Scoped access
Each CRM connection is represented as least-privilege access with revocable authorization and explicit source labeling.
Security
Formal controls for CRM-connected workflows.
Yayzar is a demo, but the security page is written like a real B2B product: scoped access, auditability, controlled exports, source labeling, and careful handling of public versus private data.
Traceability
Workflow runs are auditable from webhook intake through enrichment, owner routing, and notification delivery.
Field mapping
Only necessary CRM fields enter scoring, summaries, and downstream export surfaces.
Boundaries
CSV output is deliberate and visible, so records do not silently leave the workspace.
Control checklist
What a production version would enforce.
Token storage
Encrypt CRM tokens, rotate secrets, and revoke access by organization or user.
OAuth scopes · rotation · revocationWebhook verification
Verify signatures, reject stale timestamps, and log event IDs for replay protection.
Signed payloads · timestamp window · replay checksRole access
Separate founder, RevOps, sales manager, and SDR access for scans, exports, and settings.
RBAC · owner visibility · admin controlsData labeling
Label public company facts, directory listings, and CRM-derived sample records separately.
Public · directory · CRM sampleAlert governance
Route sensitive alerts only to authorized channels and log notification destinations.
Slack channel policy · email allowlistRetention
Set retention windows for raw events, enriched summaries, generated drafts, and export files.
Events · summaries · drafts · CSV