| .. | ||
| cmd/api | ||
| docs | ||
| internal | ||
| .env.example | ||
| docker-compose.yml | ||
| Dockerfile | ||
| go.mod | ||
| go.sum | ||
| Makefile | ||
| README.md | ||
crm-core
Enterprise-ready CRM backend for B2B SaaS platforms. crm-core handles CRM data only—no billing, deploys, or ERP workloads.
Scope & Limits
- ✅ Accounts, contacts, deals, pipelines/stages, activities, notes, tags
- ✅ Multi-tenant by design (
tenant_idon every table and query) - ✅ JWT validation via JWKS (trusted identity-gateway)
- ❌ No billing data or payment secrets
- ❌ No deployment or ERP features
Authentication
crm-core trusts JWTs issued by identity-gateway.
Required claims:
sub(user ID)tenantIdroles(must includecrm.read,crm.write, orcrm.admin)
Domain Model
See docs/domain-model.md.
Multi-tenant Enforcement
Every request reads tenantId from the JWT and filters all reads/writes with tenant_id. This prevents data leakage across tenants.
Running Locally
cp .env.example .env
make run
Docker (API + Postgres):
docker-compose up --build
Migrations & sqlc
make migrate-up
make sqlc
Example cURL
curl -X POST http://localhost:8080/api/v1/accounts \
-H "Authorization: Bearer <token>" \
-H "Content-Type: application/json" \
-d '{"name":"Acme Corp"}'
curl -X POST http://localhost:8080/api/v1/deals \
-H "Authorization: Bearer <token>" \
-H "Content-Type: application/json" \
-d '{"title":"Upgrade","pipeline_id":"<pipeline>","stage_id":"<stage>","value_cents":500000}'