-
Notifications
You must be signed in to change notification settings - Fork 78
Expand file tree
/
Copy pathllms-full.txt
More file actions
1946 lines (1612 loc) · 67.1 KB
/
Copy pathllms-full.txt
File metadata and controls
1946 lines (1612 loc) · 67.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
# ARC API by SourceFuse — Full Documentation
> ARC API is an open-source Rapid Application Development framework built on LoopBack 4 for developing cloud-native enterprise microservices. It provides 16 pre-built, production-ready microservices with multi-tenant support, standardized authentication, and deployment flexibility across private and public clouds.
## Table of Contents
1. [Overview](#overview)
2. [Architecture](#architecture)
3. [Core Packages](#core-packages)
4. [Microservices — Detailed API Documentation](#microservices)
5. [Database Schemas](#database-schemas)
6. [Configuration & Environment Variables](#configuration)
7. [Migration Guide](#migration-guide)
8. [Deployment Instructions](#deployment)
9. [Troubleshooting FAQs](#troubleshooting)
---
## Overview
- **License:** MIT
- **Framework:** LoopBack 4 (TypeScript/Node.js), NestJS compatible
- **Monorepo:** Lerna 9.x + npm Workspaces (independent versioning)
- **Documentation:** https://sourcefuse.github.io/arc-docs/arc-api-docs
- **Repository:** https://github.com/sourcefuse/loopback4-microservice-catalog
- **CLI:** `npm install -g @sourceloop/cli`
- **Node.js:** Required (LTS recommended)
- **From v5 onwards:** CLI supports workspaces with npm managing dependencies (migration from Lerna v4)
---
## Architecture
### Monorepo Structure
```
loopback4-microservice-catalog/
├── packages/ # 7 Core packages and utilities
│ ├── core/ # @sourceloop/core — Foundation framework
│ ├── cli/ # @sourceloop/cli — Scaffolding CLI
│ ├── cache/ # @sourceloop/cache — Caching utilities
│ ├── feature-toggle/# @sourceloop/feature-toggle — Feature flags
│ ├── file-utils/ # @sourceloop/file-utils — File handling
│ ├── ocr-parser/ # @sourceloop/ocr-parser — OCR parsing
│ └── custom-sf-changelog/ # Changelog generator
├── services/ # 16 Microservices
│ ├── audit-service/
│ ├── authentication-service/
│ ├── bpmn-service/
│ ├── chat-service/
│ ├── feature-toggle-service/
│ ├── in-mail-service/
│ ├── notification-service/
│ ├── oidc-service/
│ ├── payment-service/
│ ├── reporting-service/
│ ├── scheduler-service/
│ ├── search-service/
│ ├── survey-service/
│ ├── task-service/
│ ├── user-tenant-service/
│ └── video-conferencing-service/
├── sandbox/ # 30+ Example/demo applications
├── powers/ # 17 Kiro IDE Powers
├── lerna.json # Lerna monorepo configuration
└── package.json # Root workspace configuration
```
### Common Patterns Across All Services
- **Authentication & Authorization:** loopback4-authentication and loopback4-authorization
- **JWT Support:** Symmetric and asymmetric key verification
- **Multi-Tenancy:** Built-in tenant isolation via TenantGuardMixin
- **Soft Delete:** loopback4-soft-delete mixin for logical deletes
- **Audit Logging:** @sourceloop/audit-log integration
- **ORM:** LoopBack 4 Repository pattern with optional Sequelize support
- **API Docs:** OpenAPI/Swagger auto-generated specifications
- **Sequence Handlers:** ServiceSequence (internal), SecureSequence (with helmet + rate limiting), CasbinSecureSequence (resource-level authz)
---
## Core Packages
### @sourceloop/core (v20.0.6)
The foundation package providing shared utilities for all services.
**Components:**
1. `BearerVerifierComponent` — Asymmetric/symmetric JWT token verification
2. `LoggerExtensionComponent` — Structured logging with context and status codes
3. `SwaggerAuthenticateComponent` — Swagger UI authentication
4. `TenantUtilitiesComponent` — Multi-tenancy support with tenant guard
5. `DynamicDatasourceComponent` — Dynamic datasource switching based on tenant/conditions
6. `ProxyBuilderComponent` — Proxy building utilities
**Models:**
- `BaseEntity` — Base model with ID and timestamps
- `UserModifiableEntity` — Adds createdBy/modifiedBy tracking
- `SuccessResponse` — Standard success API response
- `UpsertResponse` — Upsert operation response
**Repositories:**
- `DefaultUserModifyCrudRepository` — CRUD operations with user modification tracking
- `SequelizeUserModifyCrudRepository` — Sequelize ORM variant
**Mixins:**
- `CacheMixin` — Repository caching support
- `TenantGuardMixin` — Tenant isolation enforcement
**Decorators:**
- `@txIdFromHeader()` — Transaction ID from request headers
- `@tenantGuard()` — Repository-level tenant isolation
**Sequence Handlers:**
- `ServiceSequence` — Internal secure API authentication/authorization
- `SecureSequence` — Includes helmet, rate limiting, auth, authz
- `CasbinSecureSequence` — Resource-level authorization using Casbin
**Sub-exports:**
- `@sourceloop/core/sequelize` — Sequelize support
- `@sourceloop/core/dynamic-datasource` — Dynamic datasource component
### @sourceloop/cli (v12.2.6)
Unified CLI for scaffolding and managing SourceLoop projects.
**Commands:**
- `sourceloop scaffold` — Scaffold new applications
- `sourceloop microservice` — Create a new microservice
- `sourceloop extension` — Create a local extension package
- `sourceloop angular:scaffold` — Scaffold Angular frontend
- `sourceloop react:scaffold` — Scaffold React frontend
- `sourceloop update` — Update dependencies
- `sourceloop cdk` — AWS CDK deployment setup
- `sourceloop mcp` — MCP server for AI integration
### @sourceloop/cache (v6.0.6)
Redis-based caching extension for LoopBack 4 microservices.
**Usage:**
```typescript
// Apply CacheMixin to a repository
export class MyRepository extends CacheMixin(DefaultCrudRepository) {
// Repository methods are automatically cached
}
// Use decorators on controller methods
@cachedItem()
async find(): Promise<MyModel[]> { ... }
@cacheInvalidator()
async create(data: MyModel): Promise<MyModel> { ... }
```
### @sourceloop/feature-toggle (v6.0.6)
Feature flag extension with decorator-based feature checking.
**Usage:**
```typescript
// Single feature check
@featureFlag({featureKey: 'FEATURE_KEY'})
async myMethod() { ... }
// Multiple features with AND/OR logic
@featureFlag({featureKey: ['FEATURE_A', 'FEATURE_B'], options: {operator: 'AND'}})
async myMethod() { ... }
```
**Filtering Strategies:**
- `AndFilterStrategy` — Requires all features enabled
- `OrFilterStrategy` — Requires at least one feature enabled
### @sourceloop/file-utils (v0.5.6)
File upload and multipart utilities.
**Decorators:**
- `@multipartRequestBody(Model)` — Multipart/form-data requests
- `@file(schema, fileFields, allowedExtensions)` — Single file upload
- `@fileProperty()` — Model property for file fields
**Storage Engines:**
- In-memory storage (default)
- `MulterS3Storage` — AWS S3 integration (via `@sourceloop/file-utils/s3`)
**Validators:**
- `FileTypeValidator` — MIME type validation
- `FileNameValidator` — Filename character validation
- `ClamAVValidator` — Virus scanning (via `@sourceloop/file-utils/clamav`)
---
## Microservices — Detailed API Documentation
### 1. Authentication Service (@sourceloop/authentication-service v24.1.6)
Multi-tenant authentication microservice with comprehensive OAuth support.
**Features:**
- OAuth providers: Google, Apple, Facebook, Instagram, Keycloak, Azure AD, Auth0
- SAML authentication
- OTP and Two-Factor Authentication (TOTP via authenticator apps)
- JWT token generation, validation, and rotation
- Multi-tenant user management
- Daily active user tracking
- Login activity logging
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| GET | `/.well-known/openid-configuration` | Get OpenID Connect discovery configuration |
| POST | `/connect/token` | Get access and refresh tokens |
| POST | `/connect/endsession` | Logout user and invalidate session |
| POST | `/connect/generate-keys` | Generate public and private JWT key pairs |
| GET | `/connect/get-keys` | Get public keys for token verification |
| POST | `/connect/rotate-keys` | Rotate JWT signing keys |
| GET | `/connect/userinfo` | Get current authenticated user details |
| GET | `/active-users/{range}` | Get active user count for date range |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| NODE_ENV | Yes | Environment (production/development) |
| LOG_LEVEL | Yes | Logging level |
| DB_HOST | Yes | PostgreSQL host |
| DB_PORT | Yes | PostgreSQL port |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name |
| DB_SCHEMA | Yes | Database schema |
| REDIS_HOST | Yes | Redis host for token caching |
| REDIS_PORT | Yes | Redis port |
| REDIS_URL | No | Redis connection URL |
| REDIS_PASSWORD | No | Redis password |
| REDIS_DATABASE | No | Redis database index |
| JWT_SECRET | Yes | JWT signing secret (symmetric) |
| JWT_ISSUER | Yes | JWT token issuer |
| PRIVATE_DECRYPTION_KEY | No | Private key for asymmetric JWT |
| USER_TEMP_PASSWORD | No | Default temp password for new users |
| FORGOT_PASSWORD_LINK_EXPIRY | No | Password reset link TTL in minutes (default: 30) |
| MAX_JWT_KEYS | No | Maximum JWT key pairs to maintain (default: 2) |
| JWT_PRIVATE_KEY_PASSPHRASE | No | Passphrase for JWT private key |
| API_BASE_URL | No | Base URL for API |
| AUTH_MIGRATION | No | Set to run database migrations on startup |
| GOOGLE_AUTH_URL | No | Google OAuth authorization URL |
| GOOGLE_AUTH_CLIENT_ID | No | Google OAuth client ID |
| GOOGLE_AUTH_CLIENT_SECRET | No | Google OAuth client secret |
| GOOGLE_AUTH_TOKEN_URL | No | Google OAuth token URL |
| GOOGLE_AUTH_CALLBACK_URL | No | Google OAuth callback URL |
| GOOGLE_TOKEN_INFO_URL | No | Google token info verification URL |
| FACEBOOK_AUTH_URL | No | Facebook OAuth URL |
| FACEBOOK_AUTH_CLIENT_ID | No | Facebook OAuth client ID |
| FACEBOOK_AUTH_CLIENT_SECRET | No | Facebook OAuth client secret |
| FACEBOOK_AUTH_TOKEN_URL | No | Facebook OAuth token URL |
| FACEBOOK_AUTH_CALLBACK_URL | No | Facebook OAuth callback URL |
| APPLE_AUTH_URL | No | Apple OAuth URL |
| APPLE_AUTH_CLIENT_ID | No | Apple OAuth client ID |
| APPLE_AUTH_TEAM_ID | No | Apple developer team ID |
| APPLE_AUTH_KEY_ID | No | Apple key ID |
| APPLE_AUTH_CALLBACK_URL | No | Apple OAuth callback URL |
| INSTAGRAM_AUTH_URL | No | Instagram OAuth URL |
| INSTAGRAM_AUTH_CLIENT_ID | No | Instagram OAuth client ID |
| INSTAGRAM_AUTH_CLIENT_SECRET | No | Instagram OAuth client secret |
| INSTAGRAM_AUTH_TOKEN_URL | No | Instagram OAuth token URL |
| INSTAGRAM_AUTH_CALLBACK_URL | No | Instagram OAuth callback URL |
| SAML_URL | No | SAML Identity Provider URL |
| SAML_CLIENT_ID | No | SAML client ID |
| SAML_CLIENT_SECRET | No | SAML client secret |
| SAML_TOKEN_URL | No | SAML token URL |
| SAML_CALLBACK_URL | No | SAML callback URL |
| KEYCLOAK_HOST | No | Keycloak server host |
| KEYCLOAK_REALM | No | Keycloak realm |
| KEYCLOAK_CLIENT_ID | No | Keycloak client ID |
| KEYCLOAK_CLIENT_SECRET | No | Keycloak client secret |
| KEYCLOAK_CALLBACK_URL | No | Keycloak callback URL |
| AZURE_AUTH_ENABLED | No | Enable Azure AD authentication (0/1) |
| AZURE_IDENTITY_METADATA | No | Azure AD OpenID configuration URL |
| AZURE_AUTH_CLIENT_ID | No | Azure AD application client ID |
| AZURE_AUTH_REDIRECT_URL | No | Azure AD redirect URL |
| AZURE_AUTH_CLIENT_SECRET | No | Azure AD client secret |
| AZURE_AUTH_ALLOW_HTTP_REDIRECT | No | Allow HTTP redirects (0/1) |
| AZURE_AUTH_VALIDATE_ISSUER | No | Validate Azure AD issuer (0/1) |
| AZURE_AUTH_CLOCK_SKEW | No | Clock skew tolerance in seconds (default: 300) |
| AUTH0_DOMAIN | No | Auth0 domain |
| AUTH0_CLIENT_ID | No | Auth0 client ID |
| AUTH0_CLIENT_SECRET | No | Auth0 client secret |
| AUTH0_CALLBACK_URL | No | Auth0 callback URL |
---
### 2. User-Tenant Service (@sourceloop/user-tenant-service v7.0.6)
Multi-tenant user management with RBAC.
**Features:**
- Tenant creation and management
- Team management within tenants
- User CRUD with tenant association
- Role and permission management
- Group-based access control
- User invitation workflow
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| POST | `/groups/{id}/user/bulk` | Bulk add users to group |
| DELETE | `/groups/{id}/user/{userId}` | Remove user from group |
| POST | `/groups/{id}/user` | Add user to group |
| GET | `/groups/{id}/user` | Get users in group |
| GET | `/tenants/count` | Get tenant count |
| PUT | `/tenants/{id}` | Replace tenant |
| PATCH | `/tenants/{id}` | Update tenant |
| GET | `/tenants/{id}` | Get tenant by ID |
| DELETE | `/tenants/{id}` | Delete tenant |
| POST | `/tenants` | Create tenant |
| GET | `/tenants` | List tenants |
| GET | `/roles/count` | Get role count |
| POST | `/roles` | Create role |
| GET | `/roles` | List roles |
| GET | `/users/count` | Get user count |
| POST | `/users` | Create user |
| GET | `/users` | List users |
| PATCH | `/users/{id}` | Update user |
| GET | `/users/{id}` | Get user by ID |
| DELETE | `/users/{id}` | Delete user |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| DB_HOST | Yes | PostgreSQL host |
| DB_PORT | Yes | PostgreSQL port |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name |
| DB_SCHEMA | Yes | Database schema |
| REDIS_HOST | Yes | Redis host |
| REDIS_PORT | Yes | Redis port |
| JWT_SECRET | Yes | JWT signing secret |
| JWT_ISSUER | Yes | JWT token issuer |
| AUTH_MIGRATION | No | Run migrations on startup |
---
### 3. Audit Service (@sourceloop/audit-service v19.0.6)
Audit logging microservice for tracking user actions.
**Features:**
- Track inserts, updates, and deletes across services
- Archive audit logs to AWS S3
- Export logs to Excel format
- Repository mixin for automatic audit trail
- Background job processing for exports
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| POST | `/audit-logs/archive` | Archive audit logs by filter criteria |
| GET | `/audit-logs/count` | Get total count of audit logs |
| GET | `/audit-logs/export` | Export audit logs to Excel |
| GET | `/audit-logs/jobs/{jobId}` | Get export job status |
| GET | `/audit-logs/{id}` | Get specific audit log by ID |
| POST | `/audit-logs` | Create new audit log entry |
| GET | `/audit-logs` | List audit logs with filters |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| DB_HOST | Yes | PostgreSQL host |
| DB_PORT | Yes | PostgreSQL port |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name |
| DB_SCHEMA | Yes | Database schema |
| JWT_SECRET | Yes | JWT signing secret |
| JWT_ISSUER | Yes | JWT token issuer |
| AUDIT_MIGRATION | No | Run migrations on startup |
| AWS_ACCESS_KEY_ID | No | AWS access key for S3 archival |
| AWS_SECRET_ACCESS_KEY | No | AWS secret key for S3 archival |
| AWS_S3_BUCKET | No | S3 bucket for archive storage |
---
### 4. Notification Service (@sourceloop/notification-service v18.0.7)
Multi-channel notification delivery.
**Features:**
- Email via AWS SES or Nodemailer
- SMS via AWS SNS
- Push notifications via PubNub or Socket.io
- Notification drafting and grouping
- User sleep time/quiet hours settings
- Bulk notification support
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| POST | `/notification-users/bulk` | Create bulk notification-user mappings |
| GET | `/notification-users/count` | Get notification user count |
| DELETE | `/notification-users/hard` | Hard delete notification users |
| PUT | `/notification-users/{id}` | Replace notification user |
| PATCH | `/notification-users/{id}` | Update notification user |
| GET | `/notification-users/{id}` | Get notification user by ID |
| DELETE | `/notification-users/{id}` | Delete notification user |
| POST | `/notification-users` | Create notification user |
| GET | `/notification-users` | List notification users |
| POST | `/notifications/bulk` | Send bulk notifications |
| GET | `/notifications/count` | Get notification count |
| POST | `/notifications` | Send notification |
| GET | `/notifications` | List notifications |
| PATCH | `/notifications/{id}` | Update notification |
| GET | `/notifications/{id}` | Get notification by ID |
| DELETE | `/notifications/{id}` | Delete notification |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| DB_HOST | Yes | PostgreSQL host |
| DB_PORT | Yes | PostgreSQL port |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name |
| DB_SCHEMA | Yes | Database schema |
| JWT_SECRET | Yes | JWT signing secret |
| JWT_ISSUER | Yes | JWT token issuer |
| NOTIF_MIGRATION | No | Run migrations on startup |
---
### 5. Chat Service (@sourceloop/chat-service v17.0.6)
Real-time communication microservice.
**Features:**
- Individual and group messaging
- File attachments with secure download URLs
- Message threading (parent/child messages)
- Read/unread tracking per recipient
- Favorite and forwarded message support
- Audit tracking for file downloads
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| POST | `/attach-files/bulk` | Bulk create attachment files |
| GET | `/attach-files/count` | Get attachment file count |
| PUT | `/attach-files/{id}` | Replace attachment file |
| PATCH | `/attach-files/{id}` | Update attachment file |
| GET | `/attach-files/{id}` | Get attachment file by ID |
| DELETE | `/attach-files/{id}` | Delete attachment file |
| POST | `/attach-files` | Create attachment file |
| GET | `/attach-files` | List attachment files |
| POST | `/messages` | Send message |
| GET | `/messages` | List messages |
| PATCH | `/messages/{id}` | Update message |
| GET | `/messages/{id}` | Get message by ID |
| DELETE | `/messages/{id}` | Delete message |
| GET | `/message-recipients` | List message recipients |
| PATCH | `/message-recipients/{id}` | Update recipient status |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| DB_HOST | Yes | PostgreSQL host |
| DB_PORT | Yes | PostgreSQL port |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name |
| DB_SCHEMA | Yes | Database schema |
| JWT_SECRET | Yes | JWT signing secret |
| JWT_ISSUER | Yes | JWT token issuer |
| CHAT_MIGRATION | No | Run migrations on startup |
---
### 6. In-Mail Service (@sourceloop/in-mail-service v16.0.6)
Internal mail system for composing and managing messages.
**Features:**
- Compose, draft, and send internal messages
- Mail threads and conversations
- Attachments and metadata support
- Mark as read/unread/important
- Bulk operations: trash, delete, restore
- Storage categories: inbox, sent, draft, trash
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| PATCH | `/mails/bulk/restore` | Restore messages from trash |
| DELETE | `/mails/bulk/{storage}/{action}` | Bulk move to trash or delete |
| PATCH | `/mails/marking/{markType}` | Mark mails as read/unread/important |
| DELETE | `/mails/{messageId}/attachments/{attachmentId}` | Remove attachment |
| POST | `/mails/{messageId}/attachments` | Add attachments to message |
| GET | `/mails/{messageId}/attachments` | List message attachments |
| POST | `/mails` | Compose new mail |
| GET | `/mails` | List mails |
| PATCH | `/mails/{id}` | Update mail |
| GET | `/mails/{id}` | Get mail by ID |
| DELETE | `/mails/{id}` | Delete mail |
| GET | `/threads` | List mail threads |
| GET | `/threads/{id}` | Get thread by ID |
| DELETE | `/threads/{id}` | Delete thread |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| DB_HOST | Yes | PostgreSQL host |
| DB_PORT | Yes | PostgreSQL port |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name |
| DB_SCHEMA | Yes | Database schema |
| JWT_SECRET | Yes | JWT signing secret |
| JWT_ISSUER | Yes | JWT token issuer |
| INMAIL_MIGRATION | No | Run migrations on startup |
---
### 7. Video Conferencing Service (@sourceloop/video-conferencing-service v20.0.0)
Video conferencing with Vonage and Twilio integration.
**Features:**
- Meeting scheduling and management
- Token generation for session participants
- Vonage (OpenTok) and Twilio provider support
- Archive listing and management
- Storage target configuration (AWS S3, Azure Blob)
- Webhook events for session lifecycle
- Session attendee tracking
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| PUT | `/archives/storage-target` | Configure archive storage target |
| GET | `/archives/{archiveId}` | Get archive by ID |
| DELETE | `/archives/{archiveId}` | Delete archive |
| GET | `/archives` | List archives |
| GET | `/session/{meetingLinkId}/attendees` | Get session attendees |
| PATCH | `/session/{meetingLinkId}/end` | End meeting session |
| POST | `/session/{meetingLinkId}/token` | Generate session token |
| POST | `/session/schedule` | Schedule a meeting |
| PATCH | `/session/{meetingLinkId}` | Update session |
| GET | `/session/{meetingLinkId}` | Get session details |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| DB_HOST | Yes | PostgreSQL host (default: localhost) |
| DB_PORT | Yes | PostgreSQL port (default: 5432) |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name (default: video) |
| DB_SCHEMA | Yes | Database schema (default: main) |
| JWT_SECRET | Yes | JWT signing secret |
| JWT_ISSUER | Yes | JWT token issuer |
| VONAGE_API_KEY | No | Vonage API key |
| VONAGE_API_SECRET | No | Vonage API secret |
| TWILIO_ACCOUNT_SID | No | Twilio account SID |
| TWILIO_AUTH_TOKEN | No | Twilio auth token |
| TWILIO_API_KEY | No | Twilio API key |
| TWILIO_API_SECRET | No | Twilio API secret |
| AWS_ACCESS_KEY | No | AWS key for S3 archive storage |
| AWS_SECRET_KEY | No | AWS secret for S3 archive storage |
| AZURE_ACCOUNT_KEY | No | Azure key for blob archive storage |
| AZURE_CONTAINER | No | Azure container name |
---
### 8. Scheduler Service (@sourceloop/scheduler-service v18.0.6)
Calendar and event scheduling microservice.
**Features:**
- Calendar management (CRUD)
- Event scheduling with recurrence
- Attendee management with RSVP
- Working hours configuration
- Event attachments
- iCal import/export
- Subscription support
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| GET | `/attachments/count` | Get attachment count |
| PUT | `/attachments/{id}` | Replace attachment |
| PATCH | `/attachments/{id}` | Update attachment |
| GET | `/attachments/{id}` | Get attachment by ID |
| DELETE | `/attachments/{id}` | Delete attachment |
| POST | `/attachments` | Create attachment |
| GET | `/attachments` | List attachments |
| POST | `/calendars` | Create calendar |
| GET | `/calendars` | List calendars |
| PATCH | `/calendars/{id}` | Update calendar |
| GET | `/calendars/{id}` | Get calendar by ID |
| DELETE | `/calendars/{id}` | Delete calendar |
| POST | `/events` | Create event |
| GET | `/events` | List events |
| PATCH | `/events/{id}` | Update event |
| GET | `/events/{id}` | Get event by ID |
| DELETE | `/events/{id}` | Delete event |
| POST | `/events/{id}/attendees` | Add attendees to event |
| GET | `/events/{id}/attendees` | List event attendees |
| GET | `/calendars/{id}/working-hours` | Get working hours |
| POST | `/calendars/{id}/working-hours` | Set working hours |
| POST | `/calendars/{id}/subscriptions` | Create subscription |
| GET | `/calendars/{id}/subscriptions` | List subscriptions |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| DB_HOST | Yes | PostgreSQL host |
| DB_PORT | Yes | PostgreSQL port |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name |
| DB_SCHEMA | Yes | Database schema |
| REDIS_HOST | Yes | Redis host |
| REDIS_PORT | Yes | Redis port |
| JWT_SECRET | Yes | JWT signing secret |
| JWT_ISSUER | Yes | JWT token issuer |
| SCHEDULER_MIGRATION | No | Run migrations on startup |
---
### 9. BPMN Service (@sourceloop/bpmn-service v19.0.0)
BPMN workflow management with Camunda engine.
**Features:**
- Workflow deployment and management
- Process versioning
- Workflow execution with input schema validation
- External task worker support
- Event-to-workflow mapping
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| POST | `/workflows/{id}/execute` | Start/execute a workflow |
| DELETE | `/workflows/{id}/version/{version}` | Delete specific workflow version |
| PATCH | `/workflows/{id}` | Update workflow |
| GET | `/workflows/{id}` | Get workflow by ID |
| DELETE | `/workflows/{id}` | Delete workflow |
| POST | `/workflows` | Create/deploy new workflow |
| GET | `/workflows` | List workflows |
| GET | `/events/count` | Get event count |
| POST | `/events/mapping` | Map event to workflow |
| GET | `/events/{id}` | Get event by ID |
| GET | `/events` | List events |
| GET | `/tasks/count` | Get task count |
| POST | `/tasks/mapping` | Map task to workflow |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| DB_HOST | Yes | PostgreSQL host |
| DB_PORT | Yes | PostgreSQL port |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name |
| DB_SCHEMA | Yes | Database schema |
| JWT_SECRET | Yes | JWT signing secret |
| JWT_ISSUER | Yes | JWT token issuer |
| CAMUNDA_URL | Yes | Camunda engine REST API URL |
| WORKFLOW_MIGRATION | No | Run migrations on startup |
---
### 10. Task Service (@sourceloop/task-service v10.0.0)
Event-driven task management with workflow integration.
**Features:**
- Task creation based on events
- Workflow integration via Camunda
- Incoming connectors: Kafka, HTTP, AWS SQS
- Outgoing connectors: Kafka, HTTP
- Webhook subscriptions
- HMAC signature validation for webhooks
- Task assignment and status tracking
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| POST | `/tasks` | Create new task |
| GET | `/tasks` | List tasks |
| PATCH | `/tasks/{id}` | Update task |
| GET | `/tasks/{id}` | Get task by ID |
| DELETE | `/tasks/{id}` | Delete task |
| POST | `/events` | Create event (triggers workflow) |
| GET | `/events` | List events |
| POST | `/webhooks` | Webhook endpoint for incoming events |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| DB_HOST | Yes | PostgreSQL host |
| DB_PORT | Yes | PostgreSQL port |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name |
| DB_SCHEMA | Yes | Database schema |
| JWT_SECRET | Yes | JWT signing secret |
| JWT_ISSUER | Yes | JWT token issuer |
| CAMUNDA_URL | No | Camunda engine URL (for workflow integration) |
---
### 11. Payment Service (@sourceloop/payment-service v19.0.7)
Payment processing with multiple gateway support.
**Features:**
- PayPal integration
- Stripe integration
- Razorpay integration
- Order creation and payment processing
- Subscription management
- Transaction tracking
- Refund processing
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| POST | `/create-subscription-and-pay` | Create subscription and charge |
| POST | `/subscription/transaction/charge` | Charge subscription |
| GET | `/orders/count` | Get order count |
| PUT | `/orders/{id}` | Replace order |
| PATCH | `/orders/{id}` | Update order |
| GET | `/orders/{id}` | Get order by ID |
| DELETE | `/orders/{id}` | Delete order |
| POST | `/orders` | Create order |
| GET | `/orders` | List orders |
| GET | `/transactions/count` | Get transaction count |
| GET | `/transactions/{id}` | Get transaction by ID |
| GET | `/transactions` | List transactions |
| POST | `/place-order-and-pay` | Create order and process payment |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| DB_HOST | Yes | PostgreSQL host |
| DB_PORT | Yes | PostgreSQL port |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name |
| DB_SCHEMA | Yes | Database schema |
| JWT_SECRET | Yes | JWT signing secret |
| JWT_ISSUER | Yes | JWT token issuer |
| PAYMENT_MIGRATION | No | Run migrations on startup |
---
### 12. Reporting Service (@sourceloop/reporting-service v7.0.9)
Data ingestion, processing, and dashboard reporting.
**Features:**
- Data ingestion from multiple sources
- Data storage in PostgreSQL or S3
- Dataset creation with JSON queries
- Widget and dashboard management
- Hash-based data duplication detection
- SQL query validation
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| GET | `/dashboards/count` | Get dashboard count |
| PATCH | `/dashboards/{id}` | Update dashboard |
| GET | `/dashboards/{id}` | Get dashboard by ID |
| DELETE | `/dashboards/{id}` | Delete dashboard |
| POST | `/dashboards` | Create dashboard |
| GET | `/dashboards` | List dashboards |
| GET | `/datasets/count` | Get dataset count |
| POST | `/datasets` | Create dataset |
| GET | `/datasets` | List datasets |
| PATCH | `/datasets/{id}` | Update dataset |
| GET | `/datasets/{id}` | Get dataset by ID |
| DELETE | `/datasets/{id}` | Delete dataset |
| GET | `/widgets/count` | Get widget count |
| POST | `/widgets` | Create widget |
| GET | `/widgets` | List widgets |
| PATCH | `/widgets/{id}` | Update widget |
| GET | `/widgets/{id}` | Get widget by ID |
| DELETE | `/widgets/{id}` | Delete widget |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| DB_HOST | Yes | PostgreSQL host |
| DB_PORT | Yes | PostgreSQL port |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name |
| DB_SCHEMA | Yes | Database schema |
| JWT_SECRET | Yes | JWT signing secret |
| JWT_ISSUER | Yes | JWT token issuer |
| REPORTS_MIGRATION | No | Run migrations on startup |
---
### 13. Search Service (@sourceloop/search-service v10.0.0)
Full-text search across multiple data models.
**Features:**
- Full-text search using PostgreSQL or MySQL
- Search across multiple configured models
- Column mapping for search indexes
- Recent search tracking per user
- Configurable result limits and ordering
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| GET | `/search` | Perform full-text search |
| POST | `/search` | Perform search with body filters |
| GET | `/recent-searches` | Get recent searches for user |
| DELETE | `/recent-searches/{id}` | Delete recent search |
| GET | `/recent-searches` | List recent searches |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| DB_HOST | Yes | PostgreSQL/MySQL host |
| DB_PORT | Yes | Database port |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name |
| DB_SCHEMA | Yes | Database schema |
| JWT_SECRET | Yes | JWT signing secret |
| JWT_ISSUER | Yes | JWT token issuer |
| SEARCH_MIGRATION | No | Run migrations on startup |
---
### 14. Survey Service (@sourceloop/survey-service v7.0.7)
Survey creation and response management.
**Features:**
- Question types: Multiple choice, Single choice, Text, Dropdown, Scale
- Question templates for reuse
- Survey sections for organization
- Survey cycles (recurring assessments)
- Survey responder management
- Response collection and tracking
- Weight-based scoring
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| GET | `/question/{questionId}/options/count` | Get option count |
| POST | `/question/{questionId}/options/delete/bulk` | Bulk delete options |
| PATCH | `/question/{questionId}/options/many` | Bulk update options |
| PATCH | `/question/{questionId}/options/{id}` | Update option |
| GET | `/question/{questionId}/options/{id}` | Get option by ID |
| DELETE | `/question/{questionId}/options/{id}` | Delete option |
| POST | `/question/{questionId}/options` | Create option |
| GET | `/question/{questionId}/options` | List options |
| POST | `/questions` | Create question |
| GET | `/questions` | List questions |
| PATCH | `/questions/{id}` | Update question |
| GET | `/questions/{id}` | Get question by ID |
| DELETE | `/questions/{id}` | Delete question |
| POST | `/surveys` | Create survey |
| GET | `/surveys` | List surveys |
| PATCH | `/surveys/{id}` | Update survey |
| GET | `/surveys/{id}` | Get survey by ID |
| DELETE | `/surveys/{id}` | Delete survey |
| POST | `/surveys/{id}/sections` | Create section |
| GET | `/surveys/{id}/sections` | List sections |
| POST | `/surveys/{id}/survey-cycles` | Create survey cycle |
| GET | `/surveys/{id}/survey-cycles` | List survey cycles |
| POST | `/surveys/{id}/survey-responders` | Add responder |
| GET | `/surveys/{id}/survey-responders` | List responders |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| DB_HOST | Yes | MySQL/PostgreSQL host |
| DB_PORT | Yes | Database port |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name |
| DB_SCHEMA | Yes | Database schema |
| JWT_SECRET | Yes | JWT signing secret |
| JWT_ISSUER | Yes | JWT token issuer |
| SURVEY_MIGRATION | No | Run migrations on startup |
---
### 15. Feature Toggle Service (@sourceloop/feature-toggle-service v8.0.6)
Feature flag management at system, tenant, and user levels.
**Features:**
- System-level feature flags
- Tenant-level feature toggles
- User-level feature overrides
- Strategy-based rollout
- Method-level decorator support
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| GET | `/feature-values/count` | Get feature value count |
| PUT | `/feature-values/{id}` | Replace feature value |
| PATCH | `/feature-values/{id}` | Update feature value |
| GET | `/feature-values/{id}` | Get feature value by ID |
| DELETE | `/feature-values/{id}` | Delete feature value |
| POST | `/feature-values` | Create feature value |
| GET | `/feature-values` | List feature values |
| GET | `/features/count` | Get feature count |
| POST | `/features` | Create feature |
| GET | `/features` | List features |
| PATCH | `/features/{id}` | Update feature |
| GET | `/features/{id}` | Get feature by ID |
| DELETE | `/features/{id}` | Delete feature |
| POST | `/strategies` | Create strategy |
| GET | `/strategies` | List strategies |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| DB_HOST | Yes | PostgreSQL host |
| DB_PORT | Yes | PostgreSQL port |
| DB_USER | Yes | Database username |
| DB_PASSWORD | Yes | Database password |
| DB_DATABASE | Yes | Database name |
| DB_SCHEMA | Yes | Database schema |
| JWT_SECRET | Yes | JWT signing secret |
| JWT_ISSUER | Yes | JWT token issuer |
| FEATURETOGGLE_MIGRATION | No | Run migrations on startup |
---
### 16. OIDC Service (@sourceloop/oidc-service v7.0.6) — DEPRECATED
OpenID Connect identity provider.
**Features:**
- OpenID Connect compliant provider
- Token management (access, refresh, ID tokens)
- User info endpoint
- Discovery endpoint
- Interaction-based login flow
- Session management
**API Endpoints:**
| Method | Path | Description |
|--------|------|-------------|
| POST | `/interaction/{uid}/confirm` | Confirm OIDC interaction |
| POST | `/interaction/{uid}/login` | OIDC login |
| GET | `/interaction/{uid}` | Get interaction (renders login page) |
**Environment Variables:**
| Variable | Required | Description |
|----------|----------|-------------|
| NODE_ENV | Yes | Environment |