Integrations

Technical integration details for Business Central, API connections, webhook configuration, and third-party system compatibility.

Integration Overview

BRC Risk Management provides seamless integration with Business Central and external risk data providers through multiple integration points including API connections, webhook notifications, and standard BC extension patterns.

Business Central Integration

Core Module Extensions

Customer Module Integration:

Table Extension: Adds BRCTICCompanyId field to Customer table
Page Extensions: Risk FactBox on Customer Card and List
Field Integration: Color-coded risk indicators using StyleExpr
Actions: “Fetch Risk Data” and “Add to Watchlist” on Customer pages

Vendor Module Integration:

Table Extension: Adds BRCTICCompanyId field to Vendor table
Page Extensions: Risk FactBox on Vendor Card and List
Field Integration: Color-coded risk indicators using StyleExpr
Actions: “Fetch Risk Data” and “Add to Watchlist” on Vendor pages

Role Center Integration:

Risk Manager Role Center: Dedicated workspace for risk management
Risk Assessment Cues: Live metrics and key performance indicators
Quick Actions: Direct access to entities, watchlists, and setup

Menu Integration:

Departments → Financial Management → Risk Management: Standard navigation pattern
Search Integration: “Risk” keyword brings up all related functionality
Action Integration: Risk-related actions available from relevant contexts

Database Integration

Object ID Range: 70000-70099

Tables: Business Entity (70000), Risk Setup (70004), Watchlists (70005)
Pages: Setup (70020), Entity List/Card (70030/70031), Role Center (70050)
Extensions: Customer (70000), Vendor (70001) with namespace-based organization

Data Relationships:

graph TB
    A[Customer] -->|BRCTICCompanyId| B[Business Entity]
    C[Vendor] -->|BRCTICCompanyId| B
    B --> D[Risk Level]
    B --> E[API Call Ledger]
    F[Risk Watch List] --> G[Risk Watch List Line]
    G -->|Entity Filter| B

API Integration

TIC API Integration (Primary Provider)

Authentication:

Method: API Key authentication in request headers
Storage: Encrypted storage in Business Central IsolatedStorage
Security: Secure credential management with automatic masking in logs

Supported Operations:

Company Search: Search by company name, VAT number, registration number
Risk Data Fetch: Retrieve credit scores, debt balance, payment marks
Bulk Operations: Multiple company queries in single request
Watchlist Registration: Register criteria-based monitoring with TIC

API Endpoints:

GET /companies/search?name={companyName}
GET /companies/{ticCompanyId}/risk-data
POST /companies/bulk-fetch
POST /watchlists
GET /watchlists/{watchlistId}/matches

Request/Response Format

Company Search Request:

{
  "searchCriteria": {
    "companyName": "Example Company Ltd",
    "vatNumber": "GB123456789",
    "registrationNumber": "12345678",
    "country": "GB"
  },
  "includeRiskData": true
}

Risk Data Response:

{
  "ticCompanyId": "123456789",
  "companyName": "Example Company Ltd",
  "riskData": {
    "creditScore": 75,
    "riskLevel": "MEDIUM",
    "debtBalance": 25000.00,
    "paymentMarks": 2,
    "lastUpdated": "2025-12-01T10:30:00Z"
  },
  "dataVersion": 42
}

Alternative Provider Integration

Compatibility Requirements:

Protocol: REST API with JSON responses
Authentication: API key or token-based authentication
Data Fields: Credit score, debt information, payment history
Search Capability: Company lookup by name or registration details

Implementation Steps:

Implement IRiskDataProvider interface
Configure API endpoints in Risk Setup
Map response fields to Business Central data structure
Test connection and data retrieval
Configure rate limiting and error handling

Webhook Integration

Inbound Webhooks (From Risk Providers)

Real-Time Notifications:

Risk Level Changes: Immediate notifications when risk status changes
Watchlist Matches: Alerts when entities meet watchlist criteria
Data Updates: Notifications of new risk data availability

Webhook Configuration:

{
  "webhookUrl": "https://yourtenant.bc.dynamics.com/webhook/risk/notification",
  "authToken": "secure-webhook-token",
  "events": ["riskLevelChanged", "watchlistMatch", "dataUpdate"],
  "entityFilter": {
    "watchlistIds": [1, 2, 3],
    "riskLevels": ["HIGH", "CRITICAL"]
  }
}

Webhook Processing:

Authentication: Verify webhook source and token
Payload Validation: Ensure data structure and required fields
Entity Matching: Link webhook data to Business Central entities
Risk Update: Update entity risk data and trigger workflows
Notification: Generate internal notifications per user preferences

Outbound Webhooks (To External Systems)

Notification Delivery:

CRM Systems: Update customer risk data in sales/marketing platforms
ERP Integration: Sync risk information to other financial systems
Monitoring Tools: Send alerts to business intelligence platforms
Communication: Trigger email or SMS notifications through external services

Webhook Payload Example:

{
  "eventType": "RiskLevelChanged",
  "timestamp": "2025-12-01T10:30:00Z",
  "entity": {
    "ticCompanyId": "123456789",
    "companyName": "Example Company Ltd",
    "customerNo": "C001",
    "vendorNo": "V001"
  },
  "riskChange": {
    "oldLevel": "MEDIUM",
    "newLevel": "HIGH",
    "creditScore": 45,
    "trigger": "creditScoreDecrease"
  }
}

Job Queue Integration

Background Processing

Scheduled Risk Updates:

JobQueueEntry.INIT;
JobQueueEntry."Object Type to Run" := JobQueueEntry."Object Type to Run"::Codeunit;
JobQueueEntry."Object ID to Run" := CODEUNIT::"Bulk Risk Data Fetcher";
JobQueueEntry."Recurring Job" := true;
JobQueueEntry."Run on Mondays" := true;
JobQueueEntry."Starting Time" := 080000T; // 8:00 AM

Processing Types:

Individual Updates: Single entity risk data refresh
Bulk Updates: Multiple entities processed in batch
Watchlist Evaluation: Check entities against watchlist criteria
Cleanup Tasks: Archive old data and logs

Error Handling:

Retry Logic: Automatic retry for transient failures
Dead Letter Queue: Store failed requests for manual review
Alert Generation: Notify administrators of persistent failures
Logging: Comprehensive audit trail for troubleshooting

Integration Events

Publisher Events

Available Events:

[IntegrationEvent(false, false)]
local procedure OnBeforeRiskDataFetch(var BusinessEntity: Record "Business Entity"; var IsHandled: Boolean)

[IntegrationEvent(false, false)]
local procedure OnAfterRiskDataUpdated(var BusinessEntity: Record "Business Entity"; OldRiskLevel: Code[10])

[IntegrationEvent(false, false)]
local procedure OnRiskLevelChanged(var BusinessEntity: Record "Business Entity"; OldRiskLevel: Code[10]; NewRiskLevel: Code[10])

[IntegrationEvent(false, false)]
local procedure OnWatchlistCriteriaMatched(var RiskWatchList: Record "Risk Watch List"; var BusinessEntity: Record "Business Entity")

[IntegrationEvent(false, false)]
local procedure OnApiCallCompleted(var APICallLedger: Record "API Call Ledger"; Success: Boolean)

Custom Integration Examples

Risk Level Validation:

[EventSubscriber(ObjectType::Table, Database::"Business Entity", 'OnRiskLevelChanged', '', false, false)]
local procedure OnRiskLevelChangedCustomValidation(var BusinessEntity: Record "Business Entity"; OldRiskLevel: Code[10]; NewRiskLevel: Code[10])
begin
    // Custom business logic for risk level changes
    if NewRiskLevel = 'CRITICAL' then
        SendUrgentNotification(BusinessEntity);
end;

Custom Notification Logic:

[EventSubscriber(ObjectType::Table, Database::"Risk Watch List", 'OnWatchlistCriteriaMatched', '', false, false)]
local procedure OnWatchlistMatchCustomActions(var RiskWatchList: Record "Risk Watch List"; var BusinessEntity: Record "Business Entity")
begin
    // Integrate with external CRM system
    UpdateCRMRiskStatus(BusinessEntity);
    
    // Log to custom audit system
    CreateCustomAuditEntry(RiskWatchList, BusinessEntity);
end;

Third-Party System Integration

CRM Integration

Salesforce Integration:

Risk Data Sync: Push Business Central risk data to Salesforce accounts
Opportunity Scoring: Include risk factors in sales opportunity evaluation
Lead Qualification: Auto-qualify leads based on risk assessment
Account Management: Risk-based account categorization

Microsoft Dynamics 365 Sales:

Entity Linking: Connect BC Business Entities to Dynamics Sales accounts
Risk Insights: Display risk information in Dynamics Sales interface
Sales Process: Incorporate risk data into sales workflow
Reporting: Combined sales and risk analytics

Financial System Integration

Banking Platforms:

Credit Limit Sync: Update bank credit facilities based on risk assessment
Payment Terms: Adjust payment conditions based on customer risk
Collection Management: Prioritize collections using risk data
Cash Flow Planning: Incorporate risk factors in cash flow forecasts

Accounting Systems:

Provision Calculation: Calculate bad debt provisions using risk data
Credit Loss Modeling: Feed risk scores into credit loss calculations
Financial Reporting: Include risk metrics in financial statements
Audit Trail: Provide risk assessment documentation for auditors

Business Intelligence Integration

Power BI Integration:

Risk Dashboards: Create comprehensive risk management dashboards
Trend Analysis: Track risk level changes over time
Portfolio Analysis: Analyze risk distribution across customer/vendor portfolio
Predictive Analytics: Use risk data for forecasting and planning

Data Warehouse Integration:

Data Export: Scheduled export of risk data to data warehouse
ETL Processing: Transform risk data for analytics consumption
Historical Tracking: Long-term risk trend storage and analysis
Cross-System Analytics: Combine risk data with other business metrics

Security and Compliance

Data Protection

Encryption:

In Transit: TLS 1.2+ for all API communications
At Rest: Business Central standard encryption for stored data
Credentials: Encrypted storage of API keys and authentication tokens

Access Control:

Permission Sets: Role-based access to integration features
API Security: Secure authentication for all external connections
Audit Logging: Comprehensive tracking of all integration activities

Compliance Standards

GDPR Compliance:

Data Minimization: Only necessary risk data is stored
Right to Erasure: Support for data deletion requests
Data Portability: Export capabilities for data transfer
Consent Management: Clear consent for third-party data usage

Industry Standards:

SOC 2: Service organization control compliance
ISO 27001: Information security management standards
PCI DSS: Payment card industry data security (where applicable)

Integration Best Practices

Performance Optimization

API Efficiency:

Batch Processing: Group API calls to minimize request overhead
Caching: Cache frequently accessed data to reduce API calls
Rate Limiting: Respect provider API limits and implement queuing
Async Processing: Use background jobs for non-critical operations

Database Optimization:

Indexing: Proper indexes on frequently queried fields
Archiving: Regular archival of old audit trail data
Connection Management: Efficient database connection usage
Query Optimization: Optimized queries for large datasets

Reliability and Monitoring