Production from minute 1
Other AI builders ship demos. Atelier ships SaaS.
The hardest part of building modern software isn’t getting a prototype working — it’s the week of glue code between a working prototype and something you can actually charge for. Domain, auth, multi-tenant data isolation, deploys that don’t break users, error tracking, analytics, billing. By the time you wire it all up, your AI-generated demo is a bootcamp project, not a business.
Every Atelier project starts on the other side. The Base primitives below are already wired the moment you click Deploy.
What you get on day one
Build
| Primitive | What it means in practice |
|---|---|
| Multi-tenant database | Postgres with Row Level Security threaded into every query. Tenant isolation by default. |
| DB branching | Every PR gets a schema + data branch. Merge applies migrations to main; no production data ever touched in dev. |
| DB Studio | Table editor, SQL editor, saved queries, slow-query insights — in the Console, no third-party tool. |
| Storage | S3-compatible object storage with RLS, signed URLs, and on-the-fly image transforms. |
| Realtime | SSE channels for postgres_changes, broadcast, presence — RLS-aware. No separate broker. |
| Functions | Server-side TypeScript bound to your DB and LLM provider. On-demand, scheduled, edge, queue. |
| Messaging | Transactional + broadcasts + journeys. RLS-aware segments. Email, SMS, push, in-app. |
| Inbound email | support@your-app.com routes into a Function. Reply in code, hand off to AI, route to humans. |
| CMS | atelier.cms.collection() generates schema + auth-scoped REST + WYSIWYG editor. Editorial workflow on RLS, Realtime collab, AI translation. |
Auth
| Primitive | What it means in practice |
|---|---|
| End-user auth | OIDC backend-for-frontend, cookie-scoped to *.apps.atelier.style. Tokens never reach the browser. |
| OAuth providers | Google, Microsoft, Apple, GitHub. One config; no glue code. |
| SAML 2.0 + SCIM + JIT | Enterprise SSO and directory sync ready when your B2B customers ask. |
| MFA + Anonymous + Phone | TOTP / WebAuthn / SMS. Anonymous guest sessions that link to a real identity later. Phone-only sign-in for global markets. |
Ship
| Primitive | What it means in practice |
|---|---|
| Preview deploys | Every branch and PR gets a live URL. Comments back to GitHub automatically. Sandbox quotas keep cost capped. |
| Canary rollouts | 5% → 25% → 50% → 100% with auto-rollback on error or latency regression. Default on every deploy. |
| Skew Protection | Old client keeps talking to the deploy it was loaded against. Visitors don't get half-deployed states mid-session. |
| Custom domain | Add the domain in the Console, point a CNAME (or apex ALIAS), Let's Encrypt cert auto-provisioned. Apex, www, wildcard, per-tenant. |
| Edge Config | Global low-latency runtime config. Kill switches, banner text, A/B variants — push from the Console, read in <10ms anywhere. |
| Feature flags | atelier.flag() — server, client, per-tenant. Same console as Edge Config. |
Operate
| Primitive | What it means in practice |
|---|---|
| Observability | Errors, traces, logs collected per deploy. Sentry-grade, on your project from day one. |
| Analytics | Funnels, cohorts, session replay, surveys. PostHog-grade, scoped to your project — and end-users. |
| Audit logs | Every admin action, deploy, schema change, user creation — tamper-evident log. |
| Backup + DR | RDS PITR (7 days) + S3 cross-region replication. Velero snapshots K8s state. |
| DDoS + WAF | CloudFront + AWS Shield Standard + managed rule sets. Rate limits per IP out of the box. |
| Per-tenant spend | LLM / storage / egress / function metering per tenant. Budgets, alerts, auto-throttle. |
Monetize
| Primitive | What it means in practice |
|---|---|
| Billing | Subscriptions and usage. One line ships a checkout, a paywall, and a customer portal. |
AI
| Primitive | What it means in practice |
|---|---|
| LLM SDK | atelier.llm.* — chat, structured output, embeddings, multi-modal. BYOS keychain in dev, credit / end-user-BYOS in prod. Model aliases (high / medium / coding) instead of hardcoded names. |
| RLS-aware RAG | Vector search and AI context filtering run as the signed-in user. The model can't answer using docs the user couldn't read. |
| AI Gateway | Cache, monitoring, rate limit, fallback chain in front of every LLM call. Per-tenant cost dashboards. |
| Browser rendering | ctx.browser.render() — PDFs, OG images, SEO snapshots, screenshots without managing a headless Chrome. |
None of these are checkboxes you tick later. They’re the default. Disable any of them in atelier.config.ts if you have a reason; otherwise they just work.
How to think about it
Atelier isn’t trying to be a better AI code generator — there are plenty of those, and they’re getting better fast. The unlock is that the code an Atelier project generates lands on a runtime that already knows how to be production. So the time from idea to first paying customer collapses.
Generic AI builders ship demos. Atelier ships SaaS.
What to do next
- Quickstart — first project, deployed, in five minutes.
- LLM — AI chat with RLS-aware RAG, model aliases, three-way cost routing.
- Deployments — canary, rollback, preview environments.