project · current employer

Resobridge

Enterprise trade finance compliance platform. I work as SDE II on the backend, building maker-checker workflow engines, fine-grained RBAC, audit logging, document management with Azure Blob, and async FastAPI services that integrate with external enterprise systems.

Role: SDE II (Backend) Company: Resobridge Year: 2025–Present Status: Live

FastAPIPython MongoDBBeanie ODM Azure BlobJWT RBACMaker-Checker

↗ Visit Live Site

Live Site: resobridge.com

Public-facing site for Resobridge. The backend platform I work on powers the trade finance compliance workflows and enterprise integrations behind the product.

https://resobridge.com

If preview doesn't load, the site may block embedding via security headers.

Open in new tab ↗

Backend Architecture

The core of the platform is a maker-checker workflow engine with audit logging, RBAC permissions, and document handling. Every state change is immutably logged; no action is final without the checker's approval.

Internal API: Maker-Checker Workflow Engine

Workflow State Machine: Trade Finance Request #TF-8841

📝

Draft

Maker creates

✓ Complete

→

📤

Submitted

Sent for review

✓ Complete

→

🔍

Under Review

Checker reviews

● In Progress

Request Details

Request ID#TF-8841

TypeLC Amendment

MakerArjun Mehta

CheckerPending Assignment

Documents3 uploaded ✓

Azure BlobStored ✓

StatusUnder Review

Permissions (Maker: Arjun)

create:draft submit:draft read:own upload:document approve:request delete:any

Audit Trail

Documents uploaded to Azure Blob (3 files)

14:22

Request submitted for checker review

14:18

Draft created by Arjun Mehta

14:05

JWT auth token verified, session started

14:04

Key Features

⚙

Maker-Checker Engine

State machine for financial workflows; every action by a maker requires checker approval before taking effect.

🔐

Fine-Grained RBAC

Permission model with resource-level scopes. Users have exactly the permissions their role grants, nothing more.

📋

Immutable Audit Logs

Every state transition, document upload, permission check, and login event is written to append-only audit collections.

☁️

Azure Blob Storage

All documents stored on Azure Blob with SAS-token-gated access, expiry control, and metadata indexing.

⚡

Async FastAPI

High-throughput async Python API. All I/O (DB, Blob, external calls) awaited for non-blocking concurrent request handling.

🔗

Enterprise Integrations

REST integration adapters for external enterprise risk, compliance, and trade finance platforms.

Technical Breakdown

FastAPI

Async Python web framework with Pydantic validation, OpenAPI docs generation, and dependency injection for auth middleware.

MongoDB + Beanie ODM

Async Beanie ODM for document modeling. Atomic session-based writes for workflow state transitions to ensure consistency.

Azure Blob Storage

Python Azure SDK for container management, blob uploads, metadata tagging, and time-limited SAS URL generation.

JWT Authentication

Asymmetric JWT (RS256) with short access tokens and refresh token rotation. Claims include role and permission scopes.

State Machine

Workflow state transitions modeled as explicit allowed edges. Invalid transitions rejected with 422 before any DB write.

Event Sourcing

Audit events written as immutable documents. The audit trail is the source of truth for compliance reporting.