Updated: May 2023
Introduction to Data Ingestion
Purpose
This document is intended for Security and IT audiences with information regarding the integration and data ingestion from your data warehouse into Clari’s revenue platform.
What is Clari?
Clari is the revenue platform where your revenue-critical employees can collaborate and govern their revenue workflows to unlock their full potential to become more productive, efficient, and predictable. Those revenue-critical employees could include but not be limited to these teams: sales, solution engineering, customer success, marketing, revenue operations, finance, executives, etc. Their revenue workflows could include but not limited to sales execution, sales coaching, pipeline analysis, marketing attribution, renewal and churn mitigation, forecasting, performance metrics reporting, etc.
Why external data ingested into Clari is relevant?
To see a complete view of Revenue, some customers need a way to bring additional data (beyond CRM) into Clari. The following describes Clari’s integration strategy with other business systems in more detail.
Clari integrates with various data sources, including data warehouses.
Your data warehouse might contain data critical for understanding metered revenue, product usage and adoption, customer sentiment, net promoter score (NPS), inventory count, revenue based on fees or transactions, self-serve revenue not managed by the sales team, etc. All this valuable information if stored outside of CRM, and within a data warehouse, can be integrated into Clari’s platform to give your revenue team a complete view of their business.
Check out Clari’s Integration Hub for a full list of integration partners.
Why is this feature important?
In order for revenue-critical employees to collaborate and govern their revenue workflows, they need access to their revenue-critical data. This data includes data from CRM, email/calendar, and other data sources such as data warehouses.
How would this get set up?
Set Up Procedures
To set up External Data Ingestion into Clari, these are the procedures:
- Within Database: Customer identifies and prepares data table(s) to Clari’s Data Schema Requirements. Customers can create a read replica of the data table for greater security.
- If there is any data transformation, this is the stage to do it, before integration.
- Within Database: Customer provisions a database integration user to be used to integrate with Clari, with read only role.
- Within Clari: Customer Admin sets up the integration within Clari Studio (administration console) provisioned with privileged access.
- Within Clari: Customer admin sets up a Mode within Clari Studio, which defines how the ingested data is identified within Clari for configuration purposes.
- Within Clari: Clari technical personnel will configure the Clari environment to leverage this ingested data within its application use cases.
Clari Schema Requirements
It is worth noting that Clari’s data model is built around your CRM objects and therefore requires some key identifiers to map your data correctly to those objects.
See the table below for detailed schema requirements. Note that apart from [field_name], which is the custom field(s) you’d like to ingest, all other fields should be named exactly as denoted below.
| Field Name | Data Type | Description | Required? |
|---|---|---|---|
| ID | int | Primary key of each record you’re trying to push into Clari. This value must be unique across the dataset. | Yes |
| crm_opportunity_id | string | Salesforce opportunity ID that the individual records stored on this table are attributed to. | At least ONE of the three ID |
| crm_account_id | string | Salesforce account ID that the individual records stored on this table are attributed to. | |
| crm_owner_id | string | Salesforce owner of the respective record. | |
| [field_name] | decimal | Numerical value (ie: number of seats) that gets rolled up into the CRM records. | One (or more) required |
| [field_name] | money | Numerical value (ie: Forecast ARR) that gets rolled up into the CRM records. | |
| created_on | date | Date the record was originally created. | Yes (Do NOT change when updating an existing record) |
| updated_on | date | Date the record was updated. Default should be created_on date. | Yes, if the same record will be updated over time. |
| crm_currency_iso_code | string | The currency code for [field_name] | Only if multi-currency is enabled |
NOTE: Avoid multiple tables with primary key / foreign key relationships. Ideally, there should be a single table with all data tied to the respective ID field(s). If you have multiple use cases, then multiple tables is okay.
How secure is our data?
Integration
We use Fivetran’s API Connectors with data warehouses to establish integrations with your data warehouse.
Here is Fivetran’s security documentation.
The integration is REST API via API key authentication. For each request to the API, we provide Authorization HTTP header. The authorization http header is base64 encoded. The API key is unique for the account and account administrator user pair. Different account administrators can have different API keys.
Encryption
Encryption at-rest and in-transit
All data at rest with Clari systems are encrypted with AWS Key Management Services.
All data in transit with Clari systems are encrypted with certificate-based authentication and TLS 1.2+.
Fivetran Connectors
All connections to Fivetran's web portal are encrypted by default using industry-standard cryptographic protocols (TLS 1.2+).
Connections to customers' database sources and destinations are TLS 1.2 encrypted by default.
Connections to customers' software-as-a-service (SaaS) tool sources are encrypted through HTTPS.
To allow access to source databases, customers can allowlist Fivetran’s IP.
Data access
Customer Admin determines Data Access
Once the integration is established, the customer admin can determine what data tables within the database to connect with Clari.
Create a database integration user and grant read permission to only the tables that they want to ingest to Clari platform, not access to all tables from source database.
Fivetran Permissions
Databases and API cloud applications - Fivetran only requires READ permissions. For data sources that by default grant permissions beyond read-only, Fivetran will never make use of those permissions. The customer would create a Fivetran specific database user with read level permissions only.
Data Processing
Please refer to our Data Processing Addendum for more information.
Retention Schedule
We retain this data indefinitely for the duration of our service agreement. Upon termination of our service, Clari deletes the data within 60 days.
Other Security Resources
For other security certifications, documentation, or questions, please view a summary on https://www.clari.com/security/ or contact security@clari.com.