Kontakas

Inspiration

Form.io

What it does

Kontakas is a serverless, multi-tenant contact form processing API built entirely on AWS Lambda. Instead of building separate backends for each client project, we created one scalable solution that serves contact forms for multiple organizations from a single deployment.

Key capabilities:

• Multi-tenant Architecture: Single API serves unlimited clients with isolated configurations
• Serverless Contact Form Processing: Handles form submissions from 1 to 1000+ per second automatically
• Spam Protection: Google reCAPTCHA integration with organization-specific keys
• Professional Email Notifications: Custom HTML/text templates sent via AWS SES
• Flexible Processing Pipeline: Each client can have different validation rules and notification workflows
• Environment-Aware Configuration: Separate dev/prod settings with feature flags
• Real-time Validation: Comprehensive form validation with detailed error responses

As developers working with multiple clients, we were constantly rebuilding the same contact form functionality for every project. Kontakas eliminates this repetition by providing a production-ready API that can onboard new clients in minutes rather than days.

How we built it

Multi-Tenant Architecture

We designed Kontakas using a sophisticated serverless architecture that serves multiple clients from a single deployment:

Core Components

1. Lambda Handler (/handlers/send-contactus-form/): Single entry point that routes and processes forms for all clients
2. Multi-tenant Data Layer:
   • Organizations: Each client gets their own organization with admin settings
   • Forms: Multiple forms per organization with different processing rules
   • Connectors: Client-specific integrations (email providers, reCAPTCHA keys, etc.)
3. Procedure Pipeline: Extensible processing system where each client can have custom workflows
4. Integration Layer: Modular connectors for AWS SES, reCAPTCHA, and future services

Tech Stack

• Runtime: Node.js 20.x with TypeScript
• Build Tool: esbuild for optimized bundling and cold start performance
• Validation: Yup schemas with client-specific rules
• Email Service: AWS SES with per-client configurations
• Security: Google reCAPTCHA v2/v3 with organization-specific keys
• Infrastructure: AWS SAM (Serverless Application Model)
• Monitoring: CloudWatch with structured logging across all tenants

Development Experience

We implemented a comprehensive development setup with:

• Hot reload and automatic rebuilding
• Local SAM API server for testing
• Environment-specific configurations (dev/prod)
• Concurrent build watching for rapid iteration

Challenges we ran into

1. Multi-Tenant Security & Isolation

Challenge: Ensuring each client's data and configurations remain completely isolated while sharing the same Lambda function. Solution: We implemented organization-based access control where each form submission is validated against the correct organization's connectors and settings.

2. Cold Start Optimization Across Tenants

Challenge: Lambda cold starts affecting response times for all clients, especially problematic in a multi-tenant environment. Solution: We implemented esbuild with tree shaking, optimized bundle size to minimize cold starts, and used 128MB memory allocation for the sweet spot between cost and performance.

3. Scalable Configuration Management

Challenge: Managing different email providers, reCAPTCHA keys, and processing rules for multiple clients without code changes. Solution: We created a flexible connector system where each organization can have multiple connectors with their own configurations, stored as data rather than code.

4. Flexible Processing Pipeline

Challenge: Different clients needing different form processing logic while sharing the same Lambda function. Solution: We built an abstract procedure handler system where each form can have multiple processing steps defined declaratively, allowing complete customization per client.

5. Environment Configuration for Multiple Clients

Challenge: Testing different client configurations in development vs production environments. Solution: We leveraged SAM parameters with separate samconfig-dev.toml and samconfig-prod.toml files, allowing client-specific features like reCAPTCHA to be configured independently.

6. Centralized Error Handling

Challenge: Providing meaningful error messages while maintaining security across all clients and different failure scenarios. Solution: We implemented structured error responses with field-level validation messages and centralized error handling that works consistently for all tenants.

Accomplishments that we're proud of

Elegant Multi-Tenant Architecture

We successfully built a single Lambda function that can serve unlimited clients with completely isolated configurations. Each organization has its own email settings, reCAPTCHA keys, and processing workflows.

Performance Optimization

Our cold start optimization reduced Lambda startup time to under 200ms, making the API feel instant for users across all client websites.

Developer Experience

We created a seamless development workflow with hot reload, local testing, and one-command deployment that works for the entire multi-tenant system.

Production-Ready Security

Implemented comprehensive validation, spam protection, and error handling that maintains security across all tenants while providing helpful feedback.

Scalable Design

The architecture can handle everything from personal portfolios to enterprise applications, automatically scaling based on demand across all clients.

Cost Efficiency

All clients share the same Lambda function, meaning we pay only for actual usage across all tenants - typically sub-penny per form submission.

What we learned

Multi-Tenant Design Patterns

We learned how to build a single API that can securely serve multiple clients with isolated configurations, which is much more complex than single-tenant applications.

AWS Lambda at Scale

We mastered event-driven, serverless applications that scale automatically across multiple clients, understanding the nuances of memory allocation, timeout configuration, and cold start optimization.

Infrastructure as Code

We implemented AWS SAM for defining and deploying one infrastructure stack that serves everyone, learning how to manage environment-specific configurations effectively.

Flexible Configuration Management

We built a connector system allowing each client to use their preferred email providers and security settings, learning how to make systems configurable without code changes.

Serverless Monitoring

We learned how to implement structured logging and monitoring across a multi-tenant system, making it easy to debug issues for specific clients.

What's next for Kontakas

Immediate Architecture Improvements

• Database Migration: Move organizations, forms, and connectors from static data files to a proper database (DynamoDB) for dynamic configuration management
• S3 Email Template Storage: Extract email templates from the build and store them in S3 as text files, allowing runtime template updates without redeployment
• Event-Driven Processing: Implement AWS EventBridge for form procedure processing to make the API Gateway handler more lightweight and enable asynchronous workflows

Additional Enhancements

• Additional Email Providers: Add SendGrid, Mailgun, and other email service connectors
• Advanced Analytics: Build a dashboard showing form submission metrics across all clients
• Webhook Integrations: Allow clients to connect forms to their CRM systems and third-party services

Enterprise Features

• Advanced Security: Implement rate limiting per organization and advanced threat detection
• Custom Validation Rules: Let clients define their own validation logic through a configuration interface

Developer Experience

• Visual Form Builder: Create a UI for clients to configure forms without touching code
• Real-time Testing: Build a testing interface where clients can test their forms before going live

Business Model

• SaaS Platform: Transform into a full SaaS offering with subscription tiers
• Marketplace Integration: Connect with website builders and CMS platforms

Built With

• amazon-web-services
• gatewayapi
• lambda
• node.js
• sendgrid
• typescript