Security & Governance

Your Data, Governed and Protected

Shasvatm CRM is built on a microservices architecture with JWT authentication, role-based access, and audit trails — the governance features enterprise buyers expect, without unearned compliance claims.

Get StartedContact Us

Security & Access Controls

Every layer of Shasvatm CRM — from authentication to audit logging — is designed to keep your business data safe and your operations accountable.

JWT Authentication

Token-based authentication secures every API call. Sessions are managed with expiration, refresh, and profile-level timezone and reporting-line configuration.

API Gateway (Ocelot)

All client requests route through a central ASP.NET Core gateway that handles load distribution, rate limiting, and request validation before reaching services.

Role-Based Access Control

Program-level permissions per user and role — every screen, action, and data scope is governed by your defined access policies, not open by default.

Audit Trail

JSON-level change history on every insert and update across all modules. Payload logging provides a forensic record for compliance and dispute resolution.

Approval Workflows

Configurable multi-step approvals for pricing, escalations, inventory actions, and more — so critical decisions always have the right sign-off.

CORS & Frontend Isolation

The marketing site and the CRM application are separate systems. The CRM frontend communicates via CORS-configured APIs, limiting attack surface.

Architecture Overview

Built on .NET 8 microservices behind an Ocelot API gateway, with PostgreSQL for persistence and Redis for caching. Real-time features use SignalR.

Client (React App)
API Gateway (Ocelot)
Admin Service
Presales Service
Postsales Service
Inventory Service
PostgreSQL
Redis Cache

Microservices

Independent services for admin, presales, postsales, and inventory — each deployable and scalable on its own.

PostgreSQL with Schema Isolation

Separate database schemas (admin, presales, postsales, inventory, audit) provide logical data separation.

Redis Caching

In-memory caching for session and frequently-accessed data reduces database load and improves response times.

A Note on Compliance

We do not claim specific compliance certifications we have not obtained. The audit trail and change-history capabilities support governance conversations with enterprise buyers, and we are happy to discuss our security posture in detail during evaluation.

Discuss security with our team →

Ready to unify your sales and service?

Start using Shasvatm CRM today and give your team one connected platform for pipeline, tickets, SLA, AMC, and inventory.

Start Using Shasvatm CRMBook a Demo