Community story

Modernizing Audit and Advisory Services with Hasura at Fieldguide

Fieldguide builds automation and collaboration software for Audit and Advisory firms – specifically cybersecurity, privacy, and ESG (Environmental, Social, Governance) practices.

 

With information security and regulatory compliance risk increasing for companies, third party auditors, also known as Risk Advisory Services (RAS) practices, are in high demand. However, risk advisory practitioners typically use legacy, desktop tools built in the 90’s that don’t provide efficiencies in their daily work. Practitioners with Fieldguide have completed thousands of audits on the platform, saving 30-50% of hours and transforming the operations of their practices.

How is Fieldguide using Hasura?

Fieldguide was founded in April 2020 and has used Hasura since the beginning of their product journey. With 800+ commits in their Hasura GitHub repo and 1200+ SQL migrations, Fieldguide leverages Hasura to rapidly iterate on product development, averaging one Hasura deploy a day. And thanks to Hasura’s auto-generated GraphQL operations, Fieldguide developers avoid writing boilerplate data fetching code while maintaining end-to-end type safety.

Hasura customer illus

Using Hasura’s remote schema and event triggers, they’ve joined their own federated service schema which manages emails, authentication, and various document automation and processing workflows. They’ve also used Actions to integrate a RESTful machine learning service.

 

Fieldguide also required enterprise-grade permissioning, as their customers handle sensitive data every day. Leveraging Hasura’s flexible authorization layer, the team has built up to a dozen layers of logic checks to control who has access to which documents and data.

 

Fieldguide’s team credits Hasura for their ability to quickly build out features, integrate new functionality, and enforce rigorous permissions. To help with reviewing Hasura permission changes, Fieldguide developed an open-source Github Action.

“We have to build a system that exceeds risk auditors’ security expectations. Hasura has enabled us to do that with its mix of role-based and attribute-based data access.”

Software Engineer at Fieldguide

Alex Liu

Software Engineer at Fieldguide

Feature Highlights

Authorization Controls

Audit documents have a complex set of rules that govern who has access to what. Hasura’s flexible authorization logic makes this simple to model.

Remote Schema Merging

Remote schema merging allows the team to build out services in the language of their choice, then leverage those services within their data layer without worrying about access controls.

Actions

As the team adopted Actions, they’ve been able to integrate RESTful HTTP endpoints into an unified API, simplifying frontend development and ensuring end-to-end type safety.

Event Triggers

Event triggers allow the team to work with asynchronous data flows and bypass cumbersome Postgres functions.

Configuration as Code

Fieldguide’s product and team has grown rapidly, now reaching over 100 tables each with their interrelated permissions. Hasura’s exportable metadata has allowed them to adopt a powerful, but flexible, CI/CD pipeline and ensure consistency between our codebase and the Hasura server.

SHARE
LinkedInFacebook
2024 Edition

The GraphQL Handbook

A GraphQL Handbook for developers and architects to help plan your GraphQL adoption journey.
The GraphQL Handbook

Ship a rock-solid API on your data – in minutes!