NLX is an open source peer-to-peer system facilitating federated authentication, secure connecting and protocolling in a large-scale, dynamic API landscape with many organisations.
The need for the creation of NLX arises from the Common Ground vision, which aims to convert or replace the current monolithic information systems of Dutch municipalities (and wider government) with a state of the art, API-first software landscape, fulfilling societal demand for automation, transparency and privacy.
In this vision, everyone should be able to use API’s in other organisations as easy as their own, while core data objects should only be manipulated by the one administratively responsible and used by all others. An additional advantage is that public data can easily be made available to everyone. To make this technically feasible in a controllable manner, NLX comes in play.
NLX provides a developer friendly way to use standardised resources between organizations. It provides an API gateway for querying services on the central network as well as an API gateway to offer services to the central network. NLX provides support for HTTP/1.x services like REST/JSON and SOAP/XML. The support for HTTP/2 (gRPC) is a work in progress.
Warning: Please note the current NLX software only serves as a proof of concept and is therefore not suitable for production usage.
High level overview
Within the NLX network there are two main concepts: applications and services. Applications are only available within organizations and usually provide users an interface to query and mutate data. Services provide an API to applications and are accessable within and across organizations.
NLX provides two different types of API gateways: the inway and outway. Through an inway an organization can provide services to the network and through an outway an organization can query services on the network. The gateways are usually deployed centrally within the organization although it is possible for one organization to deploy multiple instances of inway and outway.
Here you can see a full request-response flow on NLX. An application performs a request on the outway within the same organisation. The outway routes the request to the inway of the organisation providing the service. The inway routes the request to the service. The service responds to the request and this response is routed through the NLX network, to the outway and arrives at the application.