REST API

Enterprise NestJS framework for building secure, observable REST APIs with authentication, authorization, and request tracking.

What It Does

The REST API provides a complete, production-ready infrastructure layer for NestJS applications. It abstracts common concerns like authentication, authorization, error handling, request logging, validation, and task processing—enabling developers to quickly bootstrap REST APIs with built-in security, monitoring, and consistency across services.

Key Capabilities

Capability	Description
Multi-Layer Authentication	Firebase JWT, Google OIDC, and API key authentication
Fine-Grained Authorization	Role-based and permission-based access control with decorators
Request Tracking	Comprehensive request logging with Pub/Sub event publishing
Global Error Handling	Standardized error responses with context logging
Data Validation	Custom pipes for transformation and class-based validation
Task Processing	Background job processing with rescheduling support
Security Headers	Helmet integration with CORS and IP whitelisting
File Uploads	Multipart form data handling with streaming support
Caching	Redis with automatic fallback to in-memory cache
Internationalization	nestjs-i18n integration for multi-language support

Configuration

Environment Variables

SKIP_REDIS - Force in-memory cache
VERIFY_TOKEN - Enable Firebase JWT validation
VERIFY_OIDC_TOKEN - Enable Google OIDC verification
SKIP_ROLES_CHECK - Bypass permission checks
GATEWAY_SUFFIX - Customize API route prefix

Module Options

routeRoles - Route-specific role access control
routeGuards - Dynamic guard application
environmentConfig - Environment validation
config - YAML configuration paths
i18n - Internationalization paths
serviceId - Task service identifier

Exports

Bootstrap Functions

bootstrapRest()
bootstrapRestNoBodyParser()

Modules

RestModule
TasksModule
BaseAppRestModule
BaseTaskAppModule
YamlConfigModule

Guards

FirebaseAuthGuard
GoogleAuthGuard
IPCGuard
HasPermissionsGuard, HasAnyPermissionGuard, HasAllPermissionsGuard
UserTypeGuard
RequireCustomClaimGuard
IpAddressGuard
RequireContentTypeGuard
DynamicGuard

Pipes

DatePipe, StringPipe, ParseJSONPipe
E11ValidationPipe, ParseClassPipe, StrongValidationPipe

Decorators

@Public(), @Internal(), @External()
@Claim(), @TenantId()
@ValidateBody(), @TransformBoolean(), @SanitizeHTML()
@IpAddresses(), @AllowUserType(), @RequireContentType()
@HasPermission(), @HasAnyPermissions()

Error Handling

GlobalExceptionHandler
SensitiveDataErrorHandler
ApiError utilities

Services

RequestAuthService
RolesService
ClaimsValidationsService

Utilities

FileStream
extractUserInfo
redisOrDefaultCache
Body parsing middleware

Common Use Cases

REST microservices: Build secure REST APIs with authentication and authorization
Background job APIs: Process async tasks with Cloud Tasks integration
Multi-tenant SaaS: Tenant-isolated APIs with Firebase multi-tenancy
Admin dashboards: Internal APIs with permission-based access control
File upload services: Handle file uploads with streaming and validation
Event-driven APIs: Publish request events to Pub/Sub for analytics
Internationalized APIs: Support multiple languages with i18n

What Customers Don’t Have to Build

NestJS application bootstrap
Security header configuration (Helmet)
CORS policy management
Multi-layer authentication (Firebase, Google, API keys)
Permission-based authorization
Request tracking and logging
Global error handling
Sensitive data filtering
Data validation and transformation
Task processing infrastructure
Caching with Redis fallback
File upload handling
User information extraction from JWTs
YAML configuration loading
Internationalization infrastructure
Health check endpoints
Graceful shutdown handling
API versioning
Service name prefixing
Telemetry initialization