Services
| Service | Port | Runtime | Purpose | Key specs |
|---|---|---|---|---|
| apps/web | 6200 | Next.js 15 · React 19 · Node 20 | UI, patient + provider + admin consoles, decision-graph UI | Spec 014, 015, 017, 018, 056, 058 |
| apps/api | 6201 | NestJS 10 · TypeScript strict · Node 20 | Core business logic, envelope encryption, RBAC + consent, audit | Spec 001, 002, 004-015, 018, 019, 020, 021 |
| apps/ml | 6202 | FastAPI · Python 3.12 · Pydantic v2 | ASR, NER, CDS, Coding AI with dual-LLM | Spec 001 (FR-006), 041 |
| memory-store | 6401 | FastAPI · motor · Python 3.12 | Knowledge graph + hybrid retrieval + MCP server | Specs 026, 028, 042-047, 060 |
| research-engine | 6402 | FastAPI · motor · Python 3.12 | 5 agents + 12 trusted-source connectors + change-stream pipeline | Specs 032, 048, 049, 050, 051, 055, 061 |
| orchestrator | 6403 | FastAPI · motor · Python 3.12 | 6-phase hypothesis candidate lifecycle | Specs 027, 034, 037, 040, 052, 053, 059 |
| model-optimization | 6404 | FastAPI · motor · Python 3.12 | Decision graph + eval + outcome feedback + benchmark | Specs 030, 033, 035, 038, 057, 062 |
| apps/landing | static | Plain HTML + Tailwind CDN | Public marketing page (deployed to Azure SWA) | — |
| apps/docs | static | Docusaurus | This site (deployed to Azure SWA) | — |
Inter-service comms
All comms are HTTP + service-account JWT (FR-KIA-012). No shared DB connections, no cross-service Python imports.
Database footprint
| Service | Collections accessed |
|---|---|
| apps/api | users, patients, encounters, notes, care_teams, referrals, consents, audit_events, organizations, family_groups, notifications, ehr_imports, refresh_sessions |
| apps/ml | llm_call_logs (writes encrypted prompt/output; posts audit to api via service JWT) |
| memory-store | memory_entities, memory_relationships, memory_claims, research_sources, retrieval_audit |
| research-engine | research_tasks, correlator_findings, replicator_findings, librarian_findings (+ reads memory-store via HTTP) |
| orchestrator | orchestration_candidates, orchestration_runs, candidate_outcomes (writes only; reads memory-store via HTTP) |
| model-optimization | experiment_traces, decision_graph_nodes, dpo_preference_pairs (reads llm_call_logs.metadata + retrieval_audit) |
Every PHI-bearing write goes through FieldEncryptionService (FR-005).
Health checks + observability
| Service | Health endpoint | Audit source |
|---|---|---|
| apps/api | GET /api/health | api |
| apps/ml | GET /api/ml/health | ml |
| memory-store | GET /api/memory/health | memory-store |
| research-engine | GET /api/research/health | research-engine |
| orchestrator | GET /api/orchestrator/health | orchestrator |
| model-optimization | GET /api/optimization/health | model-optimization |
Every service exports:
- Azure Monitor traces (distributed via W3C trace-context)
- OpenTelemetry counters on per-route latency + status
- Audit events (every security-relevant action)