Overview
The Brighthive backend is a GraphQL API built with Apollo Federation v2, deployed on AWS Lambda behind API Gateway. It serves as the central coordination layer between the webapp, BrightAgent, and all customer infrastructure.Architecture
GraphQL API
Apollo Federation v2 running on Lambda + API Gateway. Provides a unified query interface for all platform operations at
api.{env}.brighthive.net.Neo4j (SSOT)
Graph database on EC2 storing all metadata, lineage, user/workspace/org relationships, and data asset catalog. The single source of truth for the entire platform.
Cognito Auth
Two user pools — Platform (customer users) and Internal (admin). JWT tokens authenticate all API requests via API Gateway custom authorizers.
DynamoDB
Stores account mappings (
S3BucketsByAccount) and data asset references (TableIdsByDataAssetUuid) for fast lookups.Key Responsibilities
- Authentication & Authorization — Cognito JWT validation, workspace-scoped access control.
- Data Catalog Operations — CRUD operations on data assets, schemas, and metadata in Neo4j.
- Workspace Coordination — Routes queries to the correct workspace’s Redshift API based on Neo4j metadata.
- User Management — User creation, workspace membership, role assignment.
- Ingestion Orchestration — Coordinates file uploads, Airbyte connections, and data onboarding workflows.
- Service Integration — Connects to OpenMetadata, Stream.io, Redis, and customer infrastructure.
Supporting Services
- Redis — Caching layer for frequently accessed metadata and API responses.
- OpenMetadata — Unified metadata catalog integration via the Internal API stack.
- Stream.io — Powers real-time collaboration and chat within the webapp.
- S3 + CloudFront — Static asset hosting and delivery.
API Endpoints
api.{env}.brighthive.net— Main GraphQL API (Apollo Federation).api.{env}.brighthive.net/ogm— Neo4j Object-Graph Mapping endpoint.