Solution Architecture
Overview
This document provides a detailed software design for the Workforce Management (WFM) system, built using a combination of Python/Django and Node.js, and deployed as microservices over Kubernetes. The system is designed to handle workforce management, reporting, and seamless integration with external contact center solutions.
Scope
The solution comprises several microservices, each with a distinct function, including authentication, core business logic, reporting, and external system integration. The document details the architecture, components, data flows, security, deployment strategy, and considerations for performance and scalability.
System Overview
Architecture
The architecture diagram illustrates the components of the Workforce Management (WFM) system, their interactions, and how they connect with external contact center solutions:
WFM: This is the core of the system and includes the Frontend and Backend Services.
Frontend: It provides the user interface to the users to perform their required actions.
Auth: It manages user authentication and authenticates the requests from the frontend and other backend services.
Core: It handles the core business logic of WFM.
Connector: It is an intermediary service between WFM and contact center solutions.
Reporting: It generates reports based on the data from core and connector services.
WFM Connector: A middleware component that facilitates communication between the WFM and external contact center solutions.
Contact Center Solutions: External systems that the WFM interacts with, including UCCX, UCCE, and EFCX.
Components and Interactions
WFM
Frontend
Functionality: The Frontend serves as the user interface for interacting with the WFM system. It provides access to the features like scheduling, reporting, and user management.
Interaction: The Frontend communicates directly with the backend services via RESTful APIs. It sends user requests (e.g., login, scheduling) to the respective services and displays the results.
Backend Services
The backend services are the core of the WFM system, responsible for handling all business logic, data processing, and system interactions. These services include:
Component | Technology | Functionality | Interaction |
---|---|---|---|
Auth Service | Node.js with Express.js | Manages user authentication using OAuth2 and JWT . It ensures secure access to the system after verifying JWT tokens in each request. It interacts with Keycloak for user authentication and manages internal service communication using a secure key in request headers. It interacts with the Keycloak API to generate admin tokens for appropriate users. | The auth service authenticates requests from the frontend and other backend services. It returns JWT tokens that are used to authorize further interactions within the system. |
Connector Service | Python, Django | Acts as the intermediary between the WFM system and external contact centers. It receives data from external systems like UCCX, UCCE, and EFCX, processes it, and forwards it to the core service for further action. | The connector service interacts with external contact centers through the WFM Connector. It also communicates with the core service to relay external data. |
Core Service | Python, Django | The core service handles the main business logic of the WFM system, including user management, scheduling, and skill matching. It processes data from the connector service and manages all critical operations such as shift assignments and user skill validations. | The core service receives requests from the frontend and the connector service. |
Reporting Service | Python, Django | Generates reports based on data from the core and connector services. It aggregates data from multiple sources to provide insights into workforce management, performance, and other critical metrics. | The reporting service fetches data from its own database, the core service, and the connector service. It provides the results back to the frontend for user access. |
WFM Connector
Functionality: The WFM Connector is a middleware that facilitates communication between the WFM system and external contact center solutions. It acts as a bridge, ensuring that data flows smoothly between the internal systems and external entities.
Interaction: The WFM Connector interacts with the connector service within WFM and external contact centers (UCCX, UCCE, EFCX). It retrieves data from external systems, which it passes to the connector service for further processing.
Detailed Workflow
User Authentication and Authorization
Login Request: A user attempts to log in via the Frontend.
Auth Service Interaction: The login request is forwarded to the auth service, which authenticates the user using OAuth2 through Keycloak.
Token Issuance: Upon successful authentication, the auth service issues a JWT token.
Token Usage: The JWT token is used in subsequent requests to backend services for authorization.
Admin Token: Admin token is generated for admin users through Keycloak.
Admin Token Usage: The admin token is used in subsequent requests to backend service for administrative tasks.
Data Integration from External Contact Centers
Data Transmission: The WFM Connector extracts data from the external contact centers (UCCX, UCCE, EFCX) and sends operational data to the WFM connector service.
WFM Connector Role: The WFM Connector acts as a conduit, transmitting the data to the connector service within the WFM system.
Data Processing: The connector service processes the data and stores it in its own database. This data is then available for use by the core service.
Core Working
Core Service Processing: The core service processes the request, considering the data received from the connector service (e.g., queue data, agents data) and the internal workforce data (e.g., user skills, roles).
Frontend Communication: This service uses the JWT token that is provided by auth service for all communication.
Reporting and Analytics
Data Aggregation: The reporting service aggregates data from the core and connector services.
Report Generation: Reports are generated, analyzing workforce performance, scheduling efficiency, and other key metrics.
Report Access: These reports are made available to users via the frontend, where they can view or download them.
Secure Communication and Data Handling
Internal Communication: All internal service communications are secured using a special key in the request headers, ensuring that only authorized services can communicate with each other.
Data Security: Sensitive data, such as user credentials and communication between services, is encrypted and handled with strict security protocols.
External and Internal Communication
Internal Protocol: HTTP is used for internal communication.
Internal Authentication: An internal authentication key is used for communication between the services.
External Protocol: HTTPS is used for external communication
External Authentication: For external communication, the JWT generated by the auth service is utilized.
Exhibit
Abbreviation | Full-form |
---|---|
WFM | Workforce Management |
JWT | JSON Web Token |
REST API | Representational State Transfer Application Programming Interface |
DB | Database |