Back

B2b Support Desk

Tenant-aware B2B customer support platform built with Laravel, Inertia, Vue, Sanctum, PostgreSQL, Redis queues, Reverb, and Tailwind-inspired admin and portal UI.

Tech Stack :
Source Code
B2b Support Desk

Support Desk

Tenant-aware B2B customer support platform built with Laravel, Inertia, Vue, Sanctum, PostgreSQL, Redis queues, Reverb, and a shadcn/Tailwind-inspired admin and portal UI.

Implemented Production Core

  • Provider admin console and customer portal
  • Provider Command Center for platform health, customer workspaces, configuration coverage, and quick admin actions
  • Tenant-scoped companies, users, roles, invitations, tickets, comments, attachments, API tokens, webhooks, and audit logs
  • Company-based 24/7 SLA policies with first-response and resolution breach tracking
  • Real dashboard metrics for provider operations and customer portal workspaces
  • Attachment allowlist validation with file type and size limits
  • Invitation revoke/resend and user role/status management
  • Webhook delivery visibility, test delivery, manual retry, and secret rotation
  • API v1 ticket endpoints with idempotent ticket creation, OpenAPI documentation, and company-gated Swagger UI
  • Company-scoped human ticket numbers such as
    , with numeric portal/admin ticket URLs and legacy public-id redirects
  • Database + mail notification center with header inbox dropdown, read/unread filters, and a full notifications archive
  • Personal and shared saved ticket views for admin and portal ticket lists
  • Provider bulk ticket actions for status, assignment, priority, and tags
  • Public knowledge base for portal/API clients plus provider-managed internal content
  • Provider canned responses with ticket/requester/company variables
  • Ticket comment mentions with ticket-access scoping
  • Provider ticket merge and split workflows with ticket events and audit logs
  • CSAT surveys sent on first resolution, with single-use token responses
  • Synchronous CSV/PDF exports for ticket and CSAT reports
  • Async report center with queued CSV/PDF exports, history, status, download, and errors
  • Knowledge base v2 with category hierarchy, article edit/delete, version history, and portal helpful feedback
  • Provider automation rules with trigger/condition/action execution logs
  • Provider-agnostic inbound email webhook for Mailgun/Postmark/SendGrid/generic payloads with
    dedupe
  • Laravel Reverb/Echo private channels for live notification, ticket, report export, and webhook delivery updates
  • Global header search across tickets, comments, companies, users, and knowledge base with tenant scoping and PostgreSQL full-text indexes where supported
  • CSAT resend/reminder support plus summary metrics on reports
  • Webhook public delivery IDs, payload viewer, custom test payloads, audit filters/detail/CSV export
  • Attachment security through MIME, extension, and size allowlists
  • Portal branding settings and user notification delivery preferences

Setup

The default example environment expects PostgreSQL, Redis, and the PHP Redis extension. For a lightweight local-only run without Redis, set
and
in
.
Create or update a provider admin:
Run the local app, queue workers, Reverb, logs, and Vite:
If you change
,
, or any
value, restart
so Laravel and Vite both read the new environment.

Operations

SLA breaches are marked by the scheduled command:
In production, run Laravel scheduler every minute and keep queue workers alive for the
,
,
,
, and
queues. Start Reverb when
.
The scheduler marks SLA breaches and requeues stale report exports:
Attachment upload validation is configured with:
Inbound email webhooks are available at:
Set
to require
. Messages are matched by company payload/default company, sender email, and ticket numbers like
.
Reverb local configuration:
Keep
unless
is running; otherwise the browser will try to connect to port
.

API

API clients are managed from the customer portal. Use bearer tokens against
.
The OpenAPI description is available at docs/openapi.yaml. Interactive Swagger UI is available at
for provider admins and for client companies with API docs access enabled.
Provider admins can enable or disable client-company API docs access from company detail pages and the Command Center.
Ticket creation supports an optional
header. Reusing a key with the same body returns the stored response; reusing it with a different body returns a validation error.
Default API token abilities now include ticket creation/read/comment, attachment upload, public knowledge base read, company-safe bulk ticket updates, report exports, and CSAT writes.
requires either
or
.
Webhook deliveries are signed with:
The signature payload is
using the endpoint secret.

Verification

Production Checklist

  • Configure
    with
    ,
    , a stable
    , PostgreSQL, Redis, mail, storage, and
    .
  • Run
    and create the first provider admin with
    .
  • Run a queue worker for
    and run Laravel scheduler every minute.
  • Start Reverb only when
    , then set
    before building assets.
  • Keep
    and
    writable by the PHP process.
  • Review attachment MIME, extension, and max-size allowlists before enabling customer uploads.
  • Verify
    , login, ticket create/comment, report export, webhook retry, and notification delivery after deploy.
  • Back up PostgreSQL and persisted attachment/report storage on the same retention schedule.
  • Run
    ,
    ,
    , and
    in CI before release.

Roadmap

The current production workflow roadmap is implemented. Future work can focus on report scheduling, richer article approval workflows, provider-facing API clients for operational actions, and deeper full-text search ranking.