Architecture & Data Flow
This page gives a security or IT reviewer a single-page orientation to the components that make up Boxcurve Unity and to the trust boundary around them. It is intended to be read before the more detailed Data Residency & Tenant Isolation, Identity & Access Control, and Integrations & Connections documents, which it cross-references rather than duplicates.
Boxcurve Unity is a Power Platform application. It comprises a Power Apps application, a Microsoft Dataverse data store, and a set of Power Automate flows. All three run inside the customer's own Microsoft 365 tenant. The application's data is held only in the customer's Dataverse environment. There is no separate Boxcurve-hosted store of application data.
Trust boundary at a glance
The diagram below shows the components inside the customer's tenant, the in-tenant Microsoft services the application connects to, and the only three channels that leave the tenant boundary.
+===========================================================================+
| CUSTOMER'S MICROSOFT 365 TENANT (trust boundary) |
| |
| +-------------------+ +----------------------------+ |
| | Power Apps | uses | Power Automate flows | |
| | application |------->| (orchestration / sync / | |
| | (Boxcurve Unity) | | notifications / admin) | |
| +---------+---------+ +-------------+--------------+ |
| | | |
| | reads / writes | reads / writes |
| v v |
| +----------------------------------------------+ |
| | Microsoft Dataverse | |
| | (the application's data: | |
| | projects, tasks, accountability map, | |
| | stakeholders, change history, settings) | |
| +----------------------------------------------+ |
| |
| In-tenant Microsoft services the application connects to: |
| +-----------+ +-----------+ +-----------+ +------------+ +-----------+ |
| | Outlook | | Teams | | Planner | | OneDrive | | Office365 | |
| | | | | | | | for Bus. | | Groups / | |
| | | | | | | | | | Users | |
| +-----------+ +-----------+ +-----------+ +------------+ +-----------+ |
| +-------------------------------+ |
| | Azure DevOps | (reached via the Microsoft |
| | (via Microsoft connector) | Azure DevOps connector) |
| +-------------------------------+ |
| |
+=============================|======|======|===============================+
| | |
(1) licensing check | | | (3) task-pack retrieval
tenant ID + | | | (Boxcurve-hosted,
licence / | | | read-only)
notification | | |
metadata | | |
(fail-open) | | |
v | v
+--------------+ | +------------------+
| Boxcurve | | | Boxcurve task |
| licensing | | | pack repository |
| endpoint | | +------------------+
+--------------+ |
v
(2) monday.com import
(OPTIONAL, customer-
configured; pulls boards
/ tasks into Unity)
+------------------+
| monday.com |
+------------------+
Everything above the boundary line runs inside the customer's tenant. The three numbered channels are the only flows that cross the boundary, and they are described in full below.
Components
| Component | Role | Where it runs |
|---|---|---|
| Boxcurve Unity app | The user interface: building and maintaining the accountability map, managing tasks, stakeholders, projects and settings | Customer's Microsoft 365 tenant (Power Apps) |
| Microsoft Dataverse | The application's data store: projects, tasks, accountability assignments, stakeholders, change history, comments, notifications, settings and error logs | Customer's Microsoft 365 tenant (Dataverse environment) |
| Power Automate flows | Orchestration behind the app: project lifecycle administration, role and membership management, change-history logging, notifications, import/export, and synchronisation to Planner and Azure DevOps | Customer's Microsoft 365 tenant (Power Automate) |
In-tenant Microsoft services used
These Microsoft services are reached through Microsoft connectors and operate within the customer's own tenant. The application uses them; it does not administer them.
| Service | How Boxcurve Unity uses it |
|---|---|
| Office 365 Outlook | Sends task-assignment and related notifications by email; delivers exported task files |
| Microsoft Teams | Sends task-assignment notifications |
| Microsoft Planner | Mirrors tasks to a Planner plan and keeps task status in step |
| OneDrive for Business | Receives exported task files (CSV export) |
| Office 365 Groups / Users | Resolves group membership that drives application roles, and looks up user details |
| Azure DevOps | Mirrors tasks to a DevOps board and keeps status in step, reached via the Microsoft Azure DevOps connector |
Data flows
| Flow | Direction | What is exchanged | Boundary |
|---|---|---|---|
| App ↔ Dataverse | Read / write | The application's records (projects, tasks, accountability map, stakeholders, change history, settings) | Inside tenant |
| Flows ↔ Dataverse | Read / write | The same application records, on behalf of orchestration and administration | Inside tenant |
| Notifications → Outlook / Teams | Outbound, in-tenant | Assignment and activity notifications to the assigned people | Inside tenant |
| Task sync → Planner | Outbound, in-tenant | Task title and status mirrored to a Planner plan | Inside tenant |
| Task sync → Azure DevOps | Outbound, in-tenant | Task details and status mirrored to a DevOps board (via the Microsoft connector) | Inside tenant |
| Task export → OneDrive | Outbound, in-tenant | Exported task data as a file | Inside tenant |
| Membership / user lookup → Office 365 Groups / Users | In-tenant | Group membership and user details used to derive roles | Inside tenant |
| (1) Licensing check → Boxcurve licensing endpoint | Outbound, crosses boundary | The tenant identifier, the environment identifier, and licence/plan and notification metadata. No accountability, task, or stakeholder data is sent. Designed to fail open: if the check cannot be reached, the application continues | Outside tenant |
| (2) monday.com import (optional) | Outbound, crosses boundary | Only if the customer configures it: a request to monday.com to retrieve the customer's own boards and tasks for import into Unity | Outside tenant |
| (3) Task-pack retrieval | Outbound, crosses boundary | A read-only request to Boxcurve's task pack repository to retrieve pre-built task packs | Outside tenant |
Channels that cross the tenant boundary
These are the only channels by which traffic leaves the customer's tenant. There is no other external or non-Microsoft transmission in the application.
- Boxcurve licensing check. The application calls a Boxcurve-operated licensing endpoint to confirm the tenant's licence and retrieve any licence-related notifications. The request carries the tenant identifier, the environment identifier, and licence/plan and notification metadata only. It does not transmit accountability, task, project, or stakeholder data. The check is designed to fail open, so a licensing endpoint that cannot be reached does not block the application.
- monday.com import (optional, customer-configured). This channel exists only if the customer chooses to configure it. When enabled, Boxcurve Unity calls monday.com to retrieve the customer's own boards and tasks for import. If it is not configured, no traffic flows to monday.com.
- Task-pack retrieval. Boxcurve Unity retrieves pre-built task packs from Boxcurve's task pack repository by means of a read-only request.
Azure DevOps is not an additional external channel in this context. It is reached through the Microsoft Azure DevOps connector and is treated as an in-tenant Microsoft service for the purposes of this orientation.
Identity
Boxcurve Unity uses the customer's own Microsoft Entra identity. Users sign in with their existing organisational accounts, and the application derives each user's role from Microsoft 365 security-group and Teams membership in the customer's tenant. Boxcurve Unity issues no separate credentials. For identity behaviour generally, refer to Microsoft's documentation: https://learn.microsoft.com/entra/
Where to read more
- Data Residency & Tenant Isolation, where the application's data resides, what leaves the tenant, and platform isolation and encryption behaviour.
- Identity & Access Control, sign-in, roles, and how access is governed.
- Integrations & Connections, the full detail of each connection, including the optional monday.com import and the Planner and Azure DevOps synchronisation.