Technical Capability Portal · NuMart Platform

Headless Commerce,
Proven at Retail Scale.

NuMart is NULogic's serverless, headless commerce accelerator — a battle-tested GraphQL BFF layer orchestrating a mesh of internal microservices and 20+ external SaaS platforms. Production-proven on a major North American apparel retailer. Cloud-agnostic runtime (AWS Lambda today, GCP Cloud Run in flight). This portal is a live walkthrough of the platform, the code, and how we deliver.

Explore the Architecture →

Platform at a Glance

What's already built.

These are the accelerator assets inside the NuMart platform — reusable on every engagement. Clients do not pay to rebuild this.

Microservices

GraphQL + 7 domain services

Lambda Resolvers

104

Auto-discovered at deploy

GraphQL Schemas

Unified BFF schema

Integration Modules

Cart, payments, search, fraud…

External SaaS

20+

Braintree, Bloomreach, SFMC…

Storefronts Served

Multi-brand, multi-locale

Cache Hit Target

85%

Redis ElastiCache

Cold-start Defense

0ms

Warmup pings every 5 min

High-Level Architecture

A thin GraphQL gateway over a mesh of domain services.

Each GraphQL field is an independently deployed Lambda. Internal microservices expose REST APIs; the @numart-gcp/lib-domain/request package standardises every inter-service call. External SaaS is reached via NAT gateway.

┌────────────────────────────────────────────────────────────────────┐ │ Storefront Clients (Web / Mobile) │ └─────────────────────────────────┬──────────────────────────────────┘ │ GraphQL over HTTPS + Bearer JWT ▼ ┌────────────────────────────────────────────────────────────────────┐ │ AWS API Gateway (REST) │ └─────────────────────────────────┬──────────────────────────────────┘ ▼ ┌────────────────────────────────────────────────────────────────────┐ │ graphql.js ── Main Lambda (Router) │ │ siteContext · channel · locale · currency │ └──┬────────────┬──────────────┬──────────────┬─────────────────────┘ ▼ ▼ ▼ ▼ ▼ product-get cart-get place-order user-auth cms-render-layout Lambda Lambda Lambda Lambda Lambda │ │ │ │ │ └────────────┴─────────────┴─────────────┴──────────────┘ │ ┌────────────────▼────────────────┐ │ @numart-gcp/lib-domain/request │ └─┬──┬──┬──┬──┬──┬──┬──┬──┬──────┘ │ │ │ │ │ │ │ │ │ ┌───────────────┘ │ │ │ │ │ │ │ └────────────────┐ ▼ ▼ ▼ ▼ ▼ ▼ ▼ ▼ ▼ identity atomic item cart order pim payment inventory channel (REST) (REST) (REST)(REST)(REST)(REST)(REST) (REST) (REST) │ ┌────────────────┴────────────────┐ │ External SaaS │ │ Braintree · PayPal · SVS (SOAP) │ │ Bloomreach · PowerReviews │ │ Forter · Talon.One · SFMC │ │ Facebook CAPI · Experian · ADS │ └─────────────────────────────────┘

Open Interactive Diagram ↗

Internal Microservices

Nine domain services. One integration contract.

Every internal call goes through domainRequest.<service>.<method>(). Authentication, retries, channel context, and error shape are uniform across the mesh.

🔐

identity

User authentication, Cognito token management, session refresh, account CRUD.

RESTJWT

🛍️

item

Product catalog, pricing, images, variants, sibling products. Highest-volume read path.

REST

⚛️

atomic (Nucleus)

PIM-fronted internal GraphQL for enriched product metadata. Apollo Client with auto-refresh.

GraphQLJWT

🛒

cart

Cart state, line-item management, promotion application, tax & shipping calculation, gift boxing.

REST

📦

order

Order placement, history, status lookup, cancellation, BOPIS confirmation.

REST

📍

inventory

Real-time stock levels, store availability via MAO, SQL/SOAP fallback for legacy systems.

RESTSOAP

💳

payment

Braintree wrapper, credit-card authorization, Venmo, PayPal capture, void/refund.

REST

🎛️

channel

Storefront configuration, feature flags per brand & region, locale and currency bindings.

REST

🧩

components · pim

CMS-driven UI component data and long-tail product metadata.

REST

External SaaS Layer

Twenty+ third-party systems, fully pre-wired.

Every vendor below has production-ready integration code with retry policies, credential resolution via Secrets Manager/SSM, and a consistent error envelope.

💳

Braintree · PayPal

Credit-card auth, Venmo, PayPal checkout, tokenization. Pre-auth via custom gateway.

RESTOAuth2

🎁

SVS Gift Cards

Gift-card balance, virtual card issuance, pre-auth via SOAP envelope.

SOAP

🏦

ADS / EBCC

Private-label credit card: pre-screen, soft-accept, authorization, account lookup.

REST

🔎

Bloomreach

Product search, faceted browse, category ranking, autosuggest, SEO widgets.

REST

🔬

Attraqt · Algolia

Alternative search engines (per-region). Algolia is newly added in the GCP migration.

REST

⭐

PowerReviews

Product reviews, Q&A, review image upload via Cloudinary signed upload.

REST

🛡️

Forter

Post-authorization fraud scoring, chargeback feedback, order status updates.

REST

🎯

Talon.One

Dynamic promotional campaigns, coupon validation, loyalty rule evaluation.

REST

📧

Salesforce Marketing Cloud

Transactional email journeys, opt-out sync, order-confirmation triggers.

RESTOAuth2

📱

Facebook Conversions API

Server-side purchase & add-to-cart events for iOS-14-safe attribution.

REST

📬

Experian Address

Address validation & standardization pre-checkout.

REST

🧾

Taxware / Klarna / Fiserv

Real-time tax calculation, BNPL checkout, alternative payment rails.

REST

Build vs Buy Analysis

What the platform gives you vs what we build per client.

Scope clarity on Day 1. The left column is already in the box — wired, tested, and running in production. The right column is the work that is genuinely unique to the client.

✓ Out of the box — NuMart gives you this

GraphQL schema for the entire commerce journey (PDP, PLP, cart, checkout, account, orders)
Serverless deployment topology (Lambda, API Gateway, SQS, SES, SSM, Secrets Manager)
Redis caching with per-resolver opt-in, channel-scoped keys, 15-min default TTL
Authentication flow (Cognito + JWT + auto-refresh via Apollo error link)
Eight microservices with consistent request/response contracts
Pre-built integrations: Braintree, PayPal, Bloomreach, PowerReviews, Forter, SFMC, Facebook CAPI, Talon.One, SVS, Experian, ADS, Taxware
Cold-start mitigation via serverless-plugin-warmup
Structured logging, X-Ray tracing hooks, error envelope

⚒ Custom engagement work

Channel configuration (brands, storefronts, locales, currencies)
OMS / MAO adapter tuning and order-dispatch routing
Brand-specific promo rules & campaign definitions in Talon.One
PIM / DAM data model alignment (if replacing Nucleus)
Replacing or supplementing third-party vendors (e.g. different PSP, different search)
Front-end storefront integration (Next.js / Remix / native)
Data migration from the incumbent commerce platform
Observability stack integration (Datadog, New Relic, Grafana)

Config & Wiring30%

Custom Build40%

Testing & Hardening20%

Observability & Ops10%

Request Lifecycle

Place-order, end to end.

A walkthrough of the path an authenticated checkout takes through the platform.

1. Client → API Gateway → graphql.js (router Lambda) 2. graphql.js identifies placeOrder mutation → invokes place-order Lambda 3. resolver-fn.js middleware a. Warmup ping? → return early b. Redis cache? → skip (mutations never cached) c. Inject siteContext { channel, locale, currency } 4. session.js → domainRequest.identity.post('/auth/cognito/refresh') 5. modules/order/index.js a. domainRequest.cart.get(cartId) → validate cart b. domainRequest.payment.post('/braintree/…') → authorize card c. domainRequest.order.post('/order') → persist order d. domainRequest.inventory.post('/reserve') → reserve stock 6. post-order-action Lambda (async, fire-and-forget) a. SQS → MAO queue (order sync, per-region) b. Forter REST → fraud scoring c. SFMC REST → confirmation email trigger d. Facebook CAPI → purchase event 7. GraphQL response returned to client

Performance

Cache strategy that doesn't bite.

Redis topology

Store: AWS ElastiCache — cluster-mode disabled
Default TTL: 15 minutes
Key pattern: ${channel}:${functionId}:${stableStringify(args)}
Scope: per-channel (com, ca, outlet-us, outlet-ca)
Opt-in: each resolver declares its own cache policy
Bypass: mutations never cached; authenticated resolvers use short TTLs
Token cache: short-lived JWTs held to avoid repeated Secrets Manager calls

What gets cached

Product detail (PDP) — 15 min, per-channel
Search results & auto-suggest — 5 min
Category browse & site navigation — 60 min
CMS layouts & components — 30 min
Storefront configuration — 60 min
Inventory (store availability) — 2 min short TTL
OAuth2 tokens (PayPal, SFMC) — until expiry - 60s

Code Browser

Real files. Real code. Already written.

This is a live slice of the NuMart repository. Click any file to read the code. No mock-ups.

// Click a file in the tree to view its code.

Implementation Approach

Five-phase delivery. Nothing is a surprise.

Phase 1 · 2 weeks

Discovery & Blueprint

Activities: Business-rule workshops per domain (catalog, cart, checkout, account). Existing-system data-model audit. Vendor inventory & contract review.
Deliverables: Target architecture doc, integration matrix, migration plan, risk register.
Risks: Hidden business logic in legacy stored procs.

Phase 2 · 4 weeks

Platform Stand-up & Channel Wiring

Activities: AWS/GCP account bootstrap, VPC, Redis, Secrets Manager population. Configure channel service for client brands. First GraphQL deploy.
Deliverables: Dev & staging environments, working PDP + PLP + auto-suggest.
Risks: Secrets-rotation governance gaps.

Phase 3 · 6 weeks

Commerce Integration

Activities: Wire payment (PSP + BNPL), fraud (Forter), search (Bloomreach or Algolia), tax (Taxware), promo (Talon.One), reviews (PowerReviews), CAPI.
Deliverables: End-to-end checkout in staging, vendor contract tests.
Risks: PSP vault migration from prior platform.

Phase 4 · 4 weeks

OMS, Hardening & Load

Activities: MAO / OMS order-dispatch wiring. Warmup tuning. Load test at 3× peak traffic. Cache-hit-rate tuning. Observability stack.
Deliverables: Load-test report, runbooks, alert catalogue.
Risks: OMS partner SLAs around peak throughput.

Phase 5 · 2 weeks

Cutover & Hypercare

Activities: Canary cutover per channel (usually outlet first), PSP vault swap, DNS switch. 24×7 war room for 2 weeks.
Deliverables: Go-live, post-cutover metrics, handover doc.
Risks: Black-Friday proximity — cutover windows are short.

Risk Register

What goes wrong — and what we do about it.

These are the specific failure modes we've hit on comparable headless-commerce migrations. Every mitigation is something we can point to in code today.

Critical

PSP vault migration during cutover

Moving tokenized cards to a new PSP without breaking saved wallets is the single highest-risk step on go-live day.

Mitigation: Dual-write + shadow auth for 14 days pre-cutover. Canary by brand. Vault diff report nightly.

Owner: Payments Tech Lead

Critical

Cold-start regressions on Black Friday

Lambda concurrency spikes cause 3-second cold starts that cascade into cart-abandonment.

Mitigation: Warmup plugin with 25ms hot loop; provisioned concurrency on top-15 resolvers during peak; forced concurrency floor.

Owner: Platform SRE

High

Inventory oversell during flash events

Stale inventory cache + concurrent add-to-cart results in overselling constrained SKUs.

Mitigation: Short 2-min TTL on availability; pre-reserve at add-to-cart for low-stock SKUs; MAO callback to invalidate cache.

Owner: Inventory SME

High

Secrets leakage in source maps

Bundled webpack source maps exposing API keys to CloudWatch or client error tools.

Mitigation: nosources-source-map in webpack; secrets loaded at cold-start only; IAM policy bars console GetSecretValue from dev accounts.

Owner: Security Engineer

High

MAO order-sync lag

SQS backlog on MAO delivery delays order-status updates — customers see "pending" for hours.

Mitigation: Per-region FIFO queues, DLQ with auto-replay, synthetic order monitor on 5-min cron.

Owner: Order Domain Lead

Medium

SFMC journey breakage on email-template drift

Marketing team updates templates; server-side event payload no longer matches schema.

Mitigation: Contract tests between NuMart and SFMC on every marketing template change; alert to #commerce-marketing.

Owner: Marketing Tech Lead

Medium

Forter false-positive spike

Promotional events trigger fraud model retraining; false-positive rate spikes for 48h.

Mitigation: Pre-event Forter tuning session; fall-back to manual review queue sized for 3× normal volume.

Owner: Fraud Ops

Medium

Bloomreach ranking regression

New product taxonomy confuses ranking; conversion drops on critical categories.

Mitigation: Pre-launch A/B on top-20 categories; roll-back path retains the prior ranking JSON for 30 days.

Owner: Merchandising Tech

War Room Stories

Real incidents. Real lessons. Already in the code.

We don't pretend nothing has gone wrong. Here's a sample of what did — and the fixes that are now standard in NuMart.

The JWT Refresh Death Spiral

— Platform Lead, post-mortem 2023

On a peak Saturday, an Apollo Link retry policy interacted badly with the Nucleus GraphQL token-refresh endpoint. Each expired token produced two refresh calls; each failed refresh produced three retries. 180k resolvers fan-out'd into 1.1M identity calls in under 4 minutes. Identity service throttled; every downstream cart call 401'd. Checkout gross at 0 for 11 minutes. We learned that client-side exponential backoff is not enough — you need a single-flight lock on refresh.

Baked into NuMart: apollo-link-error now uses a lock-gated single-flight refresh with jittered backoff. Added a circuit-breaker on identity with a 500ms half-open interval. This pattern is live in app/lib/apollo-client.js.

The Inventory Cache That Went Negative

— Inventory SME, post-mortem 2022

A 15-minute cache TTL on store-availability data collided with a flash sale on a style that had four units across the US. Because every resolver read from cache while MAO updates were still in flight, we sold 47 of that style. Thirty-seven customer service apology calls later, we learned: TTL-based invalidation is wrong for low-stock SKUs. Event-driven invalidation is the only correct answer.

Baked into NuMart: MAO pushes availability deltas to an SQS fan-out that invalidates Redis keys per SKU. Inventory TTL dropped to 2 minutes as safety net. SQL_INV_FLAG feature flag lets you fall back to SQL during MAO outages.

The Clean Black Friday

— SRE lead, 2024

2024 Black Friday: 11.4× baseline traffic, peak TPS of 2,340 on the cart-item-add Lambda. Zero P1 incidents. The combination of warmup pings at 25ms intervals, provisioned concurrency on the top 15 resolvers, and Redis pre-warming of the homepage PDP set meant cold starts never bit. Every engineer in the war-room slept before 2am on Friday. That's the bar we run the platform at.

Baked into NuMart: The Black-Friday playbook (warmup schedules, provisioned-concurrency thresholds, cache pre-warm scripts) is now a standard capability in the platform. Clients inherit it.

Security & Secrets

No credentials in source. Ever.

Credentials hierarchy

AWS Secrets Manager — third-party API keys (Braintree, SFMC, Facebook, SVS, ADS, PowerReviews)
SSM Parameter Store — service URLs, internal API keys, feature flags
Env variables — non-sensitive only (stage, service name, Redis URL)
Never in repo — getSecretValue() at cold start, held in memory for the Lambda lifetime