DocumentationBack to app →
All guides

Other

System Architecture: The Four Control Planes

Member Access OS is structured into four distinct planes of operation. This separation ensures that each participant in the ecosystem only sees and manages what is relevant to their role, maintaining security and operational clarity.

1. Platform Plane (The "Brain")

Operator: Incrementic (System Administrators)

This is the global control center for the entire platform. It is completely hidden from all tenants and end-users.

  • Scope: Global Platform.
  • Responsibilities:
    • Tenant Management: Creating and onboarding new Organizations.
    • Feature Gating: Enabling or disabling platform features (e.g., BYO Pass Ninja, enterprise integrations).
    • Billing: Managing global subscriptions and system-wide usage.
    • System Health: Monitoring node heartbeats, diagnostics, and infrastructure stability.
    • Global User Directory: Managing cross-organization user identities.

2. Organization Plane (The "Brand")

Operator: Organization Owner (e.g., a gym chain owner, a country club board)

This plane defines the brand-wide identity and business policies that apply to one or more facilities.

  • Scope: Brand-wide.
  • Responsibilities:
    • Identity: Managing logos, primary colors, and digital wallet pass templates.
    • Products: Defining membership packages, pricing models, and billing models.
    • Team: Managing high-level staff permissions and organization roles.
    • Commercials: Managing the organization's subscription and billing relationship with the platform.
    • Reporting: Accessing aggregated data across all owned facilities.

3. Facility Plane (The "Venue")

Operator: Facility Manager (e.g., a specific branch or venue manager)

This plane handles the physical reality of a single location. A facility manager operates here to keep the venue running without needing access to organization-level branding or commercial settings.

  • Scope: Single Physical Location.
  • Responsibilities:
    • Hardware Control: Mapping reader serial numbers and managing "Heartbeats."
    • Access Rules: Setting door schedules, entry rules, and relay configurations.
    • Operations: Managing the member roster and the local approval queue for that site.
    • Local Alerts: Receiving notifications for connectivity drops or hardware failures.
    • Staffing: Managing local staff assignments and permissions.

4. Member/User Plane (The "Edge")

Operator: The End User (Member)

This is the pure consumer experience. Members never see the administrative control planes.

  • Scope: Individual User Profile.
  • Responsibilities:
    • Access: "Tap and Go" entry using a phone wallet, key fob, or NFC tag.
    • Account Management: Uploading proof of payment for approval.
    • Pass Claiming: Adding their digital credential to Apple or Google Wallet.
    • Profile: Managing their own headshot and basic contact info.

Why this matters

By strictly isolating these planes, we prevent operational noise. A front-desk manager at Facility A cannot accidentally change the billing configuration for the entire Organization, and a Member never has visibility into the internal hardware IDs or system-level feature flags.