π Integration Points¶
MVP Integrations Only¶
1. Kinde Auth¶
// Simple redirect flow
window.location = kindeClient.login()
// Receive JWT token
const user = await kindeClient.getUser()
Setup: Register app, add redirect URLs Data: User ID, email, name only
2. Supabase¶
// Direct queries, no complex ORM
const { data } = await supabase
.from('policies')
.select('*')
.eq('tenant_id', user.tenant)
Setup: Create project, add RLS policies Data: All app data, file storage
3. Email (SendGrid/Postmark)¶
// Email notifications for critical alerts
await sendEmail({
to: user.email,
subject: 'Critical Task: MFA Implementation Due',
template: 'task-notification',
data: { taskTitle, dueDate, priority },
})
Setup: SendGrid or Postmark account, approved templates Data: Notifications, reports, and alerts
Simple Connection Points¶
- Auth: Kinde handles all user management
- Data: Direct Supabase client queries
- Files: Supabase storage buckets
- Notifications: Email via SendGrid/Postmark
Not in MVP¶
- WhatsApp/SMS notifications (Post-MVP Month 3-6)
- n8n workflow automation (Post-MVP)
- API for external systems
- Webhooks for events
- OAuth for integrations
- SAML/SSO (use Kinde's)
Integration Security¶
- All secrets in environment variables
- No hardcoded credentials
- API keys scoped to minimum permissions
- Audit log all external calls
Quick Setup Checklist¶
- Create Kinde application
- Set up Supabase project
- Configure email service (SendGrid/Postmark)
- Add all env variables
- Test each integration
Keep integrations minimal until proven needed.