Scribd
Upload
40 views10 pages

Laravel Technical Document

The document outlines the criteria for the installation, operational, and performance qualification of the Volody Smart Contract Life Cycle Management Software, ensuring it functions correctly in a controlled environment. It details the software's capabilities, technology stack, hardware requirements, and integration prerequisites with various third-party services, including Microsoft Office 365, Google Docs, and DocuSign. The document also specifies security measures, installation procedures, and necessary configurations for successful deployment and operation of the software.

Uploaded by

kshicd321
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
40 views10 pages

Laravel Technical Document

The document outlines the criteria for the installation, operational, and performance qualification of the Volody Smart Contract Life Cycle Management Software, ensuring it functions correctly in a controlled environment. It details the software's capabilities, technology stack, hardware requirements, and integration prerequisites with various third-party services, including Microsoft Office 365, Google Docs, and DocuSign. The document also specifies security measures, installation procedures, and necessary configurations for successful deployment and operation of the software.

Uploaded by

kshicd321
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 10

Technology & Security Framework Document

Enterprise Software for Companies


Purpose
This document outlines the criteria for the Installation, Operational, and Performance Qualification of
the Volody Smart Contract Life Cycle Management Software. The objective is to ensure the software
functions correctly in the controlled environment and aligns with specified qualification requirements.

Scope
This document encompasses the Qualification of the Contract Life Cycle Management System, focusing
on the digitization of contract and agreement workflows. It provides detailed test procedures,
documentation, references, and acceptance criteria to verify the software's alignment with specified
requirements.

The Installation and Operational Qualification will occur within the Quality environment. After
the successful completion of Operational Qualification, the installation and Performance
Qualification will proceed in the production environment.

Tool Description
Volody's AI-powered Smart Contract Lifecycle Management Software streamlines contract creation
using legal approved templates, reducing drafting time and ensuring compliance.

Configure all your standard templates like NDA, MSA, SLAs & more in the tool and empower business
teams to draft new contracts with ease without legal review. Reduce agreement drafting time from
hours to minutes, speeding up the entire contracting cycle.

Utilize company favorable terms & clauses to ensure complete compliance and leverage best in class AI
& ML technology to stay on top of risk and obligations.

Technology & Framework


The application, built on PHP Laravel framework, incorporates technologies such as Composer,
Node, NPM React, Java, jQuery, and Python for machine learning.

The software can be installed on various platforms, including physical, virtual, home-premises,
and major cloud providers such as AWS, Google Cloud, and Microsoft Azure.

Volody's software employs a carefully curated technology stack, ensuring a powerful, user-
friendly, and scalable application. The security features include encryption, SQL injection
prevention, API security, XSS protection, CSRF protection, MFA authentication, and more.
Regular security patches are applied quarterly.

1|Page Ver-3.3-JUN-2024
Notes
• Only one user is required with full access to the application folder. (During Installation /
patching and support we shall be required to run "PHP”, "Composer”, "NPM”, and
"Python" commands and access to cache and temp directories).

• If the user can execute the above-mentioned commands during support and patch
upgrades, also if prerequisites are already installed on the machine we don't need ROOT
access.

• VOLODY CLM Application will be hosted behind NGINX / IIS containers and should be
accessible using standard HTTPS (443) Port. Also access to MySQL database (3306 or
custom). Apart for application ports we will need access to Office365 Online Graph API
(443), Adobe acrobat API over HTTPS (443), Volody AI Services (443, 5000, 5010,
8443), Signature Tool (DocuSign / Adobe / HelloSign, etc.) via HTTPS.

• Application URL is your choice as long as it is accessible to desired / intended users

• Inbound internet (HTTPS) will be required if Signatory services users are either of
EmSigner / NSDL / VOLODY Sign, etc.
• We will configure the application server remotely over internet through VPN access or
screen-sharing access.

• We will require an internet connection for the server where the installation will take
place in order to configure both the server and application dependencies.

• The applications can work over the intranet. However, if the application is accessible
over the internet, then the server should be exposed to the internet.

2|Page Ver-3.3-JUN-2024
Hardware Requirements

Quality (UAT) Server

• Operating system: Linux-based Ubuntu 20.04/22.04


• Min RAM – 8 GB.
• Tier type - Standard Tier
• The platform of the processor should be based on 64-bit architecture.
• The processor should have at least 2.4 GHz speed and 2 cores.
• Required Internet access to configure the server and application dependencies. (in case of on-
premises deployment)
• Storage Space: Minimum 100 GB

Production Server

• Operating system: Linux-based Ubuntu 20.04/22.04


• Min RAM – 16 GB.
• Tier type - Standard Tier
• The platform of the processor should be based on 64-bit architecture.
• The Processor should have at least 2.4 GHz speed and 4 cores.
• Required Internet access to configure the server and application dependencies. (in case of on-
premises deployment)
• Storage Space: Minimum 200 GB

SSL Certificate

The SSL certificate is required for the application and needs to be procured by the customer.

Software and modules

The software uses IIS web server for Windows and Nginx web server for Ubuntu, along with various
modules and tools like PHP 8.1.x, MySQL 8.0.x, Composer, Node, NPM, Python, Java, and more.

Ports and Whitelisting of URLs Kindly Open the specified ports and whitelist URLs as per instructions,
including those for Volody CLM, Composer, Python Libraries, Node and NPM, Installation and patches
updates code, DocuSign, EmSigner, NSDL, Microsoft O365, and Adobe Sign.

3|Page Ver-3.3-JUN-2024
Port No Used for Remark
80 http Optional
443 https Mandatory
3306 MySQL If the database server is hosted on a separate server.

Whitelisting URLs (Required)

Volody CLM ai tool related Links

• https://ai.volody.com:5000
• https://ai.volody.com:5010
• https://ai.volody.com:8443
• https://*.volody.com

composer and python Libraries

• https://www.python.org/
• https://pypi.org/
• https://getcomposer.org
• https://repo.packagist.org
• https://*.packagist.org
• https://composer.github.io

Node and npm installation dependencies

• https://nodejs.org
• https://registry.npmjs.org
• https://www.npmjs.com
• https://api.github.com
• https://github.com
• https://deb.nodesource.com
• https://ppa.launchpadcontent.net
• http://archive.ubuntu.com:80
• http://security.ubuntu.com:80
• http://azure.archive.ubuntu.com:80
• http://ppa.launchpad.net:80

Installation and patches updates code

• https://bitbucket.org/

4|Page Ver-3.3-JUN-2024
Whitelist additional URLs based on the integration requirements.

DocuSign Signing API

• https://www.docusign.com
• https://www.docusign.net
• https://demo.docusign.net
• https://account.docusign.com
• https://account-d.docusign.com
• https://postsign.docusign.com

EmSigner API

• https://gateway.emsigner.com
• https://testgateway.emsigner.com

NSDL Signing

• https://esign.egov-nsdl.com/

Microsoft o365

• https://login.microsoftonline.com
• https://graph.microsoft.com
• https://www.microsoft.com
• https://www.office.com
• https://appsforoffice.microsoft.com
• https://southindia1-mediap.svc.ms
Token Related for Runtime Configuration
• https://oauth.pstmn.io

Adobe Sign Integration API (URLs may change depending on the location account )
• https://secure.adobesign.com
• https://secure.in1.echosign.com
• https://api.in.adobesign.com
• https://api.in1.adobesign.com

5|Page Ver-3.3-JUN-2024
Miscellaneous Notes –

• We will configure the application server remotely over internet through VPN access or screen-
sharing access.
• We will need an internet connection for the server on which installation will be done.
• Required Internet access to configure the server and application dependencies.
• The given user should have admin rights to install and update the application dependencies on
the server.
• The applications can work over the intranet. However, if the application is accessible over the
internet, then the server should be exposed to the internet.

Integration Requirements

The document provides detailed requirements for Third-Party Integrations like Email Integration,
Microsoft Office 365, Google Docs, Microsoft OAuth-based SSO, Google OAuth-based SSO, DocuSign,
Salesforce, Adobe Sign, EmSigner, NSDL and more.

To facilitate this integration effectively, we will need specific details from the client. This information will
ensure a customized and successful integration process with the desired tool.

Email Integration

The tool has features. to send email notifications to the users through a common email ID. This
email ID will be integrated with the application. We will require below details in in order to
integrate the tool,
a. Common Email ID
b. Common Email ID’s Password
c. SMTP Server / Host Name
d. Port No
e. SMTP Secure = TLS/SSL
Note -
i. If personal email IDs of few users (e.g., Board of Directors) are used for creation of
User IDs then SMTP must be configured to allow sending of emails to users not
having the company’s domain name e.g., Gmail, Rediff mail etc.
ii. If the system owner requires sent email to be stored in sent box of the SMTP ID,
then external exchange server should be used for SMTP.

6|Page Ver-3.3-JUN-2024
Word Docs Integration

The Volody application seamlessly integrates with word processing tools such as Microsoft Office 365
and Google Docs, a crucial aspect for integrating with Volody's Contract Lifecycle Management (CLM)
application. To achieve successful integration with the tool, it is imperative to choose and integrate one
of these word processing solutions.

Prerequisites for Third-Party Integrations

The Volody application has the ability to integrate seamlessly with a wide range of third-party software
solutions.
To facilitate this integration effectively, we will need specific details from the client. This information will
ensure a customized and successful integration process with the desired tool.

Microsoft office 365 Integration


The integration of Microsoft Office 365 with Volody enhances functionality and collaboration. Users can
leverage Microsoft's tools directly within Volody, streamlining workflows, optimizing productivity,
enabling smooth document sharing, real-time collaboration, and effective communication, all while
maintaining the security and reliability of Microsoft Office 365.

To register the application on the Microsoft Azure portal for Word integration with Volody CLM
Application, Microsoft Office 365 E3 or Office 365 E5 license (for big and medium-sized organizations) or
Microsoft 365 Business Standard license (for small organizations) that includes Word is required.

Client ID:
Client Secret value:
Tenant ID:
Redirect URIs:
https://<APP_URL>/oauth/msapp/callback
https://<APP_URL>/login/microsoft/callback
https://oauth.pstmn.io/v1/callback
Scopes: openid, profile, User.Read, Files.Read, Files.ReadWrite, Files.ReadWrite.All, offline_access

Note: One user account and password from your Microsoft tenant are required, granting access to both
Microsoft Word and OneDrive/SharePoint. This account will be used for integration with the application
as a service account.

7|Page Ver-3.3-JUN-2024
Microsoft Office 365 & OAuth-based sso integration
Microsoft Office 365 & OAuth-based SSO Integrations enhances user access and security, allowing
convenient login to Volody with Microsoft credentials. This streamlines authentication, reduces the
need for multiple logins, and ensures a smooth, secure user experience.

Client ID:
Client Secret value:
Tenant ID:
Redirect URIs:
https://<APP_URL>/azuread/callbackreact
https://<APP_URL>/azuread/sso/callback
https://<APP_URL>/oauth/msapp/callback
https://<APP_URL>/login/microsoft/callback
Scopes: openid, profile, User.Read, Files.Read, Files.ReadWrite, Files.ReadWrite.All, offline_access

Google Doc Integration


This integration enables users to seamlessly use Google Docs within Volody, streamlining workflows,
boosting productivity, and ensuring secure and dependable collaboration.

Create a new project or use existing project on Google and register the application for Google Docs and
SSO integration with Volody CLM. Share the required details for document integration.

API Key:
Service account json file:

Google OAuth-based sso integration


Google Single Sign-On (SSO) integration improves user access and security. Users can log into the Volody
platform seamlessly using their Google credentials, streamlining authentication and enhancing the user
experience.

Create a new project or use existing project on Google and register the application for Google Docs and
SSO integration with Volody CLM. Share the required details for document integration.
Client ID:
Client Secret:
API Key:
Project ID:
Json file
Redirect URIs:
<app_url>/login/google/callbackreact

8|Page Ver-3.3-JUN-2024
DocuSign Integration
This integration seamlessly incorporates DocuSign's e-signature capabilities into Volody, simplifying
document processes. Users benefit from secure electronic signatures, faster approvals, and improved
document tracking while maintaining reliability and compliance standards.

To gather the essential details for integration, users must possess a DocuSign account. They should log
in to their DocuSign account, create a DocuSign Developer account, register an application within the
developer account for Volody, and collect the required information.

Integration Key:
Userid:
Private and public Key:
Redirect URIs:
<app_url>

Adobe Sign Integration


This integration seamlessly incorporates Adobe Sign's e-signature features into Volody, streamlining
document processes. Users benefit from secure electronic signatures, faster approval cycles, and
improved document tracking.

To register an app on the Adobe portal, an Adobe Sign Business & Enterprise subscription, account, or
license is required. Please ensure that the purchased license includes API integration features.

Client ID:
Client Secret:
Redirect URIs:
<APP_URL>/adobe/login/callback
<APP_URL>/adobe-sign/callback
Scopes: user_read, user_write, user_login, agreement_read, agreement_write, agreement_send

9|Page Ver-3.3-JUN-2024

You might also like