Integrations
Mission integrates with other products in The One Stack and can connect to external services.
The One Hub
Type: Identity and navigation
Data flow:
- Hub → Mission: Staff authentication via SSO (JTI token validation)
- Mission → Hub: User profile sync
How it works: When a staff member logs in through Hub, Hub issues a JWT with a JTI (JWT ID). Mission validates this JTI against the Hub API using an integration key before creating a Mission session. This ensures only Hub-authenticated users can access Mission via SSO.
Setup: The Hub integration key (X-Integration-Key) is configured in Mission's environment at deployment. No per-organization setup required.
The One Brand
Type: Website and landing page provisioning
Data flow:
- Mission → Brand:
org.createdbus event triggers auto-provisioning of 1 website + 10 landing pages per organization
How it works: When you create a new Mission organization, Mission emits an org.created event on The One Bus. Brand listens for this event and automatically provisions a website and landing pages for the org.
Data that flows: Organization name, slug, engine type (determines website template), and branding configuration.
Setup: Automatic — no configuration needed. The website appears in Brand Studio within minutes of org creation.
TheOnePortal
Type: Member self-service portal
Data flow:
- Portal → Mission: Member authentication and data reads (people, donations, events, groups, prayer)
- Mission → Portal: Real-time data via API
How it works: TheOnePortal calls Mission's API with an integration key to fetch member data for the authenticated portal user. The portal displays giving history, event registrations, group memberships, and (for Church engine) the prayer wall.
Setup:
- In TheOnePortal, configure the Mission integration with your Mission API URL
- Generate a Mission integration key (Settings → API → Integration Keys)
- Add the integration key to the Portal Mission integration configuration
What breaks if misconfigured: Members cannot log in or see their data in the portal. Portal shows a connection error. Verify the integration key is correct and the Mission API URL is reachable.
TheOneMigrate
Type: Data migration pipeline
Data flow:
- TheOneMigrate → Mission: Bulk create API calls for people, families, groups, donations, attendance
How it works: TheOneMigrate connects to your legacy system (e.g., RockRMS SQL Server), extracts and transforms data, then calls Mission's import API endpoints in batches of up to 500 records.
Authentication: Migration calls use the X-Integration-Key header.
Setup: Provide your Mission API URL and integration key to TheOneMigrate. See Migration and TheOneMigrate documentation.
The One Bus (Event Mesh)
Type: Internal event bus
Events Mission publishes:
| Event | When Published | Subscribers |
|---|---|---|
org.created | New org created | Brand (website provisioning) |
member.created | New member record | Hub (member sync) |
member.updated | Member record changed | Hub |
donation.created | Donation recorded | Receipts (email queue) |
event.created | New event created | Notifications |
group.updated | Group membership changed | Connections (graph rebuild) |
Mission uses fire-and-forget for bus events — the primary operation (e.g., creating a member) is not blocked if the bus event fails. All bus events are logged for debugging.
Stripe (Recurring Donations)
Type: Payment processing for recurring gifts
Status: Planned — integration is stubbed in the codebase but not yet active
What it will do: Charge recurring donation pledges automatically, create donation records in Mission for each charge, and handle failed payments with retry logic.
Current behavior: Recurring donation records are created and tracked, and the daily processor creates donation records, but actual charges require your payment processor to be triggered externally.
AWS SES (Email Delivery)
Type: Transactional email delivery
Data flow:
- Mission → SES: Donation receipts, event reminders, giving statements, member communications
How it works: All Mission outbound email routes through The One Stack's shared AWS SES configuration. No per-organization setup required.
What breaks if misconfigured: Donation receipts, event reminders, and communications fail silently. Check SES delivery logs if members report not receiving expected emails.
API Access
Pro plan organizations can access Mission's REST API for custom integrations.
Base URL: https://[your-mission-api].azurewebsites.net/api
Authentication: Use an integration key in the X-Integration-Key header for service-to-service calls. For member access, use the member session token.
Rate limits: 100 requests/minute per integration key. Contact support for higher limits.
Endpoints available via API:
- All core endpoints (members, families, donations, funds, events, groups, volunteers)
- Import endpoints for bulk data ingestion
- Report endpoints for dashboard and giving data
- Engine-specific endpoints (prayer, sermons, grants, etc.)
Full API reference documentation is available at /api-reference/mission once published.