⚙ Technical Architecture

Naga Limited - P2P Payment Automation

← Back to Proposal

1 System Architecture Overview

High-Level Architecture

DATA SOURCES

📊 SAP ERP

MIRO, MIGO, PO
Vendor Master

📄 Document Store

Invoices, Weighment
E-Invoice, E-Way Bill

📋 Purchase Pro

Custom App
Attachments

INTEGRATION LAYER

🔗 SAP RFC/BAPI

Data Read/Write

📋 REST APIs

Document Fetch

AI PROCESSING LAYER

🤖 Document OCR Engine

Text Extraction, Field Recognition
Invoice Parsing, Weighment Reading

⚙ Validation Rules Engine

Amount Match, Quantity Check
Vendor Verify, GST Validation

APPLICATION LAYER

📈 Dashboard

Validation Status
Metrics

📋 Exception Queue

Mismatch Review
Manual Override

📊 Reports

Audit Trail
Analytics

2 SAP Environment Details

Based on our discovery session, the following SAP landscape has been identified for integration:

NSY
Development

[Dev Server]

Initial Integration

NSQ
Quality

[QA Server]

UAT Testing

NSP
Production

[On-Premise Prod]

On-Premise Prod

NSP
Azure PRD

[Azure Cloud]

Cloud Production

SAP Configuration

  • SAP Version: SAP Logon 770
  • Client: [Client ID]
  • Company Code: [Company Code]
  • Profit Center: [Profit Center]
  • Language: EN

3 SAP Integration Specifications

Transactions & Tables

Transaction/Table Type Purpose Direction
MIRO Transaction Invoice verification - amounts, posting dates Read / Write Status
MIGO Transaction Goods receipt - quantities, receipt dates Read
ME29N Transaction Purchase order release Read
MIR7 Transaction Parked invoices Read
FB60 Transaction Non-PO purchases Read
ML81N Transaction Service entry sheet Read
[Custom Z-Table] Custom Table FG Sales details - weights, MIGO data, invoice info Read
LFA1 / LFB1 Standard Table Vendor master data Read
EKKO / EKPO Standard Table Purchase order header/items Read

Integration Methods

🔗 RFC/BAPI (Recommended)

  • Direct SAP function calls
  • Real-time data access
  • Secure authentication
  • Transaction support
// Example BAPI calls
BAPI_PO_GETDETAIL
BAPI_GOODSMVT_GETDETAIL
BAPI_INCOMINGINVOICE_GETDETAIL

☁ OData Services (Alternative)

  • RESTful API access
  • JSON/XML responses
  • SAP Gateway integration
  • Modern web standards
// OData endpoint example
GET /sap/opu/odata/sap/
API_PURCHASEORDER_PROCESS_SRV

📋 Document Services

  • ArchiveLink integration
  • GOS attachments
  • PDF/Image retrieval
  • DMS connectivity
// Attachment retrieval
ARCHIVOBJECT_GET_LINKS
SO_DOCUMENT_READ_API1

4 Document OCR Engine

The OCR engine will process multiple document types with field-level extraction:

Document Type Format Fields Extracted Confidence Target
Vendor Invoice PDF / Scanned Invoice No, Date, Amount, Line Items, Quantities, GST, Vendor GSTIN 95%+
Weighment Slip PDF / Scanned Ticket No, Vehicle No, Gross Wt, Tare Wt, Net Wt, Product, Supplier 95%+
E-Invoice PDF IRN Number, QR Code Data, Invoice Values, GSTIN 99%+
E-Way Bill PDF EWB Number, Validity Date, From/To GSTIN, Values 99%+
Purchase Voucher System PDF PO No, MIGO No, Values, Tax Breakdown, Vendor Details 99%+

OCR Technology Stack

  • Primary Engine: Azure Form Recognizer / Google Document AI
  • Fallback: Tesseract OCR with custom training
  • Pre-processing: Image enhancement, deskew, noise removal
  • Post-processing: Field validation, format normalization
  • Custom Models: Trained on Naga-specific invoice formats

5 Validation Rules Engine

Rule ID Validation Source 1 Source 2 Match Criteria
VR-001 Invoice Amount Match Vendor Invoice (OCR) MIRO Amount Exact match (±₹10 tolerance)
VR-002 PO Number Match Vendor Invoice (OCR) SAP PO Number Exact match
VR-003 Quantity Verification Invoice Qty GRN/MIGO Qty Within ±2% tolerance
VR-004 GST Calculation Calculated GST Invoice GST Exact match
VR-005 Vendor GSTIN Match Invoice GSTIN (OCR) Vendor Master GSTIN Exact match
VR-006 Weight Verification Weighment Slip (OCR) GRN Net Weight Within ±1% tolerance
VR-007 Due Date Check Payment Terms (Z045) Current Date Within terms
VR-008 E-Invoice IRN E-Invoice IRN (OCR) GST Portal (optional) Valid format
// Example Validation Rule Configuration (JSON)

{
  "rule_id": "VR-001",
  "name": "Invoice Amount Match",
  "source_1": {
    "type": "ocr",
    "document": "vendor_invoice",
    "field": "total_amount"
  },
  "source_2": {
    "type": "sap",
    "transaction": "MIRO",
    "field": "WRBTR"
  },
  "tolerance": 10,
  "tolerance_type": "absolute",
  "severity": "high"
}

6 Technology Stack

💻 Backend

  • Runtime: Python 3.11+ / Node.js 18+
  • Framework: FastAPI / Express.js
  • SAP Connector: PyRFC / node-rfc
  • Task Queue: Celery / Bull
  • Caching: Redis

🌐 Frontend

  • Framework: React 18 / Vue 3
  • UI Library: Material UI / Ant Design
  • Charts: Recharts / ECharts
  • State: Redux / Pinia
  • Build: Vite

📊 Database

  • Primary: PostgreSQL 15+
  • Document Store: MongoDB (optional)
  • Search: Elasticsearch (optional)
  • ORM: SQLAlchemy / Prisma

🤖 AI/ML

  • OCR: Azure Form Recognizer
  • NLP: spaCy / Hugging Face
  • ML Ops: MLflow
  • Model Serving: FastAPI / TensorFlow Serving

☁ Infrastructure

  • Deployment: Docker + Kubernetes
  • Cloud: Azure / AWS / On-Premise
  • CI/CD: GitHub Actions / Azure DevOps
  • Monitoring: Prometheus + Grafana

🔒 Security

  • Auth: OAuth 2.0 / SAML
  • Encryption: TLS 1.3, AES-256
  • Secrets: HashiCorp Vault / Azure Key Vault
  • RBAC: Role-based access control

7 Security & Compliance

🔒 Data Security

  • All data encrypted in transit (TLS 1.3)
  • All data encrypted at rest (AES-256)
  • No data leaves customer network (on-premise option)
  • Document retention policies configurable
  • PII data masking in logs

👤 Access Control

  • Role-based access control (RBAC)
  • SSO integration (SAML/OAuth)
  • Multi-factor authentication support
  • Audit logging for all actions
  • Session management & timeout

📋 Compliance

  • GST compliance for e-invoice validation
  • Complete audit trail for all validations
  • Data retention as per statutory requirements
  • Export capabilities for auditors

🛡 Infrastructure Security

  • Network isolation / VPC
  • Web Application Firewall (WAF)
  • DDoS protection
  • Regular security patching
  • Vulnerability scanning

8 Deployment Options

🏢 On-Premise (Recommended)

  • Deployed within Naga network
  • Direct SAP connectivity
  • No data leaves premises
  • Full control over infrastructure
  • Requires server provisioning

Best for: Data-sensitive operations, low latency requirements

☁ Private Cloud

  • Deployed on Azure (existing PRD)
  • VPN connectivity to SAP
  • Managed infrastructure
  • Auto-scaling capabilities
  • Lower upfront investment

Best for: Scalability, reduced IT overhead

🚀 Hybrid

  • OCR processing in cloud
  • Validation engine on-premise
  • Optimized cost structure
  • Flexible scaling
  • Data stays on-premise

Best for: Cost optimization with security