Per-service diagrams (container + sequence)
Purpose: Satisfy Deliverable 3 diagram depth: one container-style view and one representative sequence per backend under apps/services/.
Evidence: Route prefixes and upstream ports from ../../infra/kong/kong.yml; Docker hostnames match Kong url: entries.
Conventions
- Kong is the external HTTP edge for routes listed here (browser/BFF calls Kong, not raw container ports in production).
- JWT validation is described in baseline as occurring at gateway and service (
ARCHITECTURE_BASELINE.md§7); sequences show Bearer forwarding unless noted. - NATS appears where async is typical (orders, interop); omit if service has no publisher in this pass—verify in service code for production docs.
iam (Kong: iam :3001)
Public / internal routes: /api/iam, /internal/iam
Container
Sequence (representative API call)
tenant (Kong: tenant :3002)
Routes: /api/tenants, /internal/tenants
Container
Sequence
hierarchy (Kong: hierarchy :3003)
Routes: /api/hierarchy, /internal/hierarchy
Container
Sequence
licensing (:3004)
Routes: /api/licenses, /internal/licenses
Container
Sequence
access-policy (Kong: access-policy :3005)
Routes: /api/access, /internal/access, /internal/governance
Container
Sequence (ABAC evaluation)
audit (Kong: audit :3006)
Routes: /api/audit
Container
Sequence
platform-admin (Kong: platform-admin :3007)
Routes: /api/platform, /internal/admin
Container
Sequence
terminology (:3028)
Routes: /v1/terminology, /internal/terminology
Container
Sequence
registration (:3010)
Routes: /v1/patients, /v1/encounters
Container
Sequence
scheduling (:3011)
Routes: /v1/schedules, /v1/slots, /v1/appointments, /v1/waitlist, /fhir/R4/Appointment
Container
Sequence
provider-directory (:3012)
Routes: /v1/practitioners, /v1/practitioner-roles, /v1/endpoints
Container
Sequence
facility (:3013)
Routes: /v1/locations, /v1/beds, /v1/resource-catalog
Container
Sequence
patient-chart-service (:3020)
Routes: /v1/chart
Container
Sequence (chart read + registration lookup)
clinical-notes (:3021)
Routes: /v1/notes, /v1/note-templates
Container
Sequence
orders (:3022)
Routes: /v1/orders, /v1/order-sets, /svc/orders (FHIR strip)
Container
Sequence
results (:3023)
Routes: /v1/results
Container
Sequence
medication (:3024)
Routes: /v1/medications
Container
Sequence
problem-list (:3025)
Routes: /v1/problems
Container
Sequence
allergies (:3026)
Routes: /v1/allergies, /v1/patients/:id/allergies/nkda|nka, /internal/allergies
Container
Sequence
vitals (:3027)
Routes: /v1/vitals, /fhir/R4/Observation
Container
Sequence
radiology-pacs (:3029)
Routes: /studies, /reports (root-level paths on upstream)
Container
Sequence
patient-portal-api (:3030)
Routes: /v1/portal
Container
Sequence
immunizations (:3031)
Routes: /v1/immunizations
Container
Sequence
care-plans-service (:3032)
Routes: /v1/careplans
Container
Sequence
digital-communication (:3033)
Routes (Kong): /v1/digital-communication (prefix; strip_path: false) — see API_DOCS.md for full paths.
Specs: specs/modules/digital-communication/SPEC.md, NOTIFICATIONS_PLATFORM.md
ADR: ADR-0047-unified-digital-communication-service.md
Container
Sequence (secure message)
Sequence (outbound notification — conceptual)
Domain services or portal queue intents; digital-communication resolves templates and calls provider adapters (PHI-minimized). See NOTIFICATIONS_PLATFORM.md.
laboratory-lis (:3034)
Routes: /catalog, /accessions, /specimens, /results (root-level on upstream)
Container
Sequence
billing (:3035)
Routes: /v1/billing/charges, /invoices, /payments, /refunds, /adjustments
Container
Sequence
insurance (:3036)
Routes: /coverages, /authorizations
Container
Sequence
claims (:3037)
Routes: /claims, /remittances, /denials
Container
Sequence
hl7v2-interop (:3038)
Routes: /v1/interop
Container
Sequence
fhir-gateway (:3039)
Routes: /fhir (FHIR R4 surface)
Container
Sequence
ai-orchestrator (:3040)
Routes: /v1/ai
Container
Sequence
config-resolver (:3015)
Routes: /api/config, /admin/ui, /internal/config, /internal/v1/offline
Container
Sequence
seed-runner (tooling — not in Kong)
Role: Database seeding via pnpm scripts (package.json root db:seed*).
Container
Sequence
Related
- Platform narrative:
IMPLEMENTED_PLATFORM_ARCHITECTURE.md - Normative rules:
baseline/ARCHITECTURE_BASELINE.md - Kong source of truth:
../../infra/kong/kong.yml