T Topolo Docs
application public active Verified 2026-05-14

TopoloCRM

CRM workflows, records, and SDR inbox/control-plane services exposed through the platform auth layer.

Documentation Map

What It Is

CRM workflows, records, and SDR inbox/control-plane services exposed through the platform auth layer.

Architecture

Owners: crm

Source repos:

Dependencies: topolo-auth, topolo-one, applications-packages

Repo shape

No repo surface entries were detected from the registered repo paths.

Runtime Surfaces

Hosts:

https://crm.topolo.app https://crm-api.stg.topolo.us https://crm.stg.topolo.us

No wrangler surface was discovered under the registered repo paths.

API Reference

Coverage: openapi

Source: PlatformApplications/TopoloCRM/packages/backend/openapi.yaml

Source exists in repo: no

CRM owns its worker API contract and delegates browser login, cookie refresh, logout propagation, one-time `sso_code` callback exchange, and shared-launcher Auth data reads to the shared Auth client plus same-origin `/api/auth/*` worker gateway. CRM resolves its concrete Auth service id dynamically from the Auth catalog slug `topolo-crm`; the source-owned identity lives in the CRM repo `app-identity.ts`, and browser, backend, API-key, widget, notification, and seed-caller paths must not hardcode concrete `srv_*` or `svc_*` ids. The explicit `/login` route renders the branded shared LoginPage without an initial refresh probe, embedded password-login success returns to the CRM route tree after shared Auth token persistence, shared Auth token update events are treated as already-persisted state, and the browser app does not expose a legacy `/sso?token=` token handoff route or app-local `/sso/exchange` parser. CRM keeps same-tab sessionStorage access-token restore enabled by default after login and refresh so normal reloads do not appear logged out before cookie refresh completes. The callback route guards one-time code exchange with a fixed `/dashboard` completion target so Auth home-path re-resolution cannot retry an already consumed `sso_code`. CRM exposes `GET /api/widget` with the shared `@topolo/sdk` widget response contract for TopoloOne live workspace.

App API page: /reference/apps/topolo-crm

This system currently relies on a curated or README-derived contract surface instead of a source-controlled OpenAPI spec.

Auth and Permissions

Depends on Topolo Auth: yes

Service IDs:

srv_iCwM4jGXcwlj

API key scopes

activities.read

View customer activities and history

Resource pattern: none

activities.write

Log customer activities and notes

Resource pattern: none

api_keys.write

Manage CRM machine credentials

Resource pattern: none

attachments.read

View CRM attachments and files

Resource pattern: none

attachments.write

Upload and manage CRM attachments and files

Resource pattern: none

commissions.read

View commission records and payouts

Resource pattern: none

commissions.write

Create and manage commission records and payouts

Resource pattern: none

companies.read

View companies and account records

Resource pattern: none

companies.write

Create and manage companies and account records

Resource pattern: none

contacts.read

View customer contacts and profiles

Resource pattern: none

contacts.write

Create and edit customer contacts

Resource pattern: none

deals.read

View sales deals and opportunities

Resource pattern: none

deals.write

Manage sales deals and pipeline

Resource pattern: none

documents.read

View CRM documents and transaction files

Resource pattern: none

documents.write

Create and manage CRM documents and transaction files

Resource pattern: none

listings.read

View property listings

Resource pattern: none

listings.write

Create and manage property listings

Resource pattern: none

notes.read

View CRM notes and contact history

Resource pattern: none

notes.write

Create and manage CRM notes

Resource pattern: none

offers.read

View offers and negotiation records

Resource pattern: none

Service permissions

activities:read, activities:write, api_keys:write, attachments:read, attachments:write, commissions:read, commissions:write, companies:read, companies:write, contacts:read, contacts:write, deals:read, deals:write, documents:read, documents:write, listings:read, listings:write, notes:read, notes:write, offers:read

Data Ownership

No storage bindings were derived from wrangler configuration.

Queues / Cron / Workflows

Queue bindings:

No queue bindings were detected.

Cron triggers

No cron triggers were detected.

Workflow signals

No explicit queue/workflow script or cron signal was discovered.

Environment Variables and Bindings

Environment variables:

No environment variables were derived from wrangler configuration.

All wrangler bindings

No bindings were derived from wrangler configuration.

Deployments

Deployment environments: default only or not declared

Routes: workers.dev or Pages-only delivery

Observability enabled: no explicit setting found

Failure Modes

  • No wrangler.toml surface was discovered under the registered repo paths.
  • The registered contract source is missing: PlatformApplications/TopoloCRM/packages/backend/openapi.yaml
  • Neither OpenAPI nor README-derived interface detail was found.

Debugging Runbooks

Start with these entrypoints:

  • PlatformApplications/TopoloCRM/packages/backend/openapi.yaml

Change Log / Verification

Lifecycle: active

Last verified: 2026-05-14

Any code change to this system is expected to update the canonical docs in PlatformApplications/TopoloDocs and refresh the verification date.