User Guide
  • Intro
    • Welcome
      • About DotApparel
      • What is DotApparel?
      • Where is it hosted?
      • What platform(s) do we support?
      • How does syncing work?
      • Solution architecture
      • Definition of “Instance”
      • Security Overview
    • Implementation
      • Google Cloud and Firebase
  • Core
    • Overview
    • Dashboard
    • Orders
      • Mappings
      • Integrations
    • Returns
      • Mappings
    • Products
      • Mappings
        • Default mapping rules
      • Translations
      • Markets
      • Publishing products
    • Inventory
      • Mappings
        • Examples
          • Ignore Sync
          • Inventory Buffer
          • Keep Items Sold Out
          • Unlimited Inventory
    • Customers
    • Rewards
    • System Alerts
    • Settings
      • Shopify Locations, DotApparel Locations and Inventory Buffers
      • ERP credentials
      • Product images
      • Fulfillments
      • Payment gateways
      • Gift cards
      • Refunds
      • Notifications
      • Harmony Integration with DotApparel
    • Modules
      • Ship From Store
      • Local Pickup/Click & Collect
      • Shopify Markets
      • Returns
        • Australia Post (AusPost)
        • Loop Returns
      • Auto-Refunds
        • Refunding Shopify Orders from POS (In-Store)
      • Integrate with Brauz (app)
      • Integrate with The Wishlist (app)
    • Release Notes
    • Troubleshooting
      • FAQs
      • How to raise a support ticket for an issue
      • Good and bad examples of a problem ticket
      • Want to enable a new omnichannel feature?
      • Want to integrate a marketplace using DotApparel?
  • Customers
    • Overview
      • Email Examples
    • Getting Started
      • Understanding Customer Setup in your ERP
      • Data Sync
      • Configuration
      • Testing
    • Data Export Approaches
      • Option A: Consultant
      • Option B: In-House
    • Apparel21 Export Templates
    • Apparel21 Export Changelog
    • Dashboard
    • Customers
    • Orders
    • Translations
    • Mappings
    • Settings
    • Support
  • Loyalty
    • Overview
    • Getting Started
      • Terminology
    • Data Sync
      • Workflows
    • Front-End Implementation
    • Rewards Redemption
    • Rewards Emails
    • Things To Know
Powered by GitBook
On this page
  • Introduction
  • Secure Authentication
  • Serverless Architecture
  • Cloud Hosting
  • Realtime Database
  • Apparel21 Integration
  • Shopify Integration

Was this helpful?

Export as PDF
  1. Intro
  2. Welcome

Security Overview

Introduction

DotApparel stands as a leading SaaS application seamlessly integrating ERP systems with Shopify and other leading platforms, offering a robust, scalable solution for Apparel21 retailers. Our commitment to security and data integrity is paramount, utilising Google Firebase's comprehensive suite of tools, including Auth, Functions, Hosting, and Firestore. This overview outlines the security measures and protocols incorporated to ensure the utmost security for our users.

Secure Authentication

DotApparel utilises Firebase Auth to manage user sessions and authentication, supporting various methods, including email and password, third-party providers, and phone authentication.

Key features include:

  • SSL/TLS Encryption: All authentication activities are conducted over secure connections.

  • OAuth 2.0 and OpenID Connect: Standard practices for third-party authentication.

  • Token Management: Securely generated and managed tokens for authenticated sessions.

Serverless Architecture

Leveraging Firebase Functions for serverless compute ensures secure, scalable, and efficient backend code execution. Key features include:

  • Isolation: Each function operates in its own isolated environment to minimise unauthorised access.

  • Automatic Scaling: Ensures performance under any load, enhancing reliability and security.

  • Integrated Security: Functions seamlessly work with Firebase Auth and Firestore Security Rules.

Cloud Hosting

Firebase Hosting provides fast, secure, and reliable web hosting with a global CDN, automatic SSL certificate provisioning, and HTTP/2 support. Key features include:

  • SSL by Default: Ensures all content served over the web is encrypted.

  • Secure Deployment: Integrated with Cloud Build for secure and automated deployments.

Realtime Database

Firestore, a flexible and scalable database, includes security features for fine-grained access control. Key features include:

  • Security Rules: Configure read/write access to collections and documents.

  • Data Encryption: Encrypt data in transit and at rest for confidentiality.

  • Audit Logs: Integration with Google Cloud's operations suite for monitoring and auditing.

Apparel21 Integration

DotApparel integrates securely with Apparel21 ERP through its Retail API, implementing the following measures:

  • Static IP and Whitelisted Access: Configured static IP addresses and whitelisted access for authorised connections.

  • VPN for Developer Access: Regulated developer access via VPN for additional security.

  • Encryption and Authentication: Industry-standard protocols like TLS ensure data security during transmission, with robust authentication mechanisms in place.

Shopify Integration

DotApparel ensures a secure integration with Shopify through the Shopify Admin API, adhering to best practices:

  • Access to Shopify Admin API: Secure storage of access tokens for explicit authorisation.

  • Rate Limiting and Monitoring: Adherence to API rate limits and continuous monitoring for risk mitigation.

  • Shopify App and Platform Security: Compliance with Shopify's requirements, including OAuth 2.0 for authentication and adherence to data handling and privacy standards.

PreviousDefinition of “Instance”NextImplementation

Last updated 8 months ago

Was this helpful?