When implementing a CRM, we spend a lot of time on UI, but often forget how much effort is necessary to support backend API integration work. The standard built-in Creatio API is easy enough to use to perform CRUD (Create, Read, Update, Delete) operations. However, in more complex scenarios, there may be a need to build complex logic inside a Creatio API so the external integration software can make its request without having to do all the Creatio-specific heavy lifting.

As an example, let’s say we need a service that checks if data being processed by an external system is already in Creatio. We will most likely look for a contact match using the contact’s email address. If the email address exists, the integration system will want to know the Creatio ID of the contact so it can handle the data appropriately.

To meet this need, we can build a service in Creatio that accepts such a request. It does the work of searching for the email address and returns the matching Contact ID to the calling integration software.

Even though we have standard Creatio security in place via a username and login, in this case, we might want to secure the calls to Creatio in a way that only allows certain IP addresses to make a request. This creates an additional layer of security that disallows someone with valid credentials from accessing the service unless their IP address is explicitly allowed.

So, step one is to set up a service in Creatio to do this work. Let’s create a new module type “Source code”, and then give it a valid name like “UsrRestrictedService”

Creatio module source code
Creatio source code title

Next, we need to set up the code that allows for searching the contacts in the system. We will set up a FindContactByEmail method that will do the work of querying and returning the ID of the matching contact to the client application.

At this point, we can use the Postman tool to test and make sure it works correctly and find out whether it indicates if a contact exists or not. Once tested, the next step is to set up a method that handles finding the client’s IP address. This is crucial to making sure we know the IP of the calling system. Once we have this, the rest is easy because we just need to compare it with the allowed list.

So, to find the IP address, we can first set up a method “GetClientIPAddress”. It uses the value of the endpoint.Address property to provide the IP address we need.

Once we have this in place, each time a request comes in, we just need to validate the originator of the request as to whether their IP address is in a list of approved IP addresses. If not, we generate an error titled “Unauthorized access”, which terminates the operation and does not process anything. This logic is implemented in the “ValidateClient” method.

In the code, notice how we have made the list of allowed IP addresses available via a Creatio system setting. This avoids hardcoding of IP address values and makes the setting maintenance easy for any admin user to configure as necessary without re-coding.

The final step is to add the actual system setting to Creatio and set a value (or a comma separated list of values) so the approved IP addresses are saved here.

Creatio approved IP addresses

Now let’s do some testing and call the “TestCall” method. This call is just for testing and does not require IP restriction, so it should just respond via a postman tool call like below:

Creatio test call

Now call the “FindContactByEmail” method which does check the client’s IP address. In the screenshot below, we don’t have our IP added to the Allowed list, and therefore the service responds with the expected error message.

Creatio error message

Now, if we simply update the system setting to use our IP address, the service should allow the request to process and come back with a proper message indicating it found a matching record, and provide the Contact ID to us.

IP address update

At this point, you should have everything you need to add an additional layer of IP address security and ensure your integration processing is safe. For reference, the full module codebase is provided below.

Posted in:

Looking for Creatio help?

We do training, customization, integration, and much more. Contact us today.