ShopNexus depends on external providers for capabilities outside its core domain (for example payments and notifications). Integrations are isolated behind adapters so a provider can be swapped without touching domain logic.

Integration principles

  • Anti-corruption layer — translate provider models into the domain’s own terms.
  • Resilience — apply timeouts, retries with backoff, and circuit breakers to outbound calls.
  • Webhooks — verify signatures and treat inbound events as idempotent.
  • Secrets — store provider credentials outside the codebase; never commit them.

Example: handling a webhook

1

Verify

Validate the provider signature before processing.
2

Deduplicate

Ignore events already processed (idempotency key).
3

Translate

Map the provider payload to a domain event.
4

React

Publish the domain event for interested services.
Never trust webhook payloads without signature verification — they are publicly reachable endpoints.