CRM.COM Platform Technology Architecture
CRM.COM Platform Technology Stack
Architecture Model
CRM.COM SaaS is based on a modern, scalable, event-based micro-service architecture with cloud or (on request) hybrid hosting using Kubernetes.
This architecture follows a Domain Driven Design pattern and uses CQRS techniques and event management to ensure maximum performance, scalability, flexibility, extensibility and functional stability.
The server components utilise multiple domain-based micro-services, coupled with event handlers that allow a number of intensive operations to be managed in an asynchronous approach, improving system performance, user experience and managing load effectively on the servers.
API / Domain Design
CRM.COM SaaS follows best practices with a domain-defined set of micro-services.
Each domain has its own service and, where necessary, has aggregation to other services by using the REST APIs of those services.
CRM.COM SaaS is built on an event-based architecture that allows business processes to cross-domain, resulting in maximum extensibility via our webhook or automation configuration.
API / Integration
CRM.COM SaaS provides maximum integration and extensibility through the event-based architecture.
As a business process executes, such as placing an order for several services, the events in that flow can be exposed via webhooks.
CRM.COM SaaS’s supported adapters or third-party solutions can be used by SaaS integrations.
Multiple events can be connected to automatons or webhooks.
For example, a new customer registration can be connected to a communication platform like Mailchimp and sent to Mixpanel.
Several pre-built adapters using third-party APIs are also available to allow plug-and-play integration with other leading platforms:
Communication – Mixpanel, Sendgrid
Analytics – Mixpanel, MongoDB Atlas
DRM – Verimatrix, Fairplay, Widevine
CAS & DRM - Nagra SMS Gw services, Nagra Conax, Irdeto KMS Services
API / Web Services
CRM.COM SaaS has a fully documented API library split into two sets of APIs, allowing an integrator to support either administration (back-office) or web / mobile app functionality (front-end) functionalities.
The REST-based APIs provide JSON responses and follow the CRM.COM SaaS process models.
API | Description |
|---|---|
Self Service API | Used by Mobile apps and web |
Back Office API | Used by the CRM Back Office |
More information about the CRM.COM SaaS APIs library can be found here.
Security
The CRM.COM SaaS security has two main parts:
Back-office users - Back-Office
Mobile apps and web portals – Self-Service
Both use industry-standard JWT tokens for each of the relevant APIs, where the JWT token and a refresh token are provided by the appropriate authentication methods.
CRM.COM SaaS also supports oAUTH authentication from various external servers such as Facebook.
The oAUTH token can be provided via an authentication API. CRM.COM SaaS servers will validate the token with the oAUTH servers, and if successful, they will swap to a CRM.COM SaaS token for subsequent API access.
In addition, for secure server-to-server communication, the CRM.COM SaaS back-office APIs support a secret key mechanism that can be created and updated using the back-office tool. These secret keys allow API use without needing a server to “log in” and ensure secure access that does not require holding a “JWT token state”.
Back-office functionality also extends the token to provide “roles” that a user ID configured for these roles provide access permissions to the APIs.
For example, a finance API can be secured based on a role and will restrict access if that user does not have the roles in the token.