XMA Limited

XMA Skuid (managed AWS deployment)

Skuid allows companies and agencies to build user friendly applications on their existing systems, specifically Salesforce without having to write and maintain custom code. Skuid is 100% native to Salesforce and is delivered as a managed package or an AWS-hosted service.


  • Low-code application development toolkit for Salesforce apps
  • Installed as a managed AWS service
  • Visual data modelling environment enables declarative development
  • Supports Salesforce custom/standard objects, SQL, REST APIs & oData
  • Logic framework enabling custom workflows and data operations
  • Drag-and-drop UI components multi-object on one page
  • 30+ components including grids, wizards and forms
  • Code extensibility with Javascript and HTML
  • Design System Studio define and apply custom UI styles
  • Supports Salesforce Sales/Service cloud, Community, Heroku


  • Customise Salesforce apps to the way your users work
  • Streamline and digitise business processes faster and for less
  • Maximise Salesforce investment when technical resources constrained.
  • Accelerate projects to deliver user needs with little code
  • Adaptive data and logic capabilities beyond standard UIs
  • Accelerate projects so you can deliver user needs quickly
  • Tooling landscape with a unified composer for data, logic, UI
  • Branded experience with components styled to your design
  • Beautifully centralise everything users need in one place


£13.26 a user a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@xma.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 12

Service ID

9 9 5 0 9 8 8 7 3 8 6 8 7 2 3


XMA Limited Nancy Clayton-Schofield
Telephone: 0115 846 4000
Email: bidteam@xma.co.uk

Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
Skuid for AWS runs as a managed service on AWS infrastructure.
System requirements
Skuid for AWS is required to run on AWS infrastructure.

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Depending on severity and priority between 1 - 4 hours. Coverage hours are 9AM-3AM CET from Monday-Friday
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Premium Support - 30% of software license ARR
Phone, email and ticket management support from M-F 3am–9 pm ET (9am-3amCET)
Five named contacts with support access to open cases by phone or email** using the
secure case management system
Accelerated response times based on service level goals (SLGs)
Named primary support engineer
Unlimited support cases
Escalation updates, actions, and management calls
Quarterly business reviews
Case management services from named primary Technical Support Engineer

Essential Support - 15% of software license ARR
Phone email and ticket management support from M-F 3am–9 pm ET (9am-3amCET)
Response times based on service level goals (SLGs)
Two named contacts with support access to open cases by phone or email using the
secure case management system
Case management services from a Skuid Technical Support Engineer
Quarterly open and closed case reporting
Assigned support engineer (from pool)
Support available to third parties

Onboarding and offboarding

Getting started
Remote live training 2-4 days
In person training 2-4 days
Online self paced tutorials
Remote live workshops - 2 hours
Professional services geared toward teaching while building a solution
Regular webinars
Service documentation
Documentation formats
End-of-contract data extraction
All data is stored in existing core systems and not in Skuid and is therefore available at the end of a contract without a need to extract.
End-of-contract process
A paid contract allows per user access to build and run Skuid applications. If a contract term ends and there is not renewal, then access to Skuid will be disabled.

Using the service

Web browser interface
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Compatible operating systems
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
Designed for use on mobile devices
Differences between the mobile and desktop service
Skuid allows you to develop responsive web apps that can run in a desktop or mobile browser.
Service interface
What users can and can't do using the API
Skuid provides an API to access Javascript objects and functions that can be used to interact with models, components, and other elements of Skuid. These APIs are an essential part of customizing Skuid with code—whether through snippets or custom components.

The Page XML API is a REST API for the development and distribution of Skuid pages. You can access your Skuid page’s XML programmatically through the Page XML API without going through the Page Composer.

Some use cases include:

Integrating your Skuid development process into an existing development workflow
Pushing Skuid pages to target orgs as part of a Continuous Integration/deployment process
Deploying individual pages into a target org. This method allows you to avoid using Page Packs and copying/pasting XML into new pages in the target org.
You can interact with the Page XML API by using your preferred development tool or by using skuid-grunt, a tool designed specifically for extending your development processes to Skuid pages.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
Skuid’s Javascript API can be used for customization such as creating snippets, and building powerful, custom Skuid components. Custom UI styling can also be created to adhere to design systems and custom design specifications. Custom branding is also possible.


Independence of resources
Skuid on AWS leverages AWS Auto-scaling to adjust server capacity and AWS Elastic Load Balancers to distribute network traffic across servers.


Service usage metrics
Metrics types
License usage, login usage
Reporting types
  • API access
  • Regular reports
  • Reports on request


Supplier type
Reseller providing extra support
Organisation whose services are being resold

Staff security

Staff security clearance
Other security clearance
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Other data at rest protection approach
Skuid for AWS does not store customer data. Customer data is resident on customer and/or partner database service providers and is connected to Skuid via a Skuid Data Source Type. Access to customer data is the responsibility of the customer. Customer and/or partner database service providers are responsible for the availability and security of customer data and ensuring the appropriate controls are in place for data management and security as defined in the customer's agreement with their database service providers.
Data sanitisation process
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Skuid does not store customer data. Skuid stores meta data for applications.
Data export formats
Other data export formats
Data import formats
Other data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
Other protection within supplier network
Skuid for AWS runs within an AWS VPC (Virtual Private Cloud) utilizing network sementation, security groups, and protected APIs.

Availability and resilience

Guaranteed availability
Skuid for AWS runs within an AWS Virtual Private Cloud (VPC) and Skuid is responsible for managing everything within the VPC which is implemented in a high availability configuration. Skuid for AWS does not have a stated SLA beyond the AWS SLA, but provides status here: https://status.skuid.com/. Skuid for AWS runs on AWS who are responsible for managing the physical infrastructure and facilities the Skuid for AWS VPC runs on. The AWS SLA is described here: https://aws.amazon.com/compute/sla/.
Approach to resilience
Skuid for AWS leverages an orchistrated, containerized architecture with redundant server clusters in multiple AWS Availability zones.
Outage reporting
Status of Skuid for AWS is available via an online dashboard managed by Skuid (https://status.skuid.com/).

Identity and authentication

User authentication needed
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Users can authenticate using a username and password or with integration to a SAML compliant IDP.
Access restriction testing frequency
At least once a year
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
No audit information available
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications
  • Skuid for AWS inherits AWS certifications for hardware and software
  • Managed by AWS https://aws.amazon.com/compliance/

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
Other security governance standards
Skuid maintains a SOC 2 Type 2 on Skuid for AWS.
Information security policies and processes
All policy enforcement is the responsibility of the Senior Director Technology Operations.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Design, development, review, testing, deployment. Full change management process available on request.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Threats are assessed on an ongoing basis via Github/Quay vulnerability monitoring, DAST, static code analysis, and various online resources such as US-CERT and NVD. Remediation timetable is determined by severity of the issue as it pertains to Skuids particular environment.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Skuid for AWS utilizes an IDS along with numerous AWS managed services and a 3rd party log aggrigation and monitoring service. Skuid also leverages an alerting system to notify on-call personnel if any incident or suspected incident occurs.
Incident management type
Supplier-defined controls
Incident management approach
Skuid maintains an incident management policy and related process which includes: Defined reporting lines for internal and external users, steps for discovery, triage, working the issue and root cause analysis. Full policy and process available on request.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£13.26 a user a month
Discount for educational organisations
Free trial available
Description of free trial
Full capabilities for a limited time
Link to free trial

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@xma.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.