Broadleaf Microservices
  • v1.0.0-latest-prod

Broadleaf Commerce Microservices


Broadleaf Commerce combines a fully (extensible) set of microservices with a rich, unified admin.The services are ideal for use as a headless API for custom applications. The (Reference Architecture) article shows more about the logical configuration of Broadleaf services.

Tech Stack

Broadleaf services are built using Java and the Spring Framework. See the (Tech Stack) article for more about the technologies used in Broadleaf.

Layered Architecture

Each service uses a layered architecture with endpoints, services, domain mapping, and persistence tiers. The article on Service Anatomy explains this further.

Deployment Options

Each service can be deployed separately and scaled independently or composed together for ultimate Deployment Flexibility.

Broadleaf can be deployed in AWS, Azure, Google Cloud, as well as private data centers.

Performance and Scalability

Broadleaf Microservices are each horizontally scalable and can be autoscaled when deployed as part of a Kubernetes (or other competing containerization strategy) managed pod.


The Broadleaf framework provides many security aspects. Broadleaf provides an AuthorizationService which can be used by customers and admins to generate secure oAuth tokens (JWT) for making service API calls.

Broadleaf uses a Policy annotation to protect endpoints and data with the ability to have role based access for read and write operations. Broadleaf uses an "ownership" security model for items like a cart or customer record that allows the authenticated user to call APIs to access their specific records while protecting the records of other customers.

See the (Security) article for more details.