Spring Boot Microservice Platform

Full-stack microservice platform with Auth0 identity, API gateway enforcement, service discovery, Redis-backed rate limiting/cache, and user-scoped order/customer workflows.

<- All projectsHome
Java 21Spring Boot 4.0.2Spring Cloud GatewaySpring Cloud EurekaPostgreSQLRedisResilience4jAuth0Next.js 16Docker Compose2026

Architecture and Engineering Diagrams

What I did

  • >Built a distributed architecture with API Gateway, Eureka discovery, customer-service, order-service, and a Next.js frontend.
  • >Designed Auth0-based authentication flow where gateway validates JWT tokens and forwards trusted identity context to backend services.
  • >Implemented internal trust boundary with shared-secret headers so backend services reject client-forged internal identity headers.
  • >Added Redis-backed route-aware rate limiting at gateway level and Redis caching for customer and order read paths.
  • >Implemented resilience in order-service to customer-service calls with retry + circuit breaker and explicit fallback behavior.
  • >Containerized all services with Docker Compose and environment template files for reproducible local and deployment workflows.
  • >Live frontend: https://microservicefrontend.rumalg.me/.

Case Study

System Scope

  • >User-facing microservice platform with profile bootstrap, customer domain, and user-scoped order operations.
  • >Designed as a complete platform with frontend, gateway, service discovery, and domain services.
  • >Primary goal: enforce identity boundaries and predictable behavior across distributed service calls.

Architecture and Boundaries

  • >Spring Cloud Gateway acts as the only public API entry, while backend raw service paths are denied by policy.
  • >Eureka provides service registration and discovery so gateway and services resolve dependencies by logical IDs.
  • >Gateway strips client-supplied internal headers and rewrites trusted identity headers for downstream services.
  • >Customer and order services verify internal trust headers before executing protected user-context operations.

Identity and Access Model

  • >Auth0 access tokens are validated at gateway (issuer and audience), reducing auth duplication in domain services.
  • >Frontend uses redirect-based login and silent token retrieval, then calls gateway with Bearer tokens.
  • >User onboarding is bootstrap-safe by checking /customers/me first and creating profile only when missing.
  • >Service-side user reads and writes are scoped to authenticated identity, avoiding cross-user data exposure.

Reliability and Performance Controls

  • >Route-specific Redis rate limiting protects register/profile/order endpoints differently instead of a single coarse policy.
  • >Redis cache keys in customer-service and order-service reduce repeated domain lookup and list-detail overhead.
  • >Order-service to customer-service dependency is hardened with Retry + CircuitBreaker and explicit degraded-path errors.
  • >Environment-driven tunables make burst/replenish thresholds and proxy trust behavior adjustable without code changes.

Deployment and Runtime

  • >Dockerized services support two runtime modes: full stack with PostgreSQL containers or external database mode.
  • >Environment sample files document required Auth0, shared-secret, and API base configuration for clean setup.
  • >Frontend and gateway are decoupled so runtime URL wiring is controlled through environment configuration.
  • >Project includes operational troubleshooting paths for cache serialization and internal trust mismatches.

Result

  • >Demonstrates practical distributed-system design with clear trust boundaries and gateway-centered API control.
  • >Maintains user-scoped correctness while handling dependency instability through retries and circuit breakers.
  • >Provides a production-style full-stack microservice reference with live frontend availability.
All Projects