REST API Template
CRM App Backend Template
REST API — Schema, API & AI Guide
A production-ready REST API CRM backend schema and Starter Kit on Back4app: Contact, Company, Deal, Activity, pipeline stages, ER diagram, data dictionary, JSON schema, API playground, and a one-click AI Agent prompt to deploy in minutes.
Key Takeaways
On this page you get a production-ready CRM schema, a one-click AI prompt, and step-by-step REST API code — so you can ship a CRM app without building the backend.
- Deploy in minutes — Paste the AI Agent prompt and get a running app with contacts, companies, deals, and pipeline.
- Secure by default — ACLs and role-based access so users see only their assigned deals and data.
- REST API-native SDK — Typed objects, async/await, offline pinning, and Live Queries for pipeline updates.
- REST + GraphQL — Both APIs auto-generated; filter deals by stage, list activities by relatedTo.
- Five classes — _User (built-in), Company, Contact, Deal (pipeline), Activity (tasks/events).
What Is the REST API CRM Backend Template?
A REST-first CRM backend on Back4app: standard GET/POST/PUT/DELETE on /classes/Contact, /classes/Deal, and related endpoints. Use X-Parse-Session-Token for auth and where/order for pipeline queries. Integrate from any stack — mobile, web, or server-side — with clear status codes and JSON payloads. No GraphQL or SDK required.
Best for:
Sales teamsCRM buildersRapid prototypingField repsMVP launchesTeams choosing a BaaS for CRM
Overview
A REST API for CRM: GET /classes/Deal, POST /classes/Contact, PUT /classes/Deal/:id, and so on. Back4app generates these endpoints from the schema; you send X-Parse-Session-Token for auth and use where and order for pipeline and list queries.
The schema (five classes: _User, Company, Contact, Deal, Activity) is the same as for SDK clients. Any HTTP client can integrate — mobile, web, or server — with standard JSON and status codes.
Core CRM Features
REST API CRM backend: endpoints for Contact, Company, Deal, and Activity with auth headers and status codes. Pipeline management and ACLs out of the box.
Contact management
Store and manage contacts with name, email, phone, company, and notes. Ideal for REST API apps.
Company management
Track companies with name, website, industry, and address. Links to contacts and deals.
Deal pipeline
Sales pipeline with stages, amount, expected close date, and assignment. Built for REST API backends.
Activity tracking
Log calls, emails, meetings, and notes linked to contacts and deals. Works with REST API SDK.
User & permissions
Built-in user model and pointers for ownership and assignment. ACLs out of the box for REST API.
ER Diagram
Entity-Relationship diagram for the REST API CRM app data model.
erDiagram
_User {
String objectId PK
String username
String email
String password
Date createdAt
Date updatedAt
}
Company {
String objectId PK
String name
String website
String industry
String address
String notes
Pointer createdBy FK
Date createdAt
Date updatedAt
}
Contact {
String objectId PK
String name
String email
String phone
Pointer company FK
String notes
Pointer createdBy FK
Date createdAt
Date updatedAt
}
Deal {
String objectId PK
String title
Number amount
String stage
Pointer contact FK
Pointer company FK
Date expectedCloseDate
String notes
Pointer assignedTo FK
Date createdAt
Date updatedAt
}
Activity {
String objectId PK
String type
String subject
String description
Date dueDate
Date completedAt
Pointer relatedTo FK
Pointer createdBy FK
Date createdAt
Date updatedAt
}
Company ||--o{ Contact : "has"
Company ||--o{ Deal : "has"
Contact ||--o{ Deal : "has"
_User ||--o{ Deal : "assignedTo"
_User ||--o{ Activity : "createdBy"
Contact ||--o{ Activity : "relatedTo"
Deal ||--o{ Activity : "relatedTo"
_User ||--o{ Company : "createdBy"
_User ||--o{ Contact : "createdBy"
Loading diagram…
View diagram source
Mermaid
erDiagram
_User {
String objectId PK
String username
String email
String password
Date createdAt
Date updatedAt
}
Company {
String objectId PK
String name
String website
String industry
String address
String notes
Pointer createdBy FK
Date createdAt
Date updatedAt
}
Contact {
String objectId PK
String name
String email
String phone
Pointer company FK
String notes
Pointer createdBy FK
Date createdAt
Date updatedAt
}
Deal {
String objectId PK
String title
Number amount
String stage
Pointer contact FK
Pointer company FK
Date expectedCloseDate
String notes
Pointer assignedTo FK
Date createdAt
Date updatedAt
}
Activity {
String objectId PK
String type
String subject
String description
Date dueDate
Date completedAt
Pointer relatedTo FK
Pointer createdBy FK
Date createdAt
Date updatedAt
}
Company ||--o{ Contact : "has"
Company ||--o{ Deal : "has"
Contact ||--o{ Deal : "has"
_User ||--o{ Deal : "assignedTo"
_User ||--o{ Activity : "createdBy"
Contact ||--o{ Activity : "relatedTo"
Deal ||--o{ Activity : "relatedTo"
_User ||--o{ Company : "createdBy"
_User ||--o{ Contact : "createdBy"
Integration Flow
Auth-to-CRUD sequence: how your REST API app talks to Back4app — login, then query contacts and deals, update pipeline.
sequenceDiagram
participant User
participant Client as REST Client
participant Back4app as Back4app Cloud
User->>Client: Login
Client->>Back4app: POST /login (username, password)
Back4app-->>Client: sessionToken
Client-->>User: Logged in
User->>Client: Load deals and contacts
Client->>Back4app: GET /classes/Deal?where={"stage":"qualified"}
Back4app-->>Client: results
Client-->>User: Show pipeline
User->>Client: Create deal or contact
Client->>Back4app: POST /classes/Deal (X-Parse-Session-Token)
Back4app-->>Client: objectId, createdAt
Client-->>User: Updated list
Loading diagram…
View diagram source
Mermaid
sequenceDiagram
participant User
participant Client as REST Client
participant Back4app as Back4app Cloud
User->>Client: Login
Client->>Back4app: POST /login (username, password)
Back4app-->>Client: sessionToken
Client-->>User: Logged in
User->>Client: Load deals and contacts
Client->>Back4app: GET /classes/Deal?where={"stage":"qualified"}
Back4app-->>Client: results
Client-->>User: Show pipeline
User->>Client: Create deal or contact
Client->>Back4app: POST /classes/Deal (X-Parse-Session-Token)
Back4app-->>Client: objectId, createdAt
Client-->>User: Updated listData Dictionary
Complete field reference for every class in the schema.
Contact
| Field | Type | Description | Required |
|---|---|---|---|
| objectId | String | Auto-generated unique identifier | auto |
| name | String | Full name of the contact | |
| String | Email address | — | |
| phone | String | Phone number | — |
| company | Pointer<Company> | Company this contact belongs to | — |
| notes | String | Free-form notes | — |
| createdBy | Pointer<_User> | User who created this contact | — |
| createdAt | Date | Auto-generated creation timestamp | auto |
| updatedAt | Date | Auto-generated last-update timestamp | auto |
Company
| Field | Type | Description | Required |
|---|---|---|---|
| objectId | String | Auto-generated unique identifier | auto |
| name | String | Company name | |
| website | String | Company website URL | — |
| industry | String | Industry or sector | — |
| address | String | Physical or mailing address | — |
| notes | String | Free-form notes | — |
| createdBy | Pointer<_User> | User who created this company | — |
| createdAt | Date | Auto-generated creation timestamp | auto |
| updatedAt | Date | Auto-generated last-update timestamp | auto |
Deal
| Field | Type | Description | Required |
|---|---|---|---|
| objectId | String | Auto-generated unique identifier | auto |
| title | String | Deal title or name | |
| amount | Number | Deal value or amount | — |
| stage | String | Pipeline stage (e.g. lead, qualified, proposal, won, lost) | — |
| contact | Pointer<Contact> | Primary contact for this deal | — |
| company | Pointer<Company> | Company associated with this deal | — |
| expectedCloseDate | Date | Expected close date | — |
| notes | String | Free-form notes | — |
| assignedTo | Pointer<_User> | User assigned to this deal | — |
| createdAt | Date | Auto-generated creation timestamp | auto |
| updatedAt | Date | Auto-generated last-update timestamp | auto |
Activity
| Field | Type | Description | Required |
|---|---|---|---|
| objectId | String | Auto-generated unique identifier | auto |
| type | String | Activity type (call, email, meeting, note) | — |
| subject | String | Subject or title | — |
| description | String | Description or body | — |
| dueDate | Date | Due date | — |
| completedAt | Date | When the activity was completed | — |
| relatedTo | Pointer | Pointer to Contact or Deal | — |
| createdBy | Pointer<_User> | User who created this activity | — |
| createdAt | Date | Auto-generated creation timestamp | auto |
| updatedAt | Date | Auto-generated last-update timestamp | auto |
_User
| Field | Type | Description | Required |
|---|---|---|---|
| objectId | String | Auto-generated unique identifier | auto |
| username | String | Login username | |
| String | Email address | ||
| password | String | Hashed password (write-only) | |
| createdAt | Date | Auto-generated creation timestamp | auto |
| updatedAt | Date | Auto-generated last-update timestamp | auto |
Schema (JSON)
Raw JSON schema definition — copy and use in your Back4app app or import via the API.
JSON
{
"classes": [
{
"className": "Contact",
"fields": {
"objectId": {
"type": "String",
"required": false
},
"name": {
"type": "String",
"required": true
},
"email": {
"type": "String",
"required": false
},
"phone": {
"type": "String",
"required": false
},
"company": {
"type": "Pointer",
"targetClass": "Company",
"required": false
},
"notes": {
"type": "String",
"required": false
},
"createdBy": {
"type": "Pointer",
"targetClass": "_User",
"required": false
},
"createdAt": {
"type": "Date",
"required": false
},
"updatedAt": {
"type": "Date",
"required": false
}
}
},
{
"className": "Company",
"fields": {
"objectId": {
"type": "String",
"required": false
},
"name": {
"type": "String",
"required": true
},
"website": {
"type": "String",
"required": false
},
"industry": {
"type": "String",
"required": false
},
"address": {
"type": "String",
"required": false
},
"notes": {
"type": "String",
"required": false
},
"createdBy": {
"type": "Pointer",
"targetClass": "_User",
"required": false
},
"createdAt": {
"type": "Date",
"required": false
},
"updatedAt": {
"type": "Date",
"required": false
}
}
},
{
"className": "Deal",
"fields": {
"objectId": {
"type": "String",
"required": false
},
"title": {
"type": "String",
"required": true
},
"amount": {
"type": "Number",
"required": false
},
"stage": {
"type": "String",
"required": false
},
"contact": {
"type": "Pointer",
"targetClass": "Contact",
"required": false
},
"company": {
"type": "Pointer",
"targetClass": "Company",
"required": false
},
"expectedCloseDate": {
"type": "Date",
"required": false
},
"notes": {
"type": "String",
"required": false
},
"assignedTo": {
"type": "Pointer",
"targetClass": "_User",
"required": false
},
"createdAt": {
"type": "Date",
"required": false
},
"updatedAt": {
"type": "Date",
"required": false
}
}
},
{
"className": "Activity",
"fields": {
"objectId": {
"type": "String",
"required": false
},
"type": {
"type": "String",
"required": false
},
"subject": {
"type": "String",
"required": false
},
"description": {
"type": "String",
"required": false
},
"dueDate": {
"type": "Date",
"required": false
},
"completedAt": {
"type": "Date",
"required": false
},
"relatedTo": {
"type": "Pointer",
"required": false
},
"createdBy": {
"type": "Pointer",
"targetClass": "_User",
"required": false
},
"createdAt": {
"type": "Date",
"required": false
},
"updatedAt": {
"type": "Date",
"required": false
}
}
},
{
"className": "_User",
"fields": {
"objectId": {
"type": "String",
"required": false
},
"username": {
"type": "String",
"required": true
},
"email": {
"type": "String",
"required": true
},
"password": {
"type": "String",
"required": true
},
"createdAt": {
"type": "Date",
"required": false
},
"updatedAt": {
"type": "Date",
"required": false
}
}
}
]
}Build with AI Agent
Use the Back4app AI Agent to build a real CRM app from this template: it will create the frontend, the backend (this schema, auth, and APIs), and deploy it — no manual setup. The prompt below describes this CRM stack so the Agent can generate a production-ready app in one go.
Back4app AI Agent
Ready to build
Create a CRM app on Back4app with this exact schema and behavior. Schema: 1. _User (use Back4app built-in): username (String, required), email (String, required), password (String, required); objectId, createdAt, updatedAt (system). 2. Company: name (String, required), website (String), industry (String), address (String), notes (String), createdBy (Pointer to _User); objectId, createdAt, updatedAt (system). 3. Contact: name (String, required), email (String), phone (String), company (Pointer to Company), notes (String), createdBy (Pointer to _User); objectId, createdAt, updatedAt (system). 4. Deal: title (String, required), amount (Number), stage (String; e.g. lead, qualified, proposal, negotiation, won, lost), contact (Pointer to Contact), company (Pointer to Company), expectedCloseDate (Date), notes (String), assignedTo (Pointer to _User); objectId, createdAt, updatedAt (system). 5. Activity: type (String; e.g. call, email, meeting, note), subject (String), description (String), dueDate (Date), completedAt (Date), relatedTo (Pointer to Contact or Deal), createdBy (Pointer to _User); objectId, createdAt, updatedAt (system). Security: - Set ACLs so only authenticated users can access data; use role-based or owner-based rules where appropriate (e.g. assignedTo, createdBy). - Use Class-Level Permissions so only authenticated users can create/read/update/delete these classes. Auth: - Sign-up (username, email, password) and login; support logout/session. Behavior: - Full CRUD for Company, Contact, Deal, and Activity. - List deals with filter by stage and order by expectedCloseDate or updatedAt (pipeline view). - List activities by relatedTo (Contact or Deal). - Optional: real-time Live Queries for Deal and Activity for dashboard/pipeline updates. - Optional: offline pinning for mobile (Contacts, Deals, Activities). Deliver: - Create the Back4app app with the schema above, ACLs, and any Cloud Code needed. - Generate the frontend and connect it to this backend; deploy so the app is runnable end-to-end.
No credit card required
API Playground
Try the REST and GraphQL endpoints for the CRM schema. Responses from the example data above — no Back4app account needed.
GET
https://parseapi.back4app.com/classes/Contact
Headers
{
"X-Parse-Application-Id": "YOUR_APP_ID",
"X-Parse-REST-API-Key": "YOUR_REST_API_KEY"
}Using This Backend with REST API
Connect to your Back4app backend using standard HTTP requests.
1
Get your API credentials
After creating your app on Back4app, find your Application ID and REST API Key in App Settings → Security & Keys. All requests require these headers.
Bash
# Required headers for every request
X-Parse-Application-Id: YOUR_APP_ID
X-Parse-REST-API-Key: YOUR_REST_API_KEY2
Create a contact
Bash
curl -X POST \
-H "X-Parse-Application-Id: YOUR_APP_ID" \
-H "X-Parse-REST-API-Key: YOUR_REST_API_KEY" \
-H "Content-Type: application/json" \
-d '{"name":"Jane Doe","email":"[email protected]","phone":"+1234567890"}' \
https://parseapi.back4app.com/classes/Contact3
List contacts or deals
Bash
curl -X GET \
-H "X-Parse-Application-Id: YOUR_APP_ID" \
-H "X-Parse-REST-API-Key: YOUR_REST_API_KEY" \
https://parseapi.back4app.com/classes/Contact4
Update a deal
Bash
curl -X PUT \
-H "X-Parse-Application-Id: YOUR_APP_ID" \
-H "X-Parse-REST-API-Key: YOUR_REST_API_KEY" \
-H "Content-Type: application/json" \
-d '{"done":true}' \
https://parseapi.back4app.com/classes/Deal/OBJECT_ID5
Delete a deal
Bash
curl -X DELETE \
-H "X-Parse-Application-Id: YOUR_APP_ID" \
-H "X-Parse-REST-API-Key: YOUR_REST_API_KEY" \
https://parseapi.back4app.com/classes/Deal/OBJECT_IDFrequently Asked Questions
Common questions about the CRM app backend template.
What is Back4app?
Why use Back4app for a CRM REST API?
How do I list deals by stage with REST?
How do I create an activity linked to a deal?
Ready to Build Your CRM App?
Start your REST API project in minutes. No credit card required.