We're here to simplify: we know that connecting Adobe Commerce in a simple way, with its integrations and data flows, can be problematic. But it doesn't have to: Weavee was created with the mission of simplifying the integration and maintenance of those connections. Weavee was created to monitor and report problems in real time so that problems can be resolved on time and minimize business impact.

The services that make up Weavee are organized and managed within the same group of resources in Azure. This facilitates centralized management and consistent application of security policies.

Communication between the Weavee administration frontend site and the backend is carried out using the HTTPS (Hypertext Transfer Protocol Secure) protocol. This protocol provides a layer of security by encrypting data transmitted during communication between both components.

Azure Entra ID is a service that provides cloud-based authentication and authorization capabilities, managing identities and access in a secure manner. Its features include:

- Multifactor Authentication (MFA): The service is configured to require users to verify their identity using two authentication methods, significantly reducing the risk of unauthorized access.
- OAuth 2.0 protocol and OpenID Connect: Weavee uses the OAuth 2.0 and OpenID Connect protocols to ensure secure authentication, ensuring that user credentials are not directly exposed.

Weavee uses Entra ID to manage the service's user directory, ensuring secure and centralized authentication management.

Weavee uses Azure Cosmos DB, a globally distributed database designed for scalability and high availability. The security measures of this service include:

- Data Encryption at Rest and in Transit: All data stored in Cosmos DB is encrypted using AES-256 encryption. Data in transit between the client and the server is also encrypted using TLS/SSL.

Azure Key Vault is a service that provides a secure way to manage cryptographic keys, secrets and certificates. Its security features include:

- Secure Secret Storage: It allows you to securely store and access secrets such as passwords, API tokens and other sensitive data.

We use Azure Key Vault because it provides the necessary mechanisms to manage and ensure the security of sensitive information such as credentials in connections made during the execution of workflows. For example, when communicating with a REST API whose authentication mechanism is the use of credentials such as username and password, Weavee hosts these values in Key Vault as secrets that are only accessible by the platform to execute said communication.