Generated SaaS Bounded Contexts

Target Architecture — Final-State Design

This page describes the common platform-level bounded contexts present in every Generated SaaS Product. Each generated product adds its own domain-specific contexts, but the contexts below form the reusable SaaS spine that the factory stamps into every product. The exact set varies per product; these are the cross-cutting contexts always present.

A Generated SaaS Product is partitioned into bounded contexts following Domain-Driven Design, exactly as the factory's own platforms are. Each context owns its aggregates, its data store, and its slice of the ubiquitous language; contexts communicate only through published events (canonical envelope) and explicit API contracts — never shared tables. This is what keeps a generated product modular, independently deployable, and regenerable context by context.

Common platform-level contexts

Bounded Context	Responsibility	Key Aggregates	Generating Template
Identity & Access	Authentication, users, roles, permissions, token issuance	User, Role, Permission	ConnectSoft.IdentityTemplate + ConnectSoft.AuthorizationServerTemplate
Tenancy	Tenant lifecycle, provisioning, isolation metadata	Tenant	ConnectSoft.Saas.TenantsTemplate
Subscriptions & Editions	Plans, editions, entitlements, metering, billing	Subscription, Edition	ConnectSoft.Saas.*Template
Domain Services	The product's specific business domain(s)	product-specific roots	ConnectSoft.MicroserviceTemplate
Notifications	Templated, multi-channel notification delivery	Notification	ConnectSoft.WorkerTemplate + ConnectSoft.Notifications.*
Audit	Immutable record of security- and compliance-relevant actions	AuditEntry	ConnectSoft.Saas.AuditTemplate
Reporting & Analytics	Report definitions, generation, analytics read models	ReportDefinition	ConnectSoft.MicroserviceTemplate
Configuration	Tenant- and product-scoped settings and feature flags	ConfigurationSetting, FeatureFlag	ConnectSoft.MicroserviceTemplate
Integration	External system connections and webhook subscriptions	IntegrationConnection, WebhookSubscription	ConnectSoft.Integration.*

Implementation Notes

Tenancy, Subscriptions & Editions, and Audit are generated from the ConnectSoft.Saas.*Template family, which encodes ConnectSoft's multi-tenant SaaS patterns. Identity & Access is split across two templates — ConnectSoft.IdentityTemplate (user/role/permission domain) and ConnectSoft.AuthorizationServerTemplate (OpenIddict token issuance) — but is treated as a single logical context.

Context map

flowchart TB
    subgraph Spine["SaaS Spine Contexts"]
        Tenancy["Tenancy"]
        Identity["Identity & Access"]
        Subscriptions["Subscriptions & Editions"]
        Config["Configuration"]
    end

    subgraph Domain["Domain Contexts"]
        DomainSvc["Domain Services<br/>(product-specific)"]
    end

    subgraph Supporting["Supporting Contexts"]
        Notifications["Notifications"]
        Audit["Audit"]
        Reporting["Reporting & Analytics"]
        Integration["Integration"]
    end

    Identity -->|"upstream: identity"| DomainSvc
    Tenancy -->|"upstream: tenant context"| Identity
    Tenancy -->|"upstream: tenant context"| Subscriptions
    Tenancy -->|"upstream: tenant context"| DomainSvc
    Subscriptions -->|"entitlements"| DomainSvc
    Config -->|"feature flags"| DomainSvc
    DomainSvc -->|"domain events"| Notifications
    DomainSvc -->|"domain events"| Reporting
    DomainSvc -->|"audited actions"| Audit
    Identity -->|"audited actions"| Audit
    Subscriptions -->|"audited actions"| Audit
    Integration -->|"inbound/outbound"| DomainSvc
    DomainSvc -->|"outbound webhooks"| Integration

Hold "Alt" / "Option" to enable pan & zoom

Context relationships

• Tenancy is upstream of everything. Every other context is a downstream consumer of tenant context; the tenantId it owns is the isolation boundary all other contexts enforce. Relationship pattern: Customer–Supplier with Tenancy as supplier.
• Identity & Access is upstream of Domain and Supporting contexts. Authentication and authorization decisions flow outward; domain services consume identity as a conformist relationship via the shared token contract.
• Subscriptions & Editions gate domain capability. Entitlements derived from a tenant's edition are published and consumed by domain services to enable/disable features — an Open Host Service exposing entitlement queries.
• Supporting contexts are downstream consumers of domain events. Notifications, Reporting, and Audit subscribe to events emitted by domain and spine contexts; they never call back synchronously, preserving loose coupling.
• Integration is an Anti-Corruption Layer. It translates external system models into product events and vice versa, shielding domain contexts from third-party schemas.

How contexts map to the pillars

• Traceability — context boundaries are crossed only by enveloped events carrying traceId/correlationId, so cross-context flows are reconstructable end to end.
• Reusability — the spine and supporting contexts are generated from shared ConnectSoft.Saas.* and ConnectSoft.* templates, identical in shape across every product.
• Autonomy — each context is generated and regenerated independently by its agent; changing one context's template does not force the others to change.
• Governance — Audit is its own context with an immutable store; policy and isolation are enforced at every boundary.
• Observability — each context is an independently observed unit with its own logs, metrics, and traces.
• Multi-tenant scale — Tenancy as an upstream supplier ensures every context shares one isolation model and can scale per tenant.

Related Pages

• Overview
• Microservices
• Aggregate Roots
• Events
• Data Model
• Naming Conventions
• Event Envelope