Hello everyone, I am currently building a digital membership card system backend in Rust, and I am in the architecture planning phase. One of the key parts of the system is integration with external services, and I would like some guidance from experienced Rust developers. The system will include digital membership card (QR/token based) and a backend

API that will be used by multiple external platforms such as:

1. Authentication / security services (for example MFA or identity verification systems like Guardian-type integrations)
2. Third-party access control systems (for check-in / validation)
3. Possible CRM or membership management platforms
4. Optional mobile/web apps consuming the same API

What I am trying to figure out:

What is the best approach in Rust for designing secure and scalable API integrations?
Should I use a centralized service layer for all integrations or separate modules per integration?
Recommended patterns for handling API keys, tokens, and secure communication in Rust?
Any best practices for retry logic, rate limiting, and failure handling in external integrations?
Is there any preferred architecture style for such systems (microservices vs modular monolith)?

I want to make sure the system is production-ready, secure, and easy to extend with new integrations in future. Any suggestions or real-world experience would be really appreciated.

2 posts - 2 participants

Read full topic