I have two micro services :
From my front end I have to start a payment transaction. To start a payment I have to send to the mpayment API this DTO :
public class ConsoleUserTransactionDto implements Serializable {
/**
*
*/
private static final long serialVersionUID = -8437815814701080539L;
private BigDecimal amount;
private Boolean isCashIn = false;
private String mobileMoneyServiceCode;
private TransactionActionEnum action;
private String phoneNumber;
private Long developerUuid;
private Long companyUuid;
}
}
I need first, before starting the transaction payment to validate the developerUuid and the companyUuid, to make sure they exists.
So my question is : - Should I call a web service from my mPayment micro service that calls mConsoleUser to validate the information before starting the trancation ? - Should I develop a 3rd micro service, called by the front that calls mConsoleUser to validate all information, then calls mPayment to start the transaction ?
What is the best architecture ?
It would be best if you had validation in m-Payment since it may get calls from other systems and attackers. So, it would help if you made sure that m-Payment does not execute unauthorized or false requests. If it is likely to send incorrect information frequently from the frontend, then you can consider implementing microservice for m-ConsoleUser called by the frontend. As an example, if relations may change often, then the frontend may send outdated data to backend, and it may cause many different responses other than 2XX.
However, even if you use validation service on the frontend, you still need validation in m-Payment, since we generally create backend architectures independent from the frontend. So, the backend should not rely on the validation on the frontend.