A custom-built integration platform, forged from scratch for an enterprise client running Microsoft ERP, CRM, and specialized line-of-business software — with full ownership, real-time sync, AI-assisted mapping, and a fraction of the per-call middleware cost.
Off-the-shelf integration platforms — Celigo, Boomi, MuleSoft, Workato — charge per call, per flow, per connector. The pricing scales painfully with growth: a mid-sized enterprise can quietly find itself paying $1,000 to $4,000 a month for what is, fundamentally, plumbing.
Worse, your integration logic lives on someone else's servers. Your business runs through someone else's infrastructure, under someone else's terms of service, on someone else's release schedule.
An enterprise client came to us with a direct question: can you build a self-hosted, custom replacement — without compromising on capability — and run it for a fraction of what we're paying now?
We did.
An end-to-end integration platform — an iPaaS, in the industry's term — that connects Microsoft Business Central, Microsoft Dynamics 365 CRM / Dataverse, and a stack of specialized operational software through a single admin console.
It handles real-time sync via webhook, scheduled polling, fan-out field mapping, resilient retry with circuit breakers, and a Claude-powered AI layer that suggests field mappings and explains errors in plain English. It runs natively on Windows as three auto-restarting services — no Docker dependency — and is portable to Azure App Service through a single config change.
Scope at a glance: 15 backend API routers, 13 admin-console screens, 13 PostgreSQL tables with JSONB audit diffs, 700+ ERP fields auto-discovered across 36 entities, three priority worker pools, and a Windows desktop installer under 10 MB.
Six capabilities, built deeply — not a checklist of half-features.
HMAC-validated inbound webhooks for sub-second latency. Adaptive polling for systems without push. Cron-style schedules for batch work. Three independent worker pools with separate concurrency limits.
A single source field can write to multiple destination targets simultaneously, each with its own transformation. Seven transform types: direct copy, string template, lookup table, conditional, math expression, date format, and AST-sandboxed Python.
Token-bucket rate limiter respecting Microsoft's 6,000 req / 5 min ceiling. Per-system circuit breakers with CLOSED → OPEN → HALF-OPEN state machine. Webhook idempotency dedup. Exponential-backoff retries with dead-letter routing.
The platform calls the Anthropic Claude API (model claude-sonnet-4-6) at five points: field-mapping suggestions from raw entity schemas with confidence scores, plain-English error diagnosis on the error queue, a natural-language sync rule builder ("only sync invoices over $500"), a schema-change advisor when an upstream API breaks an active mapping, and a transformation sandbox that runs any formula or lookup against a sample value before it goes live. AI proposes; humans approve.
Azure AD SSO with local password fallback. Four-role permission matrix (Global Admin, Integration Manager, Operator, Read-Only) enforced server-side on every endpoint — not just in the UI. Append-only audit log of every user and system action — cannot be edited or deleted, with searchable expandable JSON diffs.
Three native Windows services — PostgreSQL, Redis, FastAPI — auto-start on boot, auto-restart on crash. Production startup guard refuses to launch with weak secrets. Migrate to Azure App Service through a single config change. No data leaves your infrastructure unless you authorize it.
Surface capabilities are easy. The features below are what separate a demo from a system you trust on day 90.
Every schema discovery saves a snapshot. The platform diffs new vs. prior — added fields are safe, removed or renamed fields are flagged. Any active flow or mapping rule that references a removed field gets a Breaking badge before the next sync runs. Silent data loss from upstream API changes becomes a non-issue.
Each mapping rule has a Test Sandbox: enter a sample value, run the transformation, see the exact output — nothing is written. Impact Analysis on every rule lists direct conflicts (other rules writing to the same destination) and co-dependent rules (other rules reading the same source) before you commit.
Flow configs, mappings, schedules — every save creates a versioned snapshot with actor, timestamp, and before/after diff. Roll any flow back to any prior version with one click. The platform behaves like Git for your integration logic.
Search a source record ID and pull the complete chain of sync events for that record across every flow that touched it — read, transformed, and written at each hop, in chronological order. Stops the "where did this value come from?" archaeology cold.
Merge every sync event AND error that touched a single record across all flows and both directions into one timeline. When an auditor or a frustrated technician asks "show me everything the platform did with #12345" — one search, one screen, one answer.
Continuous monitoring of every active flow against three signals: SLA overdue (no successful sync inside the configured maximum window), high error rate (over 10% failed in the last 7 days), and stale flows (no run in 7+ days). Bucketed Healthy / Warning / Critical, summarized at the top, drillable underneath.
Generate a compliance package over any date range — every sync job (flow, trigger, timing, record counts, status), every config change with before/after diffs, and a summary scorecard. JSON for machine ingest, CSV for auditor-friendly reading. Built for the conversations that start with "show me your evidence."
The same React + TypeScript codebase ships two ways. The web app runs at a private URL, accessible from any browser on the corporate network or VPN. The desktop app is a native Windows installer wrapping the same UI in a Tauri 2.0 shell — about 10 MB total versus 100+ MB for an equivalent Electron build, because Tauri uses the system WebView2 already on the machine.
The desktop variant adds what only a native app can:
One backend. One UI codebase. Two delivery surfaces. Updates ship to both at the same time.
A boring stack on purpose — mature, well-documented, and easy to hire for.
Python FastAPI with async SQLAlchemy & asyncpg. ARQ workers across three priority queues. NSSM-wrapped uvicorn as a Windows service.
React 18 + TypeScript + Tailwind. Vite build. Zustand state. Compiled and served directly from the API — no separate web server.
Tauri 2.0 wraps the React frontend as a native Windows app — ~10 MB installer, system WebView2, built-in auto-update. Same codebase as the web app.
PostgreSQL 16 for platform state across thirteen tables. Redis (Memurai on Windows) for queues, rate-limit counters, session caching, JWKS validation cache.
Azure AD SSO via MSAL with JWKS validation, JWT tokens, bcrypt-hashed local fallback, brute-force throttling at the IP layer.
Anthropic Claude API — model claude-sonnet-4-6. Five surfaces: field-mapping suggest, error diagnosis, NL rule builder, schema-change advisor, transformation sandbox. Optional — the platform runs without it.
Alembic for versioned schema. Sync driver for migrations, async for runtime — the right tool in each lane.
Thirteen layers, every one a deliberate decision — the platform refuses to boot in production with insecure defaults.
No anonymous routes outside login. Every API call validates a JWT before any business logic runs.
Cost factor 12. Slow on purpose. Local-fallback passwords only — SSO is the primary path.
SSO tokens validated against Microsoft's public JWKS endpoint. No custom token issuance to audit or maintain.
Five failed attempts triggers a fifteen-minute IP-level block, throttled at the auth layer — not just the UI.
Every inbound webhook signed and validated. Unsigned or mismatched payloads are rejected before parsing.
Five-minute Redis dedup window. Upstream webhook retries cannot create duplicate downstream writes.
Four roles, ten permission checks, enforced on every endpoint. Tamper-proof against client-side bypass attempts.
Per-external-system. Auto-pauses calls into a degraded system before it starts dropping records or rate-limiting.
No edit, no delete. Every record movement and configuration change captured with before/after JSON diff.
Refuses to boot in production with development credentials, weak secrets, or missing required configuration.
Global exception handler. No stack traces, no internal paths, no version strings ever leak to clients.
One megabyte cap. Memory-exhaustion and oversized-payload attacks bounded at the edge.
Backend, queue worker, and database wrapped as Windows services with NSSM — auto-restart on crash, auto-start on boot.
Cost. Designed to run for roughly $130–$410 per month on Azure App Service — a fraction of typical enterprise iPaaS subscriptions, which routinely land between $1,000 and $4,000 per month. No per-call fees. No per-connector tax. Predictable infrastructure cost.
Ownership. Every line of code, every database row, every credential is on infrastructure the customer controls. Source code is theirs. Schema is theirs. Roadmap is theirs.
Migration-ready. Built with parallel-run support for legacy ERP transitions — the same equipment record can have a legacy-system flow and a modern-system flow side by side, with one active at a time to prevent double-sync. The platform itself becomes the bridge that lets a multi-year migration happen without the business stopping.
Five features a generic iPaaS will never build, because the calibration-lab market is too small for them to bother. That gap is exactly where this platform earns its place.
One-click compliance package over any date range. Includes every sync job (flow, trigger, timing, records synced and failed), every configuration change (who, when, before-and-after), and a summary scorecard. JSON for machine ingest, CSV for the auditor. The conversation that starts with "show me how data moved through your systems last quarter" ends with one click and a download.
A live risk register tied to lab obligations. Three signals: SLA Overdue (a flow missed its configured compliance window), High Error Rate (over 10% failure in the last 7 days), and Stale Flows (active flows that haven't run in 7+ days). Bucketed Healthy / Warning / Critical with a summary bar. Quality and operations check it the way a clinician checks vitals — not by digging through logs.
A new integration in a generic iPaaS starts from a blank canvas. This platform ships with ten pre-configured calibration-lab patterns: work orders ↔ ERP sales orders, certificates → ERP document attachments, equipment ↔ fixed assets (bidirectional), calibration due dates → ERP tasks, customers, vendors, technicians, completion → invoice, recurring jobs, and instrument types. Time-to-first-sync drops from hours to minutes.
BC AppSource extensions update independently of BC itself. A generic iPaaS has no mechanism to detect when an upstream extension update removes a field an active integration depends on — the result is silent data loss. This platform snapshots schemas on every Discover, diffs current against previous, and tags any active mapping rule that references a removed field with a Breaking badge before the next sync runs.
Enter an equipment or instrument record ID. Get back a chronological timeline of every sync event and every error that touched that record — across all flows, both directions, ERP and calibration system merged into one view. When a technician asks why a certificate didn't appear in the ERP, or when an auditor asks for the full history of instrument #12345, the answer is one search and one screen.
We built this for organizations running multiple line-of-business systems that need to talk to each other — ERP plus CRM plus specialized operational software (calibration management, asset tracking, field service, manufacturing execution, maintenance, or similar verticals).
It is especially valuable for businesses that are:
If any of that sounds like the company you run — or the company you're responsible for — we should talk.
Have an integration problem worth forging?
Start a Conversation