Home / Ops / More in this area

Affirmology NDA Gate to CRM Flow Build Brief v1

Updated Jun 29, 2026 · Affirmology_NDAFlow_BuildBrief_v1.md

Affirmology NDA Gate to CRM Flow Build Brief v1

For: a Claude Code session on the Mac (repo access, the keys in affirmology-studio/.env, Cloudflare token, can deploy the Worker). How to use: paste this whole file as the kickoff.

0. Goal (one paragraph)

Automate the demo-access pipeline end to end: a warm contact opens their personal link, signs the full NDA through SignWell, and the moment they finish, a record is written to the Airtable CRM and demo access is granted, with funnel events tracked along the way. No manual steps per person. This replaces the in-page clickwrap gate that is currently in affirmology-site/index.html.

1. Hard rules

• No em dashes anywhere (Jeff's rule).
• Secrets only in env, never in client JS or committed files.
• Idempotent: match people by email so signing twice never duplicates a row.
• Gated: demo content must not be reachable without a completed signature.
• Verify with a real test signature before claiming done.

2. The flow to build

1. Each invite link carries a personal token: demo.affirmology.ai/?id=<token>. The page maps the token to a person and passes name/email into SignWell as prefill.
2. The gate becomes "review and sign to enter": it presents the NDA via SignWell (reusable Template Link, or an API-created signing session), not a checkbox.
3. On SignWell "document completed", a webhook hits our endpoint, which: upserts the People row in Airtable (NDA signed = true, signed-at, name, email, phone, Stage = "NDA signed"), and grants demo access (one-time access token, or add the email to the Cloudflare Access allowlist for the demo).
4. Funnel events (link clicked, demo listened, vision watched, report read, beta committed) POST to /api/track and update the same People row.

3. Where things live

All paths are LOCAL files under the project root on the Mac: /Users/jeffreyparker/CLAUDE/AFFIRMOLOGY/. Open them by that local path. (If the folder also syncs to Google Drive, ignore the Drive copy and use the local path.)

• Demo site: /Users/jeffreyparker/CLAUDE/AFFIRMOLOGY/affirmology-site/ (the page is index.html; the current gate is the #nda-gate block + its IIFE near the bottom).
• The NDA document to use in SignWell: /Users/jeffreyparker/CLAUDE/AFFIRMOLOGY/Affirmology_NDA_Signable_v5.pdf (Affirmology LLC as Party A, Jeff's signature pre-applied, recipient signs Signature + Date; SignWell auto-captures name/email/IP/time).
• Cloudflare Worker that routes demo.affirmology.ai/api/*: affirmology-demo-site/worker/ (add the new routes here). The demo runs cloud-side; the Worker is the public API surface.
• Keys in affirmology-studio/.env: AIRTABLE_API_KEY, CLOUDFLARE_API_TOKEN, RESEND_API_KEY. Add SIGNWELL_API_KEY (Jeff will provide).

4. Airtable target (already built)

• Base: appSuTUcOQbpkxLUR ("Affirmology Launch CRM").
• People table tblOOWgEjVfX21NT3. Relevant field IDs:
• Name fldd9ZIKCqWAGf9Z2, Email fldCnQ39xZKoQY6NA, WhatsApp / Phone fldbQ0xChwNVeTcC6
• Stage fldqvIA716ngjkmwz (single select: "NDA signed", "Took demo", etc.)
• NDA signed fldZM3ctrBuo27qvq (checkbox), NDA signed at fldLzc2FDO1QBumgp (date)
• Link clicked fldSJzzk0soCzetDa, Door taken fld7JjfB0jGozDhcW, Demo listened fldewnjdXIXECJAVC, Vision video watched fldRUbtQh9f8flLTH, Report read fldiuSQJNUH13eIlv
• Beta committed fld3pWfOANeRAs2e0, Beta committed at fldBRRKmaQvOTwAvn, Hub link fldMo3NIxM2ngqz06, Last seen fldXbvDzxyYuzhMIs
• Interactions table tblvMUdNEZ6s5YHHR (Person link fld6yfUonM8bfnckj) for logged touchpoints.
• Prerequisite: the Airtable PAT in .env must have access to base appSuTUcOQbpkxLUR. The token currently lists zero bases. Jeff: open the token at airtable.com/create/tokens, add the base "Affirmology Launch CRM", save. (The base was created via the Airtable MCP, which is why the older token cannot see it yet.) Confirm GET https://api.airtable.com/v0/meta/bases returns the base before relying on REST writes.

5. SignWell specifics

• API base https://www.signwell.com/api/v1/, auth header X-Api-Key: <SIGNWELL_API_KEY>.
• Reusable signing: build the NDA as a Template in the SignWell UI (or via API), then use a Template Link for bulk self-serve signing; prefill fields via query string using each field's API ID.
• Webhooks: configure a "document completed" (and "viewed") webhook to our endpoint. Use the event to trigger the Airtable write and access grant. Verify the webhook signature.
• Jeff will paste the Template Link and the API key.

6. Endpoints to build on the Worker

• POST /api/nda-webhook : receive SignWell events; on completed, upsert People (match by email), set NDA signed + signed-at + name + phone + Stage "NDA signed"; then grant access (token or Cloudflare Access allowlist add). Return 200 fast; do the Airtable write server-side with AIRTABLE_API_KEY.
• POST /api/track : body {token|email, event, at}; map to the People row and set the matching funnel field + Last seen. Events: link_clicked, door_experience, door_vision, demo_listened, vision_watched, report_read, beta_committed.
• (Optional) GET /api/nda-status?token= : lets the page check whether this person has already signed, so returning visitors skip straight in (never re-gated, per the never-gatekeep rule for the personal page).

7. Demo-taker reconciliation

The engine emails a notification per render and the Listening Room/library has every entry. Add a periodic job (or reuse the render-complete signal) that matches the render's email to People and sets Demo listened + Stage "Took demo". This closes the loop between "signed" and "actually experienced it".

8. Acceptance criteria

• A real test signature through SignWell creates or updates exactly one People row (matched by email) with NDA signed = true, signed-at set, Stage "NDA signed", and grants demo access.
• Demo content is unreachable without a completed signature (incognito test).
• Firing each /api/track event updates the right field on the right person; signing twice does not duplicate the row.
• No em dashes; no secrets in client code or commits.

9. Build order

1. Confirm the Airtable token can see base appSuTUcOQbpkxLUR (section 4 prerequisite).
2. Add SIGNWELL_API_KEY to .env; build the /api/nda-webhook and /api/track Worker routes with server-side Airtable upserts.
3. Swap the index.html gate to the SignWell "sign to enter" flow with token prefill and the access grant.
4. Wire the SignWell webhook to /api/nda-webhook; test a real signature end to end.
5. Add the demo-taker reconciliation.
6. Run the acceptance pass in section 8.

Keep it lean and idempotent. The signing-to-access-to-CRM loop is the must-have; the reconciliation and the status-check are fast-follows.