CRM App Backend Template
GraphQL — Schema, API & AI Guide
A production-ready GraphQL CRM backend schema and Starter Kit on Back4app: Contact, Company, Deal, Activity, pipeline stages, ER diagram, data dictionary, JSON schema, API playground, and a one-click AI Agent prompt to deploy in minutes.
Key Takeaways
On this page you get a production-ready CRM schema, a one-click AI prompt, and step-by-step GraphQL code — so you can ship a CRM app without building the backend.
- Deploy in minutes — Paste the AI Agent prompt and get a running app with contacts, companies, deals, and pipeline.
- Secure by default — ACLs and role-based access so users see only their assigned deals and data.
- GraphQL-native SDK — Typed objects, async/await, offline pinning, and Live Queries for pipeline updates.
- REST + GraphQL — Both APIs auto-generated; filter deals by stage, list activities by relatedTo.
- Five classes — _User (built-in), Company, Contact, Deal (pipeline), Activity (tasks/events).
What Is the GraphQL CRM App Backend Template?
Back4app is a backend-as-a-service (BaaS) ideal for CRM apps: managed database, real-time sync, role-based access, and SDKs for 13+ technologies. The CRM App Backend Template is a pre-built, production-ready backend schema on Back4app. It gives you five classes (_User, Company, Contact, Deal, Activity), pipeline stages, REST and GraphQL APIs, and a one-click AI Agent prompt — so you can connect a GraphQL frontend and ship a working CRM app in minutes instead of days. Pick your technology below for step-by-step SDK integration.
Best for:
Overview
Back4app exposes your CRM schema over GraphQL: query contacts, deals (with where: { stage }), and activities; mutate with createDeal, updateDeal, createContact, createActivity. One endpoint, typed schema, and session-based auth.
The same five classes — _User, Company, Contact, Deal, Activity — back both REST and GraphQL. Use your favorite GraphQL client (Apollo, urql) to request only the fields you need and keep the pipeline and contact lists in sync.
Core CRM Features
GraphQL CRM API with Contact, Company, Deal, and Activity types. Queries and mutations for pipeline management, ACLs, and activity tracking — no REST glue.
Contact management
Store and manage contacts with name, email, phone, company, and notes. Ideal for GraphQL apps.
Company management
Track companies with name, website, industry, and address. Links to contacts and deals.
Deal pipeline
Sales pipeline with stages, amount, expected close date, and assignment. Built for GraphQL backends.
Activity tracking
Log calls, emails, meetings, and notes linked to contacts and deals. Works with GraphQL SDK.
User & permissions
Built-in user model and pointers for ownership and assignment. ACLs out of the box for GraphQL.
Why Build Your CRM GraphQL API with Back4app?
Back4app provides a GraphQL endpoint so you can query and mutate Contact, Company, Deal, and Activity with a single endpoint.
- •Single endpoint: POST to the GraphQL endpoint with queries and mutations; request only the fields you need.
- •Typed schema: Contact, Company, Deal, and Activity types are generated from your Back4app schema; use them in your client for type-safe requests.
- •Pipeline & activities: Query deals by stage and activities by relatedTo; mutations to update deal stage and create activities.
Ideal for teams using GraphQL clients (Apollo, urql) for CRM or dashboards.
Core Benefits
A production-ready CRM backend so you can ship faster and focus on your app.
Ship Faster, No Backend Code
REST & GraphQL APIs and a ready-to-use schema — connect your app and go.
Secure by Default
ACLs and class-level permissions; restrict by assignedTo and createdBy.
Real-Time Pipeline
Live Queries over WebSockets for instant deal and activity updates.
Built-In Auth
User sign-up, login, and session handling out of the box.
Works Offline
Local pinning keeps contacts and deals available offline and syncs when you reconnect.
Deploy in Minutes
Use the AI Agent to create and deploy your CRM app from this template.
Ready to try it?
Let the Back4app AI Agent create your CRM app backend, connect the GraphQL frontend, and deploy — all from a single prompt.
Free to start — 50 AI Agent prompts/month, no credit card required
Technical Stack
Everything powering this CRM app template at a glance.
ER Diagram
Entity-Relationship diagram for the GraphQL CRM app data model.
CRM schema: _User, Company, Contact, Deal, Activity with pointers for company, contact, deal, assignedTo, relatedTo, createdBy.
View diagram source
erDiagram
_User {
String objectId PK
String username
String email
String password
Date createdAt
Date updatedAt
}
Company {
String objectId PK
String name
String website
String industry
String address
String notes
Pointer createdBy FK
Date createdAt
Date updatedAt
}
Contact {
String objectId PK
String name
String email
String phone
Pointer company FK
String notes
Pointer createdBy FK
Date createdAt
Date updatedAt
}
Deal {
String objectId PK
String title
Number amount
String stage
Pointer contact FK
Pointer company FK
Date expectedCloseDate
String notes
Pointer assignedTo FK
Date createdAt
Date updatedAt
}
Activity {
String objectId PK
String type
String subject
String description
Date dueDate
Date completedAt
Pointer relatedTo FK
Pointer createdBy FK
Date createdAt
Date updatedAt
}
Company ||--o{ Contact : "has"
Company ||--o{ Deal : "has"
Contact ||--o{ Deal : "has"
_User ||--o{ Deal : "assignedTo"
_User ||--o{ Activity : "createdBy"
Contact ||--o{ Activity : "relatedTo"
Deal ||--o{ Activity : "relatedTo"
_User ||--o{ Company : "createdBy"
_User ||--o{ Contact : "createdBy"
Integration Flow
Auth-to-CRUD sequence: how your GraphQL app talks to Back4app — login, then query contacts and deals, update pipeline.
View diagram source
sequenceDiagram
participant User
participant Client as GraphQL Client
participant Back4app as Back4app Cloud
User->>Client: Login
Client->>Back4app: mutation { logIn(username, password) }
Back4app-->>Client: Session token
Client-->>User: Logged in
User->>Client: Load contacts and deals
Client->>Back4app: query { deals { edges { node { objectId title stage } } } }
Back4app-->>Client: Deal list
Client-->>User: Show pipeline
User->>Client: Create deal or contact
Client->>Back4app: mutation { createDeal(input: { ... }) }
Back4app-->>Client: Deal (objectId)
Client-->>User: Updated listData Dictionary
Complete field reference for every class in the schema.
| Field | Type | Description | Required |
|---|---|---|---|
| objectId | String | Auto-generated unique identifier | auto |
| name | String | Full name of the contact | |
| String | Email address | — | |
| phone | String | Phone number | — |
| company | Pointer<Company> | Company this contact belongs to | — |
| notes | String | Free-form notes | — |
| createdBy | Pointer<_User> | User who created this contact | — |
| createdAt | Date | Auto-generated creation timestamp | auto |
| updatedAt | Date | Auto-generated last-update timestamp | auto |
9 fields in Contact
Security & Permissions
How ownership, ACLs, and class-level permissions protect data in this CRM schema.
Row-Level ACLs
Use ACLs and pointers (assignedTo, createdBy) so users only see and edit their assigned deals and related data.
Class-Level Permissions
CLPs restrict which roles or users can create, read, update, or delete objects at the class level.
Pointer-Based Ownership
Deal.assignedTo and Activity.createdBy link to _User; Cloud Code can enforce visibility and edits by role.
Schema (JSON)
Raw JSON schema definition — copy and use in your Back4app app or import via the API.
{
"classes": [
{
"className": "Contact",
"fields": {
"objectId": {
"type": "String",
"required": false
},
"name": {
"type": "String",
"required": true
},
"email": {
"type": "String",
"required": false
},
"phone": {
"type": "String",
"required": false
},
"company": {
"type": "Pointer",
"targetClass": "Company",
"required": false
},
"notes": {
"type": "String",
"required": false
},
"createdBy": {
"type": "Pointer",
"targetClass": "_User",
"required": false
},
"createdAt": {
"type": "Date",
"required": false
},
"updatedAt": {
"type": "Date",
"required": false
}
}
},
{
"className": "Company",
"fields": {
"objectId": {
"type": "String",
"required": false
},
"name": {
"type": "String",
"required": true
},
"website": {
"type": "String",
"required": false
},
"industry": {
"type": "String",
"required": false
},
"address": {
"type": "String",
"required": false
},
"notes": {
"type": "String",
"required": false
},
"createdBy": {
"type": "Pointer",
"targetClass": "_User",
"required": false
},
"createdAt": {
"type": "Date",
"required": false
},
"updatedAt": {
"type": "Date",
"required": false
}
}
},
{
"className": "Deal",
"fields": {
"objectId": {
"type": "String",
"required": false
},
"title": {
"type": "String",
"required": true
},
"amount": {
"type": "Number",
"required": false
},
"stage": {
"type": "String",
"required": false
},
"contact": {
"type": "Pointer",
"targetClass": "Contact",
"required": false
},
"company": {
"type": "Pointer",
"targetClass": "Company",
"required": false
},
"expectedCloseDate": {
"type": "Date",
"required": false
},
"notes": {
"type": "String",
"required": false
},
"assignedTo": {
"type": "Pointer",
"targetClass": "_User",
"required": false
},
"createdAt": {
"type": "Date",
"required": false
},
"updatedAt": {
"type": "Date",
"required": false
}
}
},
{
"className": "Activity",
"fields": {
"objectId": {
"type": "String",
"required": false
},
"type": {
"type": "String",
"required": false
},
"subject": {
"type": "String",
"required": false
},
"description": {
"type": "String",
"required": false
},
"dueDate": {
"type": "Date",
"required": false
},
"completedAt": {
"type": "Date",
"required": false
},
"relatedTo": {
"type": "Pointer",
"required": false
},
"createdBy": {
"type": "Pointer",
"targetClass": "_User",
"required": false
},
"createdAt": {
"type": "Date",
"required": false
},
"updatedAt": {
"type": "Date",
"required": false
}
}
},
{
"className": "_User",
"fields": {
"objectId": {
"type": "String",
"required": false
},
"username": {
"type": "String",
"required": true
},
"email": {
"type": "String",
"required": true
},
"password": {
"type": "String",
"required": true
},
"createdAt": {
"type": "Date",
"required": false
},
"updatedAt": {
"type": "Date",
"required": false
}
}
}
]
}Build with AI Agent
Use the Back4app AI Agent to build a real CRM app from this template: it will create the frontend, the backend (this schema, auth, and APIs), and deploy it — no manual setup. The prompt below describes this CRM stack so the Agent can generate a production-ready app in one go.
Create a CRM app on Back4app with this exact schema and behavior. Schema: 1. _User (use Back4app built-in): username (String, required), email (String, required), password (String, required); objectId, createdAt, updatedAt (system). 2. Company: name (String, required), website (String), industry (String), address (String), notes (String), createdBy (Pointer to _User); objectId, createdAt, updatedAt (system). 3. Contact: name (String, required), email (String), phone (String), company (Pointer to Company), notes (String), createdBy (Pointer to _User); objectId, createdAt, updatedAt (system). 4. Deal: title (String, required), amount (Number), stage (String; e.g. lead, qualified, proposal, negotiation, won, lost), contact (Pointer to Contact), company (Pointer to Company), expectedCloseDate (Date), notes (String), assignedTo (Pointer to _User); objectId, createdAt, updatedAt (system). 5. Activity: type (String; e.g. call, email, meeting, note), subject (String), description (String), dueDate (Date), completedAt (Date), relatedTo (Pointer to Contact or Deal), createdBy (Pointer to _User); objectId, createdAt, updatedAt (system). Security: - Set ACLs so only authenticated users can access data; use role-based or owner-based rules where appropriate (e.g. assignedTo, createdBy). - Use Class-Level Permissions so only authenticated users can create/read/update/delete these classes. Auth: - Sign-up (username, email, password) and login; support logout/session. Behavior: - Full CRUD for Company, Contact, Deal, and Activity. - List deals with filter by stage and order by expectedCloseDate or updatedAt (pipeline view). - List activities by relatedTo (Contact or Deal). - Optional: real-time Live Queries for Deal and Activity for dashboard/pipeline updates. - Optional: offline pinning for mobile (Contacts, Deals, Activities). Deliver: - Create the Back4app app with the schema above, ACLs, and any Cloud Code needed. - Generate the frontend and connect it to this backend; deploy so the app is runnable end-to-end.
Press the button below to open the Agent with this template's prompt pre-filled.
API Playground
Try the REST and GraphQL endpoints for the CRM schema. Responses from the example data above — no Back4app account needed.
Uses the same CRM schema (Contact, Company, Deal, Activity) as this template.
Step-by-Step GraphQL Integration
Connect to your Back4app backend from a GraphQL app using the Back4app GraphQL SDK.
Query contacts and deals
Send a GraphQL query to fetch contacts or deals (with session token in headers).
GraphQLquery GetDeals { deals { edges { node { objectId title done dueDate priority createdAt } } } }Create a deal
Use the createDeal mutation with variables for title, stage, amount, and related contact/company.
GraphQLmutation CreateDeal($title: String!, $stage: String, $amount: Float) { createDeal(input: { fields: { title: $title stage: $stage amount: $amount } }) { deal { objectId title stage amount createdAt } } } mutation CreateContact($name: String!, $email: String, $phone: String) { createContact(input: { fields: { name: $name email: $email phone: $phone } }) { contact { objectId name createdAt } } }Update and delete
UpdateDeal and DeleteDeal mutations with objectId.
GraphQLmutation UpdateDeal($objectId: ID!, $stage: String) { updateDeal(input: { objectId: $objectId fields: { stage: $stage } }) { deal { objectId stage } } } mutation DeleteDeal($objectId: ID!) { deleteDeal(input: { objectId: $objectId }) { success } }
Frequently Asked Questions
Common questions about the CRM app backend template.
Ready to Build Your CRM App?
Start your GraphQL project in minutes. No credit card required.