Technical Architecture - Naga Limited

1 System Architecture Overview

High-Level Architecture

DATA SOURCES

📊 SAP ERP

MIRO, MIGO, PO
Vendor Master

📄 Document Store

Invoices, Weighment
E-Invoice, E-Way Bill

📋 Purchase Pro

Custom App
Attachments

↓

INTEGRATION LAYER

🔗 SAP RFC/BAPI

Data Read/Write

📋 REST APIs

Document Fetch

↓

AI PROCESSING LAYER

🤖 Document OCR Engine

Text Extraction, Field Recognition
Invoice Parsing, Weighment Reading

⚙ Validation Rules Engine

Amount Match, Quantity Check
Vendor Verify, GST Validation

↓

APPLICATION LAYER

📈 Dashboard

Validation Status
Metrics

📋 Exception Queue

Mismatch Review
Manual Override

📊 Reports

Audit Trail
Analytics

2 SAP Environment Details

Based on our discovery session, the following SAP landscape has been identified for integration:

NSY

Development

[Dev Server]

Initial Integration

NSQ

Quality

[QA Server]

UAT Testing

NSP

Production

[On-Premise Prod]

On-Premise Prod

NSP

Azure PRD

[Azure Cloud]

Cloud Production

SAP Configuration

SAP Version: SAP Logon 770
Client: [Client ID]
Company Code: [Company Code]
Profit Center: [Profit Center]
Language: EN

3 SAP Integration Specifications

Transactions & Tables

Transaction/Table	Type	Purpose	Direction
MIRO	Transaction	Invoice verification - amounts, posting dates	Read / Write Status
MIGO	Transaction	Goods receipt - quantities, receipt dates	Read
ME29N	Transaction	Purchase order release	Read
MIR7	Transaction	Parked invoices	Read
FB60	Transaction	Non-PO purchases	Read
ML81N	Transaction	Service entry sheet	Read
[Custom Z-Table]	Custom Table	FG Sales details - weights, MIGO data, invoice info	Read
LFA1 / LFB1	Standard Table	Vendor master data	Read
EKKO / EKPO	Standard Table	Purchase order header/items	Read

Integration Methods

🔗 RFC/BAPI (Recommended)

Direct SAP function calls
Real-time data access
Secure authentication
Transaction support

                        // Example BAPI calls

                        BAPI_PO_GETDETAIL

                        BAPI_GOODSMVT_GETDETAIL

                        BAPI_INCOMINGINVOICE_GETDETAIL

☁ OData Services (Alternative)

RESTful API access
JSON/XML responses
SAP Gateway integration
Modern web standards

                        // OData endpoint example

                        GET /sap/opu/odata/sap/

                        API_PURCHASEORDER_PROCESS_SRV

📋 Document Services

ArchiveLink integration
GOS attachments
PDF/Image retrieval
DMS connectivity

                        // Attachment retrieval

                        ARCHIVOBJECT_GET_LINKS

                        SO_DOCUMENT_READ_API1

4 Document OCR Engine

The OCR engine will process multiple document types with field-level extraction:

Document Type	Format	Fields Extracted	Confidence Target
Vendor Invoice	PDF / Scanned	Invoice No, Date, Amount, Line Items, Quantities, GST, Vendor GSTIN	95%+
Weighment Slip	PDF / Scanned	Ticket No, Vehicle No, Gross Wt, Tare Wt, Net Wt, Product, Supplier	95%+
E-Invoice	PDF	IRN Number, QR Code Data, Invoice Values, GSTIN	99%+
E-Way Bill	PDF	EWB Number, Validity Date, From/To GSTIN, Values	99%+
Purchase Voucher	System PDF	PO No, MIGO No, Values, Tax Breakdown, Vendor Details	99%+

OCR Technology Stack

Primary Engine: Azure Form Recognizer / Google Document AI
Fallback: Tesseract OCR with custom training
Pre-processing: Image enhancement, deskew, noise removal
Post-processing: Field validation, format normalization
Custom Models: Trained on Naga-specific invoice formats

5 Validation Rules Engine

Rule ID	Validation	Source 1	Source 2	Match Criteria
VR-001	Invoice Amount Match	Vendor Invoice (OCR)	MIRO Amount	Exact match (±₹10 tolerance)
VR-002	PO Number Match	Vendor Invoice (OCR)	SAP PO Number	Exact match
VR-003	Quantity Verification	Invoice Qty	GRN/MIGO Qty	Within ±2% tolerance
VR-004	GST Calculation	Calculated GST	Invoice GST	Exact match
VR-005	Vendor GSTIN Match	Invoice GSTIN (OCR)	Vendor Master GSTIN	Exact match
VR-006	Weight Verification	Weighment Slip (OCR)	GRN Net Weight	Within ±1% tolerance
VR-007	Due Date Check	Payment Terms (Z045)	Current Date	Within terms
VR-008	E-Invoice IRN	E-Invoice IRN (OCR)	GST Portal (optional)	Valid format

                // Example Validation Rule Configuration (JSON)

                {

                  "rule_id": "VR-001",

                  "name": "Invoice Amount Match",

                  "source_1": {

                    "type": "ocr",

                    "document": "vendor_invoice",

                    "field": "total_amount"

                  },

                  "source_2": {

                    "type": "sap",

                    "transaction": "MIRO",

                    "field": "WRBTR"

                  },

                  "tolerance": 10,

                  "tolerance_type": "absolute",

                  "severity": "high"

                }

6 Technology Stack

💻 Backend

Runtime: Python 3.11+ / Node.js 18+
Framework: FastAPI / Express.js
SAP Connector: PyRFC / node-rfc
Task Queue: Celery / Bull
Caching: Redis

🌐 Frontend

Framework: React 18 / Vue 3
UI Library: Material UI / Ant Design
Charts: Recharts / ECharts
State: Redux / Pinia
Build: Vite

📊 Database

Primary: PostgreSQL 15+
Document Store: MongoDB (optional)
Search: Elasticsearch (optional)
ORM: SQLAlchemy / Prisma

🤖 AI/ML

OCR: Azure Form Recognizer
NLP: spaCy / Hugging Face
ML Ops: MLflow
Model Serving: FastAPI / TensorFlow Serving

☁ Infrastructure

Deployment: Docker + Kubernetes
Cloud: Azure / AWS / On-Premise
CI/CD: GitHub Actions / Azure DevOps
Monitoring: Prometheus + Grafana

🔒 Security

Auth: OAuth 2.0 / SAML
Encryption: TLS 1.3, AES-256
Secrets: HashiCorp Vault / Azure Key Vault
RBAC: Role-based access control

7 Security & Compliance

🔒 Data Security

All data encrypted in transit (TLS 1.3)
All data encrypted at rest (AES-256)
No data leaves customer network (on-premise option)
Document retention policies configurable
PII data masking in logs

👤 Access Control

Role-based access control (RBAC)
SSO integration (SAML/OAuth)
Multi-factor authentication support
Audit logging for all actions
Session management & timeout

📋 Compliance

GST compliance for e-invoice validation
Complete audit trail for all validations
Data retention as per statutory requirements
Export capabilities for auditors

🛡 Infrastructure Security

Network isolation / VPC
Web Application Firewall (WAF)
DDoS protection
Regular security patching
Vulnerability scanning

8 Deployment Options

🏢 On-Premise (Recommended)

Deployed within Naga network
Direct SAP connectivity
No data leaves premises
Full control over infrastructure
Requires server provisioning

Best for: Data-sensitive operations, low latency requirements

☁ Private Cloud

Deployed on Azure (existing PRD)
VPN connectivity to SAP
Managed infrastructure
Auto-scaling capabilities
Lower upfront investment

Best for: Scalability, reduced IT overhead

🚀 Hybrid

OCR processing in cloud
Validation engine on-premise
Optimized cost structure
Flexible scaling
Data stays on-premise

Best for: Cost optimization with security