Bangun platform
di atas Kirimdev
Org → Teams → Members → WhatsApp accounts. Plus Customers mode (Business plan) untuk SaaS yang melayani end-tenants — one-time setup links biar mereka onboard tanpa pernah login dashboard Anda.
Model yang masuk akal
Setiap entitas punya tempat. Setiap akses di-gate. Tidak ada shared tenant cuy.
Standard untuk semua plan
Organization top-level — billing, plan, slug. Bisa punya banyak Teams untuk pisahin support, sales, billing. Members assigned ke team dengan role owner, admin, atau agent.
Tiap team own WhatsApp Accounts (phone_number_id dari Meta). Contact, conversation, message, broadcast — semua scoped ke akun, scoped ke team, scoped ke org.
- Credentials WhatsApp encrypted AES-256-GCM (authenticated encryption) at rest
- Cross-org access return
404— no enumeration leak - Per-account webhook URL pakai unique secret
- Cookie-based session (Better Auth) dengan cross-subdomain support
Organization (org_*)
├─ plan: business
├─ Team
│ ├─ Member (owner | admin | agent)
│ └─ WhatsApp Account
│ ├─ Contacts
│ ├─ Conversations
│ └─ Templates
└─ Customer (cus_*) // tenant-of-tenant
├─ status: pending
│ ↓
│ active (after Embedded Signup)
├─ Setup Link (csl_*) // one-time
└─ WhatsApp Account // owned by customerCustomers: tenant-of-tenant
Bangun SaaS yang melayani end-customers. Mereka punya WhatsApp accountnya sendiri, Anda yang manage platform.
One-time setup links
Generate URL satu kali pakai, kirim ke end-customer. Mereka klik, jalan Meta Embedded Signup, akun WA mereka terkoneksi ke platform Anda — tanpa pernah login dashboard Kirimdev.
- Token plaintext returned once — hash-only di DB
- TTL default 7 hari, max 30 hari, revocable
- Configurable success / failure redirect URL (SSRF-guarded)
- Webhook events:
customer.setup_link.created+.consumed
// Buat end-customer (tenant-of-tenant)
const customer = await kirim.customers.create({
name: 'Klinik Sehati',
email: 'admin@kliniksehati.id',
metadata: { crm_id: 'KS-001' }
})
// → status: 'pending'
// Generate one-time setup link
const link = await kirim.customers
.setupLinks(customer.id).create({
expires_in_hours: 168,
success_redirect_url: 'https://acme.com/done'
})
// Plaintext token returned ONCE — kirim ke end-customer
console.log(link.setup_url)
// https://app.kirimdev.com/setup/csl_xxxDetail yang penting buat tim Anda
RBAC 3-level
owner (billing + everything), admin (operations + members), agent (inbox + send). Route-level enforcement.
Credential encryption
WhatsApp access token di-encrypt aes-256-gcm (authenticated) sebelum persist. Key terisolasi dari DB credentials.
Customer lifecycle
pending → active → suspended → archived. Suspend block semua send tanpa kehilangan data.
Cross-subdomain auth
Cookie session jalan di app., docs., dashboard subdomain Anda — single sign-on tanpa OAuth dance.
Custom metadata
Free-form JSON per customer / contact untuk CRM id, segment, locale. Capped ~64 keys / 16 KB.
Per-customer webhooks
Customer-scoped events dengan customer_id payload — tahu persis tenant mana yang trigger.
Platform mode untuk yang serius
Manage client WA
Onboard klien baru dengan setup link. Tiap klien dapet akun WhatsApp sendiri, Anda manage dari satu dashboard.
White-label messaging
Bangun CRM, e-commerce, atau booking platform yang ngirim notifikasi via WhatsApp pelanggan Anda — bukan WhatsApp Anda.
Per-merchant messaging
Tiap merchant onboard WhatsApp Business mereka sendiri, terhubung ke platform Anda lewat one-time setup flow.
Bangun platform Anda di atas WhatsApp
Trial Business plan 30 hari. Setup link, customers, semua fitur unlock.