AgileWebs/thalos-bff
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56510de55e
thalos-bff/docs/architecture/bff-identity-boundary.md
José René White Enciso cc221eab1a feat(thalos-bff): propagate provider metadata at edge adapters
2026-02-25 13:13:56 -06:00

499 B
Raw Blame History

Thalos BFF Identity Boundary

Purpose

Keep thalos-bff as an edge adapter layer that consumes thalos-service and adopted identity capability contracts.

BFF Responsibilities

  • Edge contract handling
  • Service client adaptation
  • Correlation/tracing propagation
  • Single active edge protocol policy enforcement (rest)
  • Provider metadata propagation (InternalJwt, AzureAd, Google)

Prohibited

  • Direct DAL access
  • Identity policy decision ownership
  • Identity persistence concerns