.. _userorg:

Backend Services
================
The LEXIS UserOrg service was originally designed to
manage relationships between users and organisations.
Over time, it has evolved into a comprehensive platform
that manages mappings for both LEXIS computational projects
and HPC computational projects.

Technical Specification
------------------------
- **Interface**: The service provides a **Swagger/OpenAPI v3.0.1** interface over HTTPS. It supports the management of providers, resources, projects, and the definition of mappings between these entities (e.g. assigning resources to projects, template creation, etc.).
- **Interoperability**: By utilising the Swagger standard for API definition, client libraries (SDKs) can be easily generated for a wide range of programming languages.
- **Implementation**: Developed using the **.NET Core** framework. The service uses **Entity Framework (EF Core)** to map models defined in the Swagger specification to the database schema.
- **Data Storage**: **MSSQL** is utilised for persistent data storage.
- **Validation and Auditing**: The API features input request validation along with a robust system for activity auditing and logging.

Security and Access Control
----------------------------
Authentication and authorisation are managed via **Keycloak**. Every valid request must include a **Bearer token**.
The service verifies this token with the Keycloak authorisation server to ensure validity and enforce user permissions.

Key Functionalities
--------------------
The service enables:

- Collection and storage of information regarding project repositories.
- Configuration of templates for executing jobs on computational clusters.
- Provision of general information about HPC clusters and their providers.
- And more...

Future Outlook and Planned Features
------------------------------------
Development is currently underway on a new version of the system,
focusing on performance enhancements, security, and expanded
connectivity. Key planned innovations include:

- **Database Layer Optimisation**: Increasing throughput and data processing efficiency to reduce system latency.
- **API Segmentation**: Strict separation of endpoints for regular users and administrative management to enhance system security and clarity.
- **External Platform Integration**: Expanding connectivity options via the STOMP protocol and other integration tools for real-time communication.
- **Expanded Provider Support**: Implementation and integration of additional provider types within the FIP architecture.