Architecture Overview
Wolkenschloss controls every layer of the system. No dependency on third-party platforms, no black boxes.
Device Layer Electronic Locks & Edge Devices
BLE locks communicate directly with the mobile app or via IoT gateways with the cloud. Wired locks are connected through edge controllers. Each device runs its own firmware, which is OTA-updatable.
Firmware OTA Updates & Remote Management
Firmware updates are centrally created, tested, and rolled out incrementally. Rollbacks are available at any time. The update status of every single device is visible in the cloud. No physical access required – not even for diagnostics or configuration changes.
Cloud Platform Multi-Tenant Management
The cloud platform manages locks, users, permissions, and device configurations. Multi-tenant architecture with strict data separation between tenants. Operated on AWS infrastructure in the EU. Highly available and scalable without platform migration.
API Layer REST API & Webhooks
Every platform function is accessible through a documented REST API. Webhooks enable real-time notifications. Integration with existing systems like Active Directory, SSO providers, ERP systems, or building management software is possible directly – without middleware.
Frontend Dashboard & Mobile App
Web dashboard for administrators: manage locks, configure permissions, view audit logs. Mobile app for end users: open locks via BLE, view access rights, receive notifications.
Technical Specifications
Security
TLS 1.3 for all connections. End-to-end encryption between app and lock. OAuth 2.0 / OpenID Connect for authentication.
Scalability
The platform manages thousands of locks and users per tenant. Horizontal scaling of cloud services without downtime.
Integration
REST API with OpenAPI documentation. Webhooks for event-based integration. SDKs and sample code available.
Ready for the Next Step?
Let's find out together how Wolkenschloss fits into your infrastructure.
Get in Touch