissions, chained approvals, team goals, and consolidated reports.
Arquitetura que escala com o negócio
100+ Granular Permissions
Authorization system by resource, profile, and company with 5 access levels: basic, departmental, managerial, executive, and admin.
Approval Flow
Receptionist books → manager approves. History of approvals, rejections, and action audit.
Automatic Side-effects
Completed appointment triggers financial transaction, inventory deduction, commission calculation, and CRM update automatically.
Observability stack
Prometheus-compatible metrics, dashboards for capacity and HTTP health, and runtime signals that support reliable production operations.
Financial Encryption
Sensitive transaction, account, and category data encrypted at rest with on-demand decryption.
Plans & Limits
Feature and limit control by plan: allowed appointment types, recurrence, home visits, and monthly quotas.
Metrics, dashboards, and operational awareness
The backend integrates with a Prometheus-compatible metrics stack: time series feed internal dashboards and support capacity decisions. Cache and database layers expose health signals for operators. A scheduled evaluator correlates recent trends and notifies trusted contacts when patterns suggest abuse, instability, or incident conditions—with safeguards so gaps in the metrics path do not produce misleading notifications.
What we measure
- 1Runtime and Node-level signals: memory footprint, CPU pressure, event-loop responsiveness, and related process health indicators.
- 2HTTP-level aggregates for the API—throughput, error mix, and latency percentiles—alongside domain-oriented counters where they help triage production issues.
- 3Degraded but safe behavior when the metrics backend is unavailable, avoiding automated actions on incomplete data.
Infrastructure signals
- Cache tier: connectivity checks and coarse capacity indicators suitable for ops dashboards.
- Primary datastore: connectivity health and connection-pressure indicators without exposing internal statistics commands or schemas.
Security & reliability notifications
Policy-driven rules run on a regular cadence, classify findings by severity, and group related conditions so operators can respond without alert fatigue.
- Notifications go only to designated operational contacts through the platform mail channel; nothing is sent when no eligible recipient exists.
- Repeated alerts of the same class are throttled so sustained incidents do not flood inboxes.
- Coverage is described at architecture level—authentication stress, server-side error rates, latency regression, unusual traffic, persistence connectivity—without publishing thresholds, environment keys, metric names, or implementation identifiers that could aid abuse.
Tuning, routing, credentials, and rollout details live in private configuration and change management, not in public copy, so this case study communicates capability and architecture without a playbook for bypassing safeguards.
End-to-end development, from product to infrastructure
Product ideation, business model, and roadmap
Modular architecture with automatic cross-module integration
Design system, dashboards, employee portal, and public pages
REST APIs with business validations and granular authorization
Multi-tenant modeling with Prisma and versioned migrations
Deployment with Docker, CI/CD, and AWS infrastructure
Frontend
Three distinct portals — owner, employee, and public — each with flows optimized for their use context.
- Design system with tokens, variables, and reusable components
- Complex state handling: loading, error, empty, and success states
- Dynamic forms with real-time validation
- Full responsiveness, including dashboards and data tables
- Lazy loading, code splitting, and image optimization
- API consumption with retry, caching, and error handling
- Authentication with JWT, 2FA, and Google OAuth
Components
Atomic composition with custom hooks. UI separated from business logic.
Responsiveness
Mobile-first with horizontal-scroll tables and adaptive layouts.
Performance
Per-route code splitting, lazy module loading, and data caching.
Authentication
JWT, 2FA, OAuth, and session management with device control.
Backend
Modular NestJS API with 15+ specialized services per domain, each encapsulating its rules and integrating automatically via events and side-effects.
- Modular architecture across Auth, Scheduling, Finances, CRM, ERP, and Reports—each domain encapsulates rules, validation, and authorization
- 100+ granular permissions with 5 access levels and per-employee customization
- Appointment approval flow with history and action audit
- Automatic side-effects: appointment completion triggers finances, inventory, commissions, and CRM
- Payment-provider webhooks, Google Calendar OAuth, and real-time WebSocket notifications
- Audit log for all critical actions with filters and export
Database
PostgreSQL with Prisma ORM. Multi-tenant modeling with complex cross-domain relations, versioned migrations, and sensitive data encryption.