Skip to content

XCP Gateway

Introduction

XCP Gateway is a unified interface built with modern technologies for end consumers consumption. The guiding philosophies in designing this platform include

  • Security
  • Ease of consumption
  • Simple
  • Performance

Architecture

Architecture Diagram

One of the primary strengths of an API gateway lies in its ability to simplify and streamline the architecture of complex systems. Instead of managing individual APIs separately, an API gateway serves as a single entry point for all API requests. This consolidation not only reduces complexity but also facilitates better management, monitoring, and security of APIs.

Features

Security

  • Authorization and Authentication
  • Throttling or rate limiting
  • DDOS prevention

Reliability

  • Multi-AZ and Multi-Region

XCP Gateway is a federated graphql gateway which aggregates and orchestrates a network of microservices to expose sales domain model for consumption.

Getting started

  • You can have a conversation with xcp-jarvis chatbot to understand what the sales platform has to offer
  • Try out the playground to understand the datapoints and operations available on the sales platform https://developer.xoe.xfinity.com/playground.html
  • Get a api key for your sales channel to consume xcp
  • Request scopes on websec/sat/cima/azure as needed for your channel
  • Start consuming the api's

Headers

Header Description
x-api-key api key for the consumer, Request one with the XCP team if you don't have one.
x-tracking-id a unique identifier to track the request that is sent to gateway
Authorization Bearer token for authentication and authorization

Onboarding

  • An API Key is required to consume the gateway. Raise a JIRA ticket here to get the api key.
  • Following authentication mechanisms will be supported in the gateway, based on the use case one or more scopes would be required
Operation Type Scope Auth Type
Mutation createSalesContext xcp:salescontext:create SAT
Mutation upsertItem sales:cart:pseudo:all SAT
Mutation presentConsent xcp:consent:present SAT
Mutation acceptConsent xcp:consent:accept SAT
Mutation createAndAcceptConsent xcp:consent:create, xcp:consent:accept SAT
Mutation submitCart sales:cart:pseudo:all SAT
Query Sales -> offers sales:bcs:pseudo:all SAT
Query Sales -> cart sales:cart:pseudo:all SAT
Query Sales -> order sales:cart:pseudo:all SAT
Query Sales -> consent xcp:consent:read SAT
Query Sales -> account csp:build SAT
Query Sales -> location csp:build SAT
Query Sales -> source csp:build SAT
Query Sales -> consentId xcp:consent:read SAT

Schema

The sales domain data model is explained here Sales Domain Model - Explained

Queries and Mutations

The detailed explanation of the below schema is at Queries and Mutations - Explained 

type Mutation {   
  createSalesContext(salesContext:SalesContext): Sales
  upsertItem(salesJourneyId:String, items:[ItemInput]) : Sales
  presentConsent(salesJourneyId:String, consentId:String) : Sales
  acceptConsent(salesJourneyId:String, consentId:String, acceptanceChannel:String, clientIpAddress:String) : Sales
  createAndAcceptConsent(salesJourneyId:String, acceptanceChannel:String, clientIpAddress:String, partnerId:String) : Sales
  submitCart(salesJourneyId : String) : Sales 
}

type Query {
  sales(salesJourneyId: String): Sales
  activationUrls(appIds: [String], lineOfService: [String]): ActivationUrls
}

Error handling

The typical graphql error during resolution looks like shown below.

Error Format - Field validation

{
  "errors": [
    {
      "message": "Field 'firstName' of type 'String!' must not be empty.",
      "locations": [
        {
          "line": 3,
          "column": 5
        }
      ],
      "path": [
        "user",
        "firstName"
      ]
    },
    {
      "message": "Field 'age' of type 'Int!' must be positive.",
      "locations": [
        {
          "line": 5,
          "column": 7
        }
      ],
      "path": [
        "user",
        "age"
      ]
    }
  ],
  "data": null
}

Error Format - Downstream

{
    "errors": [
        {
            "errorCode": "XCS.SC.400.2.1",
            "errorMessage": "Item is not allowed to add.",
            "serviceName": "salecontext"
        }
    ],
    "data": {
        "createSalesContext": null
    }
}

Request validation errors

If there is an error with request in terms of auth or schema/invalid fields being queries, the HTTP status code will be 400.

Resolution errors

If there are service fulfillment errors or resolution errors, The HTTP status code will be 200 in this case.

Environments

Environment Url
Integration https://xcp-sales-gateway-staging.xoe.xfinity.com
Production https://xcp-sales-gateway.xoe.xfinity.com

Frequently asked questions

Support

  • Raising a ticket
  • Please log your ticket at https://tkts.sys.comcast.net/projects/XOEM/issues, the guidelines for raising the ticket is at JIRA ticketing
  • Production issues
  • For immediate urgent production issues, please take a look at production support contact information at GraphQL Gateway - Production Support

Playground

There is a playground/sandbox for consumers to learn how to interact with XCP. The link to playground is here.