Payment Orchestrator

Theme

04.04 Back Office Workflows

Status: draft for discussion

1. Goal

This document describes the main Back Office workflows expected in the MVP.

The page list explains what screens are needed. This document explains how users move through them.

2. Prepare Merchant for Deposits

Platform user should be able to:

  1. create merchant;
  2. create brand;
  3. grant provider access when needed;
  4. create or invite users;
  5. assign roles in merchant or merchant group context;
  6. create API key;
  7. create payment method inside brand;
  8. configure routing;
  9. publish routing;
  10. create test deposit;
  11. verify transaction, callback, webhook, and timeline.

Back Office should make missing steps visible.

3. Configure Payment Method

User should be able to:

  1. open Merchant section;
  2. select merchant and brand;
  3. open Payment Methods / MID;
  4. create payment method;
  5. open blueprint;
  6. create draft;
  7. add rules and conditions;
  8. select MASTER MID GROUP targets;
  9. configure fallback route;
  10. preview routing;
  11. publish version.

Payment method without published routing must not accept production traffic.

4. Configure Execution Layer

Platform user should be able to:

  1. open MASTER MID;
  2. configure processing fee;
  3. open second-level blueprint;
  4. create SUB MID GROUP;
  5. connect SUB MID or SUB MID AGGREGATOR;
  6. configure sequence or weight;
  7. configure fallback;
  8. configure velocity limits;
  9. configure conversion fee;
  10. publish changes.

Merchant users may get some of these capabilities later only if provider access and business rules allow it.

5. Investigate Transaction

User should be able to:

  1. open Transactions;
  2. filter by merchant, brand, method, status, date, amount, currency, user reference, or transaction identifier;
  3. open transaction details;
  4. review safe overview;
  5. review timeline;
  6. review routing path;
  7. review webhook history;
  8. review provider callback handling if access allows it;
  9. perform manual correction if access allows it;
  10. resend merchant webhook if access allows it.

The user should not need logs for normal investigation.

6. Manage Access

Platform user should be able to:

  • create platform users;
  • create merchant users;
  • create platform roles;
  • create merchant roles;
  • grant merchant access;
  • grant merchant group access;
  • grant provider access to merchant.

Merchant admin should be able to:

  • invite users inside available context;
  • assign allowed merchant roles;
  • manage users where their role allows it.

Merchant admin must not edit role permission sets.

7. Manage Secrets

Back Office should support:

  • API key creation;
  • API key rotation with grace period;
  • secret replacement for SUB MID / SUB MID AGGREGATOR;
  • hiding saved secret values;
  • audit trail for secret changes without exposing secret values.

8. Operational Review

Platform users should be able to review:

  • success rate issues;
  • webhook delivery issues;
  • suspicious callbacks;
  • routing rejections;
  • velocity limit rejections;
  • manual corrections;
  • audit history.

Exact operational dashboards are not part of MVP, but operational investigation surfaces are required.

Комментарии

Комментариев пока нет.