Neosperience Cloud empowering product development on AWS

Neosperience aims to become the foundation of partners' product strategy and the backbone of our services. Photo by Mirko Blicke from Unsplash

Some of the companies joining us in the last few months brought non only strong domain expertise and technical competencies in their field (i.e., MIkamai, LinkMe) but also widely adopted products, like Workup RubinRed Digital Commerce platform. Many to come in the next months as soon as we find top performers in their fields, willing to scale up and join our family. On a product strategy basis, it has not been easy to think which evolution model was the best to provide the best value for our customers.
On one side, we could adopt a centralized model with firm product feature decisions coming from a steering committee, including domain experts from our subsidiaries, at the risk of losing some particular point of view that gets flooded into an enormous backlog. On the other side, a decentralized model could empower teams taking ownership, but integration issues could become an issue.

The ruling or serving dilemma

Neosperience as the backbone of our products

Neosperience Cloud becomes the foundation of Neosperience products, standardizing principles, libraries, and tools to ensure interoperability between our solutions.

In 2020, we plan to let Neosperience become the backbone of our products, developing support among four distinct paths: guidelines, events, architecture, and tools. An ambitious outcome achieved through four pillars: guidelines, events, architecture, and tools.

1. Guidelines

  • a shared unified Design Library, to provide our customers with a consistent experience through our solutions. Interaction principles adopt easy to use metaphors, and a consolidated design of UI components makes our user feel comfortable with any of our product flattening the learning curve.
  • An architecture made of microservices, to encourage integrations either between Neosperience solutions and with 3rd party ecosystem. Microservices allow adopting service composition into new products and projects. Breaking monolithic services into smaller components means increased flexibility and interoperation.
  • The use as much as possible of managed computing resources as containers or, even better, serverless is suggested. It avoids the need to manage infrastructure scalability and focus on providing the most value to customers instead of handling servers. This requirement matches a strong focus on cloud providers, especially Amazon Web Services (AWS), which offers a set of quick out-of-the-box services to build modern apps.
  • A shared layer for authentication is required, leveraging OAuth2 to authenticate users and a JWT token with a standard structure for authorization. The usage of Amazon Cognito is encouraged since it eases the need to write a lot of boilerplate code.
  • The support of events emitted and consumed by every entity within a product architecture to allow other solutions (either Neosperience or 3rd party) is encouraged. Services can react to them, getting notified of data changes without the need for direct communication. Events represent the preferred way of communication and provide many advantages such as standardization, validation, and fast webhooks development. AWS EventBridge is the reference technology for event handling within Neosperience. Still, in some specific contexts, Apache Kafka, Amazon SNS, or MQTT could be used to support event transport when AWS is not a viable choice.
  • An API First approach that makes every product expose a set of APIs. We ask our teams to start designing a product or a feature from the business and move downward to its interfaces. If the domain is unclear to every stakeholder, they could use mapping techniques such as event storming. Defining APIs means stating what happens between our product and the external world. It also has the benefit of easing a lot of work with integrations because no one has to build them on top, specifically for clients. A robust API strategy also empowers the separation of concerns and pushes companies to avoid monolithic architectures.
A summary of the six pillars within the guidelines domain

These guidelines can be adopted incrementally, having a minimum impact on product roadmap but enable a lot of the benefits we would like to leverage within Neosperience products and 3rd party partners.

2. Interfaces

Application Programming Interfaces (API)

Web APIs allow clients to invoke HTTP URLs and obtain data in a pull fashion. REST emerged in the last few years as a standard for domain entities representation using simple URL paths and HTTP methods (GET, POST, DELETE, PUT). Upon this standard, software developers defined some protocols to overload simple web links into full-fledged APIs. One of the most adopted protocol is OAuth2 for data access control. Neosperience Cloud exposes its API with a well-documented structure, utilizing a standard fashion to describe API. Every API within Neosperience Core and Business Services should expose a regularly maintained Swagger file, describing API structure and how to invoke any of them: params, expected data in and out as well as authorization support and error codes expected when performing operations.

An example of a Swagger definition of an API

Beside APIs, there is the need to document and also standardize the structure handled by services. Since the de-facto syntax of data follows JSON as a representation protocol, we adopted JSON-schema as its validation language. JSON-like syntax and a defined set of properties describe semantically the structure of a payload of data expected or returned by a service within Neosperience Cloud.

An example of JSON-schema to enforce payload structure validation.

Events

Web and mobile applications usually interact with a backend service, often via an API. Many frontend applications pass requests for processing, wait for a result, and then display this to the user. A synchronous architecture is only one way to handle messages, but modern applications have alternatives to provide a better user experience.

In recent years, reactive software architectures obtained a lot of hype due to their strong reliability and the efficient usage of server resources. One of the main cornerstones of reactive designs is to pull API invocations, in favor of message-passing solutions,

Neosperience Cloud has an event-based architecture implementing communication between different services. Each domain entity publishes events in response to state changes. Events are small JSON payloads that resemble a flexible structure.

Example for “product added to cart” event

Neosperience Cloud exposes events for several actions on domain objects: e-commerce, chatbot, the voice of the customer, notification, user-insight, customer, content, store, profile.

Publishing and subscribing to events allows communication between different services and data synchronization with an eventual consistency pattern. Event-based architectures are preferable to direct remote calls through RPC because they offer many advantages in scalability and fault tolerance as well as allow for interesting patterns such as event sourcing and fan-in / fan-out.

APIs and events represent the interfaces between Neosperience Cloud and Solutions

3. Services

Specifically, we are going to make our core services available such as:

  • nsp-identity: a service developed specifically to handle service authorization independently from the entity being authorized. You could be a human, a backend service, or a toaster and can call every service with identity, roles, and permissions. Identities implement all OAuth2 fashion to offer access control to any REST service through HTTP Authorization header tokens. nsp-identity also provides service helpers to get tokens from social accounts, AWS credentials, username and passwords, third party providers, and machine-to-machine. Tokens can also be exchanged between all of them. In 2018, we added support for Auth0 credential providers, thus enabling 40+ additional providers. It relies on Amazon Cognito Identity management to allow data segregation but adds a standard layer that supports OAuth2 header management, roles, and token standardization through JSON Web Token (JWT).
  • nsp-user: user credentials management is the foundation of many Neosperience services, which is provided as a standard layer on Amazon Cognito User Pools, thus making its internal workflow entirely transparent to services, even when they do not rely on AWS. Moreover, login/registration flow is implemented as well with frontend components wrapping all the required service calls.
  • nsp-organization: Neosperience built a B2B2C platform, which means data should be segregated within different instances of any service, and a given identity must belong to only one of them. At the same time, a user could join multiple instances. This result is achieved through the development of the Neosperience Organization, which supports multi-tenant data handling and offers the capability to create a new organization, subscribe users, add licenses to them, and org-specific metadata (such as company-wide preferences and configurations) which can be retrieved by specific services. Neosperience Organization makes SaaS scalability independent for its underlying AWS account, thus allowing for multi orgs within the same account which relies on better management of cloud resources.
  • Customer Data Platform (CDP): is a data platform capable of storing and querying user data even in unstructured form. It supports an event-based collector and management, and data can be stored raw or aggregated in events within a user profile. Users can be queried by their attributes or timelines, thus offering and aggregated time-based evolution of a customer base. CDP support sources such as Salesforce, Shopify, SAP, and many more, as well as Neosperience Solutions, through a number of connectors. Integrations can be leveraged through service APIs, custom events (either published or subscribed by CDP), and Zapier.
  • Neosperience Cloud offers a service registry to provide relevant information about deployed microservices. It stores service health and status information about Neosperience as well as third-party services, through a health update and health check event bus and Amazon CloudWatch log analyzer which extracts metrics and usage insights. A Service Health Dashboard is offered to publish a summarized overview about service quality for a given account or organization.
  • An integrated Developer Portal offers third party teams the capability to obtain their Neosperience Cloud AccessKeyId and SecretAccessKey as well as to access service documentation.

On the deployment aspect, we offer to every team support through Neosperience CI/CD architecture, built on Gitlab and AWS CloudFormation with AWS Cloud Development Kit and Serverless Framework.

4. Tools

Neosperience provides its partners support in adopting the aforementioned guidelines, with a set of libraries, offering services middleware, and project bootstrap code to ease starting building stuff. On the frontend, our complete design library offers support to UX/UI development with a consistent look and feels as well as interaction principles. Language-specific SDKs are the starting point for teams to integrate our services without the hassle of handling APIs and authentication. We plan to support React, NodeJS, iOS, and Android. Finally, we envision the release of a Command-Line Input (CLI) tool to be used by teams to scaffold a new project (either client or service) with middleware, libraries, and our design library with no need to dive into dependency management or library download and built-in support for service deployment within a Neosperience Cloud dedicated instance.

Where to go from here?

My name is Luca Bianchi. I am Chief Technology Officer at Neosperience and, the author of Serverless Design Patterns and Best Practices. I have built software architectures for production workload at scale on AWS for nearly a decade.

Neosperience Cloud is the one-stop SaaS solution for brands aiming to bring Empathy in Technology, leveraging innovation in machine learning to provide support for 1:1 customer experiences.

You can contact me via Twitter and LinkedIn.

Chief Technology Officer at Neosperience. Loves speaking about Serverless, ML, and Blockchain. ServerlessDays Milano co-organizer. Opinions are my own.