The two core benefits of using Morphed’s B2B marketplace tech are straightforward:

·  Remove friction from your partners’ selling process with a sophisticated ecommerce platform specifically tailored to selling B2B services and tech;

·  Connect your customers quickly and easily with the tools and services they need from your accredited partners.

Of course, those aren’t the only two reasons to use Morphed’s marketplace solution. As more and more B2B customers begin to favor eCommerce channels over more traditional ones, marketplaces are playing an increasingly important role in growing and powering SaaS partner ecosystems.

These same customers are seeking a seamless experience that streamlines their daily workflows; in other words, they want end-to-end solutions that solve problems holistically. Our marketplace tech makes it easy to collaborate and co-innovate with partners to offer end-to-end solutions in ready-to-go, pre-packaged bundles.

While the benefits of using Morphed’s B2B marketplace are pretty easy to grasp, understanding the tech behind our solution is a little more complex. (Remember, setting up your marketplace doesn’t require any custom code. In fact, as Chris Samila of Partnership Leaders attests, Morphed’s framework is incredibly user-friendly and partners very seldomly run into problems when setting up their profiles.)

For a quick overview of the tech behind our solution, we chatted to Don Kizanga, one of our co-founders and Head of Technology.

Hi, Don. Let’s dive in! Can you please provide more details on Morphed’s server setup and the two-factor authentication process?

We host on the cloud. Firstly, this allows us to delegate certain operations that don’t really add direct value to our company, so that we can focus on creating products. The second reason is related to security and backing up.

We have two-factor authentication on every client’s installation on the server first. We use SSH keys, and on top of that we use time-based one-time pins. That’s to give you security, whereby even if someone were to hi-jack your SSH key, they would still need your time-based tokens, which are on your mobile phone.

We provide two domain options, CNAME and reverse proxy. What’s the difference?

It comes down to the preference of the organization that’s taking up our solution. With the CNAME option, you add a subdomain onto your domain and access the directory through that. But some customers want to brand the directory in a sense whereby it seems as if it’s part of their product, and that’s where the reverse proxy comes into play. It’s a bit more complex to set up, because you need people on your end who can actually do the configuration, but it’s more attractive, especially for big organizations, because it makes it seem as if the directory is part of whatever they are providing.

Let’s talk about security standards.

Let’s start with permission-based access. Our access control can be as granular as you can specify the permissions each user has on their role. For example, let’s say there are two technicians. Technician 1 can do A, B, and C, but Technician 2 can do more than the first technician, even though they’re both technicians. That’s an example of permission-based access control over role-based.

OWASP is basically the standard group in web development that addresses the most vulnerable attacks known for web servers. If you’re building a web app, they highlight what you should be aware of or anticipate when it comes to what an attacker or hacker could do to your system. Our security standard covers all the known OWASP vulnerabilities and we address how we handle all of those in order to make sure that our product is safe.

SOC2 is an international standard that gives you guidelines on what your system should be able to anticipate and cater to for you to be accredited. At the moment we are in the process of obtaining SOC2 compliance.

What is the aim of having custom profile attributes?

We have created a dynamic way for SaaS companies to create profiles for their partners without needing our intervention. They can build profiles and create attributes that partners can store without needing any code. We create the portal for you, and as a Super Admin, you go in and create all the data that a partner would need to store. Not only that, on creation you can make these attributes filtered, so that when you open the directory, you see those attributes as filters.

What about APIs and integrations?

We’ve created Morphed in the sense that every entity within the system can be pushed or pulled through an API. For every entity we have something called data transfer objects. Basically, this is a representation of an entity that can be pushed or pulled through the API, which is already tied into the access control mechanism. So each entity that you have in your system, you can make it an API endpoint and interact with it through there.

I’ll add that we’re always open to custom integrations. For example, if you want us to create your marketplace and you already have integrations with an external service, we’re always open to moving those integrations over for you. We’re API-centric, so that going forward, clients can actually just ask for an API version of Morphed, without a front-end or a user interface, and still have all the features of Morphed through the API.

Tell us about the functionality offered by the 3 portals.

Admin Portal

Based on user roles and permissions, this central management center is used to manage all data relating to your partners and end customers. Through this portal, you’re able to customize property values relating to your partner profiles, monitor briefs submitted by end-customers and proposals sent by partners, view services and templates sold by partners, as well as monitor search queries on your directory. 

Partner Portal

Based on their user type, partners will be able to manage their profiles, set up packages, create custom proposals, respond to briefs, communicate with stakeholders on projects, and more.

Customer Portal

This is where your end customers can engage with your partners by sending them briefs, browsing ready-to-go packages, accepting proposals, sending you communications, making milestone payments, and closing the project with a rating and review.