We have a Creatio installation on Creatio SaaS cloud with a few custom configuration services we have built. The security requirements are very stringent and we need to be able to permit access to these custom configuration services only to a few users & only to a few IPs. Pls find below questions in this regard -
From what we understand, access to the GUI application and to the back end services are shared across the same Creatio credentials (via user setup). Can we disable GUI access to a few users and only enable access to these specific custom configuration services? Also, can we disable access to these configuration services for all other GUI users? In short - A few users only for these configuration services. A few users only for the GUI.
We would like to permit only certain IPs access these configuration services. This can be handled in 4 layers - Network infrastructure layer (Load balancer etc), IIS Configuration on the WebServer, Explicitly verify and restrict access to certain IPs inside the configuration service logic. Which of these 3 is recommended from a feasibility & security perspective on Creatio SaaS cloud?
In the example above the system user with "1" login won't be able to login to the application.
As for disabling access to custom configuration service you need to find a location record for this service in the /Terrasoft.WebApp/Web.config file (just an example below):
As a result the Supervisor won't be able to get access to the GeneratedWebFormService service.
2) As for restricting access from IP-addresses - such a possibility is present to restrict login to the UI, but there is no in-built possibility to restrict access to the endpoint via IP. We don't have any recommendations on this matter and you can test all the possible approaches and choose the most suitable one.
In the example above the system user with "1" login won't be able to login to the application.
As for disabling access to custom configuration service you need to find a location record for this service in the /Terrasoft.WebApp/Web.config file (just an example below):
As a result the Supervisor won't be able to get access to the GeneratedWebFormService service.
2) As for restricting access from IP-addresses - such a possibility is present to restrict login to the UI, but there is no in-built possibility to restrict access to the endpoint via IP. We don't have any recommendations on this matter and you can test all the possible approaches and choose the most suitable one.
With the new changes in 7.17 for the account and contact connected to detail to show the relationship hierarchy, is there a way to display the connections in list view as in the original detail or to export the relationships as a list to excel? Being able to do so is useful for reports.
There are no such functions right now in the relationships tab but we have plans to apply them in the future. I will forward your feedback to our R&D team.
i add it with the Usr prefix (UsrMarge) , but when i save the object, the system return me the following error:
Unable to save structure. Name: OpportunityProductInterest.
Label: Product of the opportunity.
Error: InvalidNameException.
The "Min Quantity" code in the "From" column must start with the prefix "Usr".
Contact the system administrator.
This is because the previous developper created fields without the prefix.
Can i change the system parameters to set the prefix not required ?
Earlier, we would not be able to access the database directly on Creatio SaaS cloud installations and would have to reach out to Creatio support for any assistance. Does this still continue or is there a roadmap to enable direct database access even in the Creatio cloud offering?
If we still do not have access,
How does one approach enterprise level heavy volume data migrations in the context of the Cloud? Typically these are done directly through the Database either via SQL scripts or via ETL tools.
We are aware of ETL plugins like Starfish ETL, we want to understand options besides that - where access & control at the database layer is required to execute these migrations. How have other customers handled this scenario?
Due to security reasons the direct access to the databases is not available. If there is a necessity to migrate some data from\to Creatio - the enterprise level customers use different integrations via webservices, OOTB API and Odata, DB server linking, ftp\sftp storages and different custom API integrations. SQL scripts can be also involved.
The direct connection with our cloud and customer's storages is never set up due to the security policies. Usually there can be some shared storage where customers send their data and it is imported into our cloud. As for Starfish ETL, it is also used but not frequently. Usually enterprises use their own integrations.
Typically the buffer database is kind of shared storage for customer and Creatio used to import and export data to both sides. It is typically used on regular basis rather than one time data migration. It has some particular access rules assigned to the required tables. It is not usually used for migrating data into Cloud database due to some security limitations, however some enterprise customers have similar solutions where Web server is connected to similar storage and it pulls data into Creatio. Again, server linking is not really commonly used for cloud integration solutions, however, under some conditions, specific setup and prior negotiation with cloud team- it may be possible. If you are interested in it, I suggest you to discuss it with your account manager.
I have done data migrations directly to the database on several occasions with no issues. The most challenging part is the creation of the access rights records (well, not really challenging once you figure out the RightLevel 0=read/1=edit/3=delete, Position, SourceId=user/role values, but something to be aware of). Each table has a separate table that stores access rights for the records, for example for Contact it stores it's access rights records in SysContactRight. For objects with record level permissions, you need to create these records to give read/edit/delete permissions to the records. However, in recent versions of Creatio the object permissions propagate to records nicely, so I would likely turn off record access rights for the migration, then set afterwords and let Creatio do that work.
In my scenario, I had a customer with multiple millions of records. They are cloud hosted, so I had support provide me with a database backup, I performed the migration, then provided the complete database loaded with data back to support as a backup and they put in place on the cloud again. This was significantly faster to load using SQL inserts from selects etc than loading record by record via the API. Keep in mind that if a customer is first a cloud customer, the backup you get from support is likely going to be a Postgresql database, not MSSQL. In another scenario, with Creatio on premise, creating views that combine data from other SQL databases and exposing as objects in Creatio was very straightforward as well.
Logging of incoming and outgoing API requests via Custom configuration services in Creatio is a very typical use case wherever system integration is in the picture. Logging the absolute URI, request/response body, response status code, any custom headers added to the request are standard in any enterprise system.
I could not see any utilities or out of the box features to help log these requests. This is right now done by maintaining custom tables in the DB and logging any incoming or outgoing requests through custom logic.
The following features would help -
Logging inbuilt into the WebService element. It would help to have all outgoing requests using WebService elements be auto logged in the data base and be available for quick reference on the UI. An additional idea could be enabling a 'manual retry' option from the UI for use cases where an outgoing request failed even after N number of configured retries.
Utility or helper Classes on the server side which assist in tracking outgoing or incoming requests in the data base. A UI view of these logged requests could also help. Right now, we have to use 3rd party logging solutions like Loggly and write custom logic to maintain these logs.
Our R&D team has a problem registered on this topic on their side so to enable easy logging setup in the application UI for custom web-services and this problem is in the "Accepted" status so we can expect this logic implementation in one of the nearest releases. I will also let them know about this community idea so to speed up the problem solution.
Thank you for reporting this issue to us and helping us to make the application better!
The issue is that the value has a 1:many relationship with the opportunity. The opportunity can have multiple products added, so which one would display? In this case, you should add this using "Set up report tables" which would result in a table or list of the products added to the opportunity.
The issue is that the value has a 1:many relationship with the opportunity. The opportunity can have multiple products added, so which one would display? In this case, you should add this using "Set up report tables" which would result in a table or list of the products added to the opportunity.
Unfortunately, there is no possibility to start the chat with existing contacts from the system. The chat feature enables you to receive requests from external users at the moment. We will raise the idea for R&D team to implement this feature for chats in further releases.
As far as I know there are no known examples of such integration with Creatio.
However, you can check these academy articles which can be pretty useful in case if you want to configure landing pages or create any integrations with your Creatio system:
Here is the article with instructions on how to set-up your landing page to integrate with Creatio
And this article will be useful in case if you need to create an integration between your website and Creatio.
I'm experiencing a problem in the installation process for "Data binding tool for Creatio" market place app, when the configuration dll's compilation starts the installation fails and returns this error:
Autogenerated\Src\GlbDataBindingHelper.GlbDataBinding.cs(323,47) errore CS0246: The type or namespace name 'EntityDataSource' could not be found (are you missing a using directive or an assembly reference?)
