1. The Business Problem
Excel: The Enterprise's Hidden Business Logic Layer
Large organizations rely on Excel for critical business calculations. These spreadsheets encode years of business knowledge, regulatory requirements, and edge-case handling. They are trusted, audited, and battle-tested.
| Domain | Examples |
|---|---|
| Tax & Compliance | VAT calculations, tax residency rules, transfer pricing models |
| Financial Services | Loan amortization, risk scoring, portfolio valuations |
| Insurance | Premium calculations, actuarial models, claims processing |
| Consulting | Fee calculations, resource pricing, engagement scoping |
| Manufacturing | Bill of materials, cost rollups, margin calculations |
The Challenge: Scaling Excel Logic
Excel works well for individual analysts but fails when you need to embed calculations in web applications, process thousands of calculations per minute, or integrate with automation workflows.
Traditional solutions require rewriting Excel logic in code—a process that takes months, introduces calculation discrepancies, and creates maintenance burden.
2. Architecture Overview
SpreadAPI consists of two deployment models:
Cloud (spreadapi.io)
- Multi-tenant SaaS
- Managed infrastructure
- Data stored in our cloud
- Suitable for non-sensitive workloads
On-Premises (Runtime)
- Single-tenant, your infrastructure
- Docker/Kubernetes deployment
- Data never leaves your network
- Full data sovereignty
Core Technology
SpreadAPI is powered by an enterprise-grade Excel engine, supporting 500+ Excel functions including modern array functions (XLOOKUP, FILTER, SORT, UNIQUE, SEQUENCE, LET, LAMBDA). It handles complex dependencies and processes calculations in milliseconds.
3. On-Premises Deployment
SpreadAPI Runtime is a lightweight, self-contained calculation server designed for on-premises deployment. It executes Excel-based services within your infrastructure, ensuring complete data isolation.
| Deployment | Docker container or Node.js application |
| Storage | Local file system (no external database required) |
| Network | No outbound connections required |
| Updates | Manual container updates (you control the schedule) |
| Scaling | Horizontal scaling via container orchestration |
4. Data Flow & Compliance Architecture
The Zero-Cloud-Storage Workflow
For maximum compliance, SpreadAPI supports a workflow where no sensitive data ever touches external infrastructure:
Import Excel, define inputs/outputs, test calculations. Everything stays in browser memory.
Click "Export for Runtime" to download a JSON file containing your service configuration.
Run SpreadAPI Runtime on your servers. Upload the service package. Your API is live—internally.
Enterprise Mode: Disabled Cloud Storage
For organizations requiring absolute assurance, we offer Enterprise Mode where the "Save to Cloud" functionality is completely disabled. Even accidental data leakage is architecturally impossible.
5. Security Model
Layer 1: Network Isolation
Runs entirely within your network perimeter. No required outbound internet connectivity. Compatible with air-gapped environments.
Layer 2: Container Isolation
Runs in isolated Docker container. Minimal attack surface (Node.js runtime only). No database dependencies.
Layer 3: Calculation Isolation
Each calculation runs in isolated context. No shared state between requests. Memory cleared after each execution.
Layer 4: API Security
Optional authentication (API keys, OAuth, custom). Rate limiting per endpoint. Request/response logging.
What Data is Stored?
| Data Type | Location |
|---|---|
| Service definitions | Local JSON files |
| Workbook data | Local JSON files |
| Request logs | Local log files (configurable) |
| Calculation cache | In-memory only (cleared on restart) |
| Input/output values | NOT stored (processed, not persisted) |
6. Deployment Options
Docker Deployment (Recommended)
# Pull the image docker pull spreadapi/runtime:latest # Create directories mkdir -p services logs # Start the container docker run -d -p 3001:3001 \ -v ./services:/app/services \ -v ./logs:/app/logs \ spreadapi/runtime:latest # Verify health curl http://localhost:3001/api/health
Cloud Platform Options
| Azure | Azure Container Instances or AKS |
| AWS | ECS Fargate or EKS |
| GCP | Cloud Run or GKE |
All major cloud providers support Docker containers within your private VPC/VNet, ensuring data never traverses public networks.
7. Technical Specifications
API Endpoints
| Endpoint | Method | Description |
|---|---|---|
| /api/health | GET | Health check and version info |
| /api/services | GET | List deployed services |
| /api/services/{id} | GET | Service metadata and schema |
| /api/execute/{id} | GET/POST | Execute calculation |
| /api/upload | POST | Deploy new service package |
Supported Excel Features
SUM, SUMIF, SUMIFS, SUMPRODUCT, ROUND...
AVERAGE, MEDIAN, STDEV, PERCENTILE...
NPV, IRR, PMT, FV, PV, RATE, XNPV, XIRR
VLOOKUP, HLOOKUP, INDEX, MATCH, XLOOKUP
FILTER, SORT, UNIQUE, SEQUENCE, SORTBY
LET, LAMBDA, spill ranges
Performance
| Cold start (first calculation) | 200-500ms |
| Warm calculation | 10-50ms |
| Complex workbook (1000+ formulas) | 50-200ms |
| Memory per service | ~10-50MB |
8. Compliance Checklist
IT Security Review Checklist
Supporting Your Compliance Requirements
SpreadAPI Runtime's on-premises architecture is designed to fit within your existing compliance framework. The Runtime has no external dependencies, no outbound connections, and stores no data outside your network.
Note: SpreadAPI Runtime is a software component that runs in your infrastructure. Compliance certification is your organization's responsibility based on your overall security posture.
Ready to Get Started?
Contact us to discuss your enterprise requirements.