Topolo Social Studio
Public overview of the hybrid desktop and Cloudflare runtime used for AI-assisted social content planning and generation.
What It Is
Topolo Social Studio is a hybrid desktop and web production surface for planning, generating, and managing social-first creative work.
Architecture
The system combines a marketing/web shell, an authenticated API worker, a queue worker for generation orchestration, and a macOS desktop shell. Auth manages identity and Nexus now owns the external AI provider invocation path.
Runtime Surfaces
The primary public surface is https://studio.topolo.app, backed by Cloudflare-hosted worker runtimes and a local desktop shell for creator workflows.
API Reference
Use /systems/topolo-social-studio for the current runtime and worker route inventory. Provider-facing AI operations are invoked through Nexus rather than documented as direct vendor contracts here.
Auth and Permissions
Studio relies on Topolo Auth for session verification and workspace access. Its web and desktop shells now use the shared Topolo browser auth client through a thin application wrapper, including login handoff, service-aware cookie refresh, single-pass callback-code redemption, and logout propagation. Workspace APIs now require the matching Social Studio service permission before workspace membership, owner, or export-policy rules can narrow access, and local workspace ownership is no longer inferred from broader Auth role names. Protected bootstrap preserves the raw Auth role separately, resolves the caller’s Studio workspace membership when workspace state is available, and returns the local owner/member role from that membership in the shell payload. AI-assisted routes preserve org and user attribution when they invoke Nexus-backed provider workflows.
Data Ownership
Studio owns workspaces, projects, briefs, creative plans, scenes, assets, and generation state. Nexus owns the provider keys and platform-level usage attribution for supported AI vendors.
Deployments
Studio deploys as a hybrid surface with separate marketing/web, API worker, queue worker, and desktop packaging flows.
Failure Modes
- auth context missing for protected workspace routes
- queue worker unavailable for generation processing
- Nexus connectivity or provider configuration missing for AI-assisted planning or generation
Debugging
Start with /systems/topolo-social-studio for deployment and runtime detail. If AI planning or generation fails, verify the app can reach Nexus and that the expected org/user context is being forwarded.
Change Log / Verification
- Corrected the Social Studio callback effect on 2026-04-20 so successful Auth handoff no longer stalls on the callback screen after exchanging the one-time code.
- Corrected Social Studio bootstrap role scoping on 2026-04-24 so the API worker now resolves workspace membership for the authenticated org workspace, returns the local
owner/memberrole in bootstrap, and still preserves the raw Auth role separately. - Delegated Social Studio login handoff and callback-code redemption to the shared Topolo Auth client on 2026-04-18.
- Stopped rewriting Social Studio workspace ownership from cross-app Auth role names on 2026-04-11 so the public worker contract now preserves Auth role diversity while keeping workspace owner rules local to Studio
- Standardized Social Studio workspace-route permission enforcement on 2026-04-10 so protected APIs no longer rely on workspace membership or owner checks alone
- Reconfirmed on 2026-04-07 that Social Studio is the sole live Studio-branded application at
studio.topolo.app - Standardized Social Studio browser auth on the shared Topolo auth client on 2026-03-31
- Standardized the public product label to
Social Studioacross the web and desktop authenticated shells and recorded the production marketing-web Pages target in CloudControl on 2026-04-04 - Added canonical system coverage and documented the Nexus-backed AI integration path on 2026-03-29