API Interface Landscape Diagram

End-to-end API and interface view showing frontend APIs, internal service APIs, storage access interfaces, identity endpoints, outbound delivery interfaces, and observability ingestion
🔌
Frontend, Services, and External Interfaces
FRONTEND-FACING API INTERFACES
React SPA
Frontend consumer of controlled CMS APIs for all user-visible screens and actions
BFF
BFF API
Primary UI-facing interface exposing aggregated, screen-oriented endpoints
REST
REST / JSON Contract
Main application contract between browser and backend orchestration layer
AUTH
Authenticated API Calls
Requests are sent with token-backed identity context rather than anonymous access
The BFF acts as the main API facade for the frontend and routes UI-driven requests to the correct internal interfaces.
INTERNAL APPLICATION API LANDSCAPE
Internal service interfaces used by orchestration and protected backend flows
PRO
Profile API
Profile and contextual user data
ROS
Roster API
Roster and schedule interfaces
ATT
Attendance API
Attendance and status interfaces
EVT
Events API
Event-related service interface
PRD
Productivity API
Operational KPI and productivity access
WF
Workflow API
Submission, transition, tracking, and status endpoints
NT
Notification API
Internal notification reads, state updates, and trigger interfaces
DOC
Document API
Upload, metadata lookup, and secure retrieval interfaces
SRV
Internal Service Contracts
Protected service-to-service interfaces coordinated by the BFF
Internal services reach data systems and external interfaces only through backend-managed access interfaces, not through direct browser calls.
DATA ACCESS INTERFACES
FAB
Fabric Access Interface
Read-only backend data-access interface for curated enterprise analytical datasets
DDB
DocumentDB Access Interface
Operational read / write interface for workflow state, notifications, preferences, and metadata
ADLS
ADLS Access Interface
Backend-controlled upload / download and file object access interface for document content
IDENTITY & SECURITY INTERFACES
AAD
Azure AD Auth Endpoints
SSO, token issuance, and identity validation interfaces
JWT
Token Validation Interface
Protected APIs validate bearer tokens before serving business requests
RBAC
Authorization Decision Path
Role- and attribute-based policy checks govern access to backend interfaces
SEC
Protected Interface Boundary
The browser is outside the trust boundary; protected interfaces are enforced server-side
EXTERNAL INTEGRATION INTERFACES
IB
Infobip API
Outbound delivery interface used by notification flows for asynchronous message dispatch
DD
Datadog Ingestion Interface
Logs, traces, metrics, and observability signals are exported to Datadog
OBS
Operational Support Interfaces
Monitoring, alerting, and supporting telemetry operate outside the core domain service interfaces
INTERFACE LANDSCAPE PRINCIPLES
1
UI Uses BFF APIs
The browser consumes a stable orchestration interface rather than calling all backend APIs directly
2
Services Keep Clear Boundaries
Internal APIs stay separated by domain and shared-platform responsibilities
3
Data Access Is Mediated
Storage and analytics platforms are reached through backend interfaces, not direct client access
4
External Calls Stay Downstream
Delivery and observability integrations are downstream of protected backend business decisions
Frontend-facing interfaces Internal application APIs Data access interfaces Identity & security interfaces External integration interfaces Landscape principles
This API interface landscape diagram shows which interfaces are exposed to the frontend, which remain internal to backend service coordination, how data platforms are accessed, and how external delivery and observability APIs fit into the overall CMS integration model.