API Layer: Account Settings API

This section provides a comprehensive overview of the Account Settings API, which forms the core of the API Layer for the Account Visibility project. This centralized service is designed to manage account visibility and settings functionality across all Investec business units, enabling a consistent client experience for showing and hiding accounts on Investec Online and other digital platforms.

Purpose

The Account Settings API aims to:

• Replace previous solutions that had limitations in scalability and manageability.
• Enable any Business Unit (BU) to provision account settings functionality without depending on a central team (like the One Place team).
• Create a unified and standardized approach to account visibility management across Investec's digital platforms.

Prerequisites for Development

To work with the Account Settings API, developers will need the following:

• .NET 8.0 SDK: Ensure this version of the .NET SDK is installed. (Download Here)
• Azure Cosmos DB Emulator: For local development and testing against a mock database. (Download Here)
• IDE: A suitable Integrated Development Environment such as Visual Studio 2022, JetBrains Rider, or Visual Studio Code.

Getting Started with the API Code

1. Clone the Repository: Obtain the source code for the cxt-account-settings-api by cloning its repository from Azure DevOps to your local machine.
2. Open the Solution: Use your preferred IDE (Visual Studio 2022, Rider, or VS Code) to open the solution file.
3. Configure Application Settings:
   • Navigate to the appsettings.json file within the API project.
   • Under the AzureAd section, add your application-specific Azure AD application ClientId.
4. Database Setup (for local testing):
   • The API is configured to automatically create an SQLite database upon application startup for local testing purposes.
   • This serves as an in-memory database until a dedicated SQL database instance (or another preferred database) is configured for development or staging environments.
5. Run the Application: Once configured, the API should be ready to run from your IDE.

Architecture Overview

The Account Settings API is built on Azure and leverages a variety of Azure services for its operation. The architecture is designed for scalability, security, and maintainability.

Key Azure Components:

• Network Infrastructure:
  • Virtual Network: Isolates resources.
  • Network Security Group (NSG): Controls traffic with rules for Application Insights and Investec IPs.
  • Container Apps Subnet: Dedicated subnet for Container Apps.
• Identity & Security:
  • User-Assigned Managed Identity: Provides secure, passwordless access to Azure resources.
  • Key Vault: Securely stores secrets (e.g., API keys, connection strings) with network isolation.
  • App Configuration: Manages application settings and feature flags.
• Compute Resources:
  • Container App Environment: A managed environment for hosting containerized applications.
  • Container App: Hosts the Account Settings API application itself.
• Monitoring & Logging:
  • Log Analytics Workspace: Central repository for logs from various Azure services.
  • Application Insights: Provides application performance monitoring (APM) and tracks API behavior.
• AI Services (if applicable for future enhancements):
  • Azure OpenAI (Cognitive Services): For potential AI-driven features.
  • GPT-4o-mini Model: A specific AI model that could be leveraged.

Resource Access Patterns:

• The Container App (hosting the API) accesses Key Vault, App Configuration, and potentially Azure OpenAI using a User-Assigned Managed Identity for enhanced security.
• Network Security Groups protect resources from unauthorized access.
• Log Analytics centralizes logging from all components for easier troubleshooting and monitoring.

Further Documentation

• For more in-depth technical details, API endpoint specifications, and data flows, refer to the subsequent pages in this section.
• The original (potentially internal) documentation can be found here (requires Confluence access): Account Settings Documentation

Subsequent pages will delve into the specific API endpoints, request/response models (linking back to the NuGet package where applicable), and overall data flow through this API layer.