Horaxis Enterprise deploys inside your private infrastructure as a containerized Docker stack. No production data leaves your network. You retain full data sovereignty.
Deploy as a containerized Docker Compose stack within your private network. No production data leaves your infrastructure. This eliminates the need for complex DPAs and cross-border data transfer legalities.
Pre-built connectors for SAP (RFC + OData), Oracle (Cloud + EBS), and Microsoft Dynamics 365. Authentication is managed via your existing ERP service user permissions, ensuring least-privilege access.
ERP credentials encrypted with AES-128 (Fernet) at rest. TLS 1.2/1.3 for all external connections. All application secrets managed via environment variable injection — no hardcoded credentials.
Multi-Factor Authentication (MFA) with TOTP on all administrative accounts. Role-based access control with enforced MFA for admin users. JWT-based session management with configurable token expiration.
Full audit trail on all system actions with 90-day retention policy. Every POST, PUT, DELETE, and PATCH request is logged with user identity, IP address, and timestamp. Automated weekly cleanup enforces data retention.
Supplier portal links use SHA-256 cryptographic token hashing — the plain token is never stored in the database. Token verification uses timing-safe comparison to prevent timing attacks. All links have configurable expiration and access tracking.
Multi-tenant architecture with customer-level data isolation. Every database record is scoped to a customer ID. All queries enforce customer-level filtering. Cascade deletes ensure complete data removal when needed.
Configurable CORS origins restrict API access to authorized domains. Cross-origin requests are managed via environment configuration, allowing precise control over which frontends can communicate with your Horaxis Enterprise instance.
Configure your ERP connection directly from the admin panel. Native support for SAP S/4HANA (RFC & OData), Oracle ERP Cloud, and Microsoft Dynamics 365 (Dataverse). All credentials are encrypted at rest.
Our architecture follows enterprise security best practices: encrypted credentials, role-based access, MFA enforcement, audit logging, multi-tenant isolation, and on-premise deployment for full data control. Request our IT Readiness Guide for technical details.
