CRM.COM Platform Technology Architecture

CRM.COM Platform Technology Stack

Architecture Model

CRM.COM SaaS is based on a modern, scalable, event-based micro-service architecture with cloud or (on request) hybrid hosting using Kubernetes.

This architecture follows a Domain Driven Design pattern and uses CQRS techniques and event management to ensure maximum performance, scalability, flexibility, extensibility and functional stability.

The server components utilise multiple domain-based micro-services, coupled with event handlers that allow a number of intensive operations to be managed in an asynchronous approach, improving system performance, user experience and managing load effectively on the servers.

 

API / Domain Design

CRM.COM SaaS follows best practices with a domain-defined set of micro-services.

Each domain has its own service and, where necessary, has aggregation to other services by using the REST APIs of those services.

CRM.COM SaaS is built on an event-based architecture that allows business processes to cross-domain, resulting in maximum extensibility via our webhook or automation configuration.

API / Integration

CRM.COM SaaS provides maximum integration and extensibility through the event-based architecture.

As a business process executes, such as placing an order for several services, the events in that flow can be exposed via webhooks.

CRM.COM SaaS’s supported adapters or third-party solutions can be used by SaaS integrations.

Multiple events can be connected to automatons or webhooks.

For example, a new customer registration can be connected to a communication platform like Mailchimp and sent to Mixpanel.

Several pre-built adapters using third-party APIs are also available to allow plug-and-play integration with other leading platforms:

  1. Communication – Mixpanel, Sendgrid

  2. Analytics – Mixpanel, MongoDB Atlas

  3. DRM – Verimatrix, Fairplay, Widevine

  4. CAS & DRM - Nagra SMS Gw services, Nagra Conax, Irdeto KMS Services

API / Web Services

CRM.COM SaaS has a fully documented API library split into two sets of APIs, allowing an integrator to support either administration (back-office) or web / mobile app functionality (front-end) functionalities.

The REST-based APIs provide JSON responses and follow the CRM.COM SaaS process models.

API

Description

API

Description

Self Service API

Used by Mobile apps and web
portals and design to support
either CRM.COM consumer
Authentication or external
OAuth authentication
services

Back Office API

Used by the CRM Back Office
platform and designed
to support either CRM Admin
User Authentication or Server
to Server Secret Key

More information about the CRM.COM SaaS APIs library can be found here.

Security

The CRM.COM SaaS security has two main parts:

  1. Back-office users - Back-Office

  2. Mobile apps and web portals – Self-Service

Both use industry-standard JWT tokens for each of the relevant APIs, where the JWT token and a refresh token are provided by the appropriate authentication methods.

CRM.COM SaaS also supports oAUTH authentication from various external servers such as Facebook.

The oAUTH token can be provided via an authentication API. CRM.COM SaaS servers will validate the token with the oAUTH servers, and if successful, they will swap to a CRM.COM SaaS token for subsequent API access.

In addition, for secure server-to-server communication, the CRM.COM SaaS back-office APIs support a secret key mechanism that can be created and updated using the back-office tool. These secret keys allow API use without needing a server to “log in” and ensure secure access that does not require holding a “JWT token state”.

Back-office functionality also extends the token to provide “roles” that a user ID configured for these roles provide access permissions to the APIs.

For example, a finance API can be secured based on a role and will restrict access if that user does not have the roles in the token.