Application / Conceptual Architecture Diagram

Crew Management System – secure access, React presentation layer, BFF orchestration, domain services, shared platform services, data platforms, and enterprise support services

→ Secure Access

→ Frontend

→ BFF / Orchestration

→ Services

→ Data & Support

Users

👨‍✈️ 👩‍✈️ 👨‍✈️

Operational Users Daily operational access

🧑‍💼

Supervisors / Managers Approvals and oversight

👨‍💻

Admin Users Configuration and control

Secure Access Layer

🌐

Browser

Zscaler Enterprise-controlled access

Akamai WAF • DDoS • Bot protection • Edge caching

Azure Application Gateway Protected ingress and routing

Traffic follows a secured path. Backend services are not directly exposed.

Presentation Layer

React Web Application SPA frontend for CMS screens, dashboards, workflows, notifications, and document actions

Presentation only. Orchestration, authorization, and service coordination remain in backend layers.

Orchestration Layer

BFF

BFF / Orchestration Layer UI-facing APIs • Response aggregation • Service coordination • View-model shaping

Coordinates multi-service flows and reduces chatty frontend calls.

Services

Business Domain Services

Crew Profile Service

Roster Service

Attendance Service

Events Service

Leave Service

Trainings Service

Qualifications Service

Recruitment Service

Productivity Service

Shared Platform Services

Workflow Management Service

Notification Service

DOC

Document Management Service

Core modules are separated from shared reusable services to keep the architecture service-oriented and easier to evolve.

Data & Enterprise Support

Data & Storage

FAB

Microsoft Fabric Enterprise analytical data • Curated datasets • Read-only source

DDB

Azure DocumentDB Workflow states • Notifications • Preferences • File metadata

ADLS

ADLS Gen2 Uploads • Attachments • Exports • Downloadable artifacts

Enterprise Support Services

AAD

Azure AD Authentication • Identity provider • Token validation

Infobip Outbound email / notification delivery

Datadog Logs • Metrics • Traces • Monitoring

Data responsibilities are separated: Fabric for read-only enterprise data, DocumentDB for operational application state, and ADLS for file storage.

Domain Services → Microsoft Fabric
Read-only analytics and curated enterprise datasets

Workflow / Notification / Document Services → Azure DocumentDB
Operational application state, workflow records, preferences, and metadata

Document Management Service → ADLS Gen2
Uploads, attachments, exports, and file retrieval

Notification Service → Infobip
Outbound delivery for email and notification channels

React + BFF + Services → Azure AD
Authentication, SSO, and token validation

BFF + Services → Datadog
Logs, metrics, traces, and observability

      Access & presentation
      Orchestration
      Business domain services
      Shared platform services
      Data & storage
    

Main view covered: Users → Secure Access → React SPA → BFF / Orchestration → Domain Services + Shared Platform Services → Fabric / DocumentDB / ADLS, with Azure AD, Infobip, and Datadog integrated across the solution.