BFF Layer: Dashboard API

Source Code: cxt-io-dashboard-api

The Dashboard Layer, implemented by the CXT.IO.Dashboard.Api project, serves as a Backend-for-Frontend (BFF) for the Account Visibility feature. Its primary role is to provide a tailored API interface (specifically V2 for account settings) for client applications like Investec Online (IOL) or mobile apps, abstracting them from the complexities of underlying microservices, including the core cxt-account-settings-api.

This layer orchestrates calls to downstream services, handles data aggregation and transformation, and manages routing logic based on business units.

Key Responsibilities and Flow

1. Client Interaction: Client applications interact with the V2 endpoints exposed by the AccountSettingsController (e.g., GET /api/v2/account-settings and POST /api/v2/account-settings).

2. Service Orchestration: The controller delegates requests to the IAccountSettingsV2Service (documented in BFF Core Services). This service is the core of the BFF logic for V2 account settings.

3. Dynamic Endpoint Routing & Aggregation:

   • The AccountSettingsV2Service uses a configuration file, asendpoints.json, to identify the base URLs of various downstream Account Settings API instances. Each downstream instance is typically associated with a specific BusinessUnit.
   • For retrieving settings, the service calls all configured downstream endpoints and aggregates their responses.
   • For saving settings, the service routes the save operation to the correct downstream API based on the business unit of each account.

4. Data Model Transformation:

   • The BFF uses its own V2-specific models for client interaction (e.g., AccountSettingsV2ResponseModel, AccountSettingsV2SaveRequestModel).
   • The AccountSettingsV2Service transforms these BFF V2 models to and from the V1 models expected by the downstream API.

5. Authenticated Downstream Calls:

   • To securely communicate with downstream APIs, the AccountSettingsV2Service utilizes the IJwtAccessTokenService (documented in BFF Authentication Services). This service acquires JWT bearer tokens, ensuring the BFF is authenticated for server-to-server calls.

How it Connects Layers

• Client Applications -> Dashboard API (BFF): Clients make calls to the V2 endpoints on AccountSettingsController.
• Dashboard API (BFF) -> Core Account Settings API (cxt-account-settings-api):
  • The AccountSettingsV2Service in the BFF acts as a client to the cxt-account-settings-api.
  • Important Versioning Note: The V2 service in the BFF interacts with V1 endpoints of the cxt-account-settings-api.
  • This interaction is dynamic, governed by asendpoints.json.
  • Communication is secured using JWT tokens.

In essence, the Dashboard Layer (BFF) decouples client applications from the specific versioning and deployment topology of the core Account Settings API. It provides a stable V2 contract for account visibility and handles the necessary adaptation, aggregation, and routing to one or more V1 downstream services.