StepZen is now part of IBM. For the most recent product information and updates go to
https://www.ibm.com/products/stepzen
Use Cases

Build Multi-tenant GraphQL Applications

Vikash Suresh, Co-Founder & CEO, Recorem
Vikash SureshCo-Founder & CEO, Recorem

Using StepZen, Recorem made onboarding new users and partners to its service fast, seamless, and secure in a multi-tenant environment.

About Recorem

Recorem's vision is to help companies leverage professional conferences to discover passive talent. Its web application is designed for companies to discover talent and for job seekers to find opportunities at live, online, and hybrid events. .

Recorem matches pre-qualified job seekers to employment opportunities in/during professional events. Its platform enables companies to discover talent, for job seekers to find opportunities at events, and for event organizers to monetize events by helping them deliver value for their attendees.

Challenge

Recorem’s users include event organizers (e.g. an industry conference, an open house, or job fair at a university), job seekers, recruiters, and hiring managers, as well as their teams and organizations across the globe. Recorem manages information about job-seekers, job opportunities, events, and so on to support all of these users. It is critical that the platform protects all user data and has the right controls in place so that the right people have access to the right data.

The nature of the business and the growth of Recorem’s own business means that it is imperative to onboard new users quickly and cost-effectively. The Recorem platform is a multi-tenant service, where each tenant of the service corresponds to an event or client. For example, a conference and a university placement team are each representative of tenants. Therefore, Recorem must ensure that data belonging to one tenant does not leak to any other tenant.

Solution

Using StepZen, Recorem stitches multiple APIs together into a unified GraphQL layer. Consequently, a single GraphQL call fetches data from numerous backends. The ability to access data across backends and stitch them together on the server side drastically reduces lines of code. StepZen’s custom GraphQL directive @dbquery makes it easy to configure connections to Postgres and MongoDB for data access and mutations. Leveraging another custom directive (@rest), Recorem integrates the public and private REST APIs that implement the business logic and mutations to change application metadata, including user account creation and password changes.

The unified GraphQL endpoint and configuration-driven approach simplify what would otherwise be complex code to write and maintain, especially as continuously onboarding new users and events is a key success metric for Recorem’s business. For example, Recorem plans to soon integrate with a number of event platforms. This will allow organizers to enable job discovery using Recorem instead of the inbuilt matching that the event platform offers. These integrations allow Recorem to deliver the power of its matching algorithms to its clients. (Recorem evaluates multiple parameters like skills and proficiency for pre-qualifying job seekers to display relevant jobs.)

Recorem deploys a shared multi-tenant application on StepZen. Authorization and authentication capabilities using self-signed JWT tokens, which StepZen validates and respects, enable Recorem to securely isolate data belonging to different tenants within the same database. Because these signed, short-lived JWT tokens identify both tenants and users, the application can implement data isolation securely and efficiently.

Both public and private API calls are integrated into the single GraphQL endpoint. The public queries are open, and the private ones are restricted to those with valid JWT keys enabling Recorem to deliver a full range of user experiences, from pre-login experiences to personalized or secure content provided after the user logs in with valid credentials.

Onboarding partners and users quickly and securely on a multi-tenant hosted platform

The talent and job matching landscape is a complex one. Recorem’s core business is in matching third-party events, companies, and job seekers and involves managing data from numerous backends: APIs, databases, applicant tracking systems, HRM systems, and more. StepZen helps Recorem seamlessly and securely integrate data and enable talent discovery and connections. Using StepZen’s declarative and configuration-based approach to building the GraphQL API layer, Recorem developers avoid thousands of lines of programming logic to fetch and stitch data from multiple backends.

Recorem deploys its service on StepZen’s hosted infrastructure, ensuring almost zero downtime. Recorem developers can focus on their business and quickly onboard new tenants on the platform, not on the building and maintaining a performant service.

The security and access control model, including the ability to define public and protected API calls, provides the security this platform needs to support its business and users. Last but not least, the StepZen team, with decades of deep expertise in database technology, is thrilled to partner with Recorem to tune its database for high performance.