← Back to glossary

Backends for Frontends (BFF)

architecture PHP 7.0+ Advanced

debt(d8/e7/b7/t6)

d8 Detectability Operational debt — how invisible misuse is to your safety net

Closest to 'silent in production until users hit it' (d8), since no automated tool flags missing BFF; only manual analysis with Postman/Lighthouse reveals over-fetching and client mismatch, slightly less than d9 because performance monitoring may surface symptoms.

e7 Effort Remediation debt — work required to fix once spotted

Closest to 'cross-cutting refactor across the codebase' (e7), introducing a BFF requires standing up a new service tier, rerouting clients, and migrating aggregation logic — more than a single-component refactor but not a full architectural rewrite.

b7 Burden Structural debt — long-term weight of choosing wrong

Closest to 'strong gravitational pull' (b7), because once BFFs exist, every client-facing feature must decide which BFF owns it, contracts must be versioned per client, and team ownership boundaries shape future work.

t6 Trap Cognitive debt — how counter-intuitive correct behaviour is

Closest to 'serious trap' (t6-7), the misconception that BFF causes duplication leads teams to push business logic into it, contradicting its orchestration-only role; common mistakes confirm this is a frequently-misunderstood pattern, slightly below t7 since the naming does suggest its purpose.

About DEBT scoring → scored by claude-opus-4-7 · 2026-05-06 · reviewed by human

Also Known As

BFF backend for frontend client-specific API API aggregation layer

TL;DR

A dedicated API layer per frontend client (mobile app, web app, third-party) — each BFF aggregates and transforms microservice data for its specific client's needs.

Explanation

Rather than one general-purpose API serving all clients, the BFF pattern creates a thin backend layer per frontend type. The mobile BFF returns compact responses optimised for bandwidth; the web BFF aggregates multiple services into one round trip; the partner BFF exposes only allowed data. Benefits: frontend teams own their BFF, optimise responses without affecting other clients, evolve client-specific contracts independently, and handle client-specific auth concerns. Common with microservices architectures where different clients need very different data shapes.

Diagram

flowchart TD
    subgraph Clients
        MOB[Mobile App]
        WEB[Web Browser]
        PART[Partner API]
    end
    subgraph BFFs
        MOB_BFF[Mobile BFF<br/>compact responses]
        WEB_BFF[Web BFF<br/>aggregated responses]
        PART_BFF[Partner BFF<br/>restricted data]
    end
    subgraph Microservices
        US[User Service]
        OS[Order Service]
        PS[Product Service]
    end
    MOB --> MOB_BFF
    WEB --> WEB_BFF
    PART --> PART_BFF
    MOB_BFF & WEB_BFF & PART_BFF --> US & OS & PS
style MOB_BFF fill:#1f6feb,color:#fff
style WEB_BFF fill:#238636,color:#fff
style PART_BFF fill:#6e40c9,color:#fff

Common Misconception

✗ BFF creates code duplication — shared business logic stays in backend services; BFF only handles aggregation, transformation, and client-specific concerns — the duplication is intentional.

Why It Matters

Without BFF, mobile clients over-fetch large responses, or the general API grows complex conditional logic to serve every client type — BFF keeps both the API and clients clean.

Common Mistakes

Putting business logic in the BFF — BFF should only orchestrate and transform, not implement rules.
One BFF for all clients — defeats the purpose; each client type should have its own.
BFF team owned by the backend — frontend teams should own their BFF for true independence.
Not versioning the BFF — BFF contracts must be versioned like any other API.

Code Examples

✗ Vulnerable

// One API trying to serve everyone:
GET /api/product/42
// Mobile needs: name, price, thumbnail (3 fields)
// Web needs: full details, reviews, related (20 fields)
// Partner needs: name, sku, stock only (3 different fields)
// Response: all 25 fields to everyone
// Mobile: 10kb response, uses 500 bytes — 95% wasted

✓ Fixed

// Separate BFFs per client:
// mobile-bff/product/42:
GET /mobile/products/42 → { name, price, thumbnail }  // 200 bytes

// web-bff/product/42 — aggregates from 3 services:
GET /web/products/42 → { name, price, images, reviews, related }  // Full

// partner-bff/product/42:
GET /partner/products/42 → { name, sku, stockLevel }  // Partner contract

References

↗ https://samnewman.io/patterns/architectural/bff/

Tags

architecture microservices api-design

Added 16 Mar 2026

Edited 22 Mar 2026

Curated in Warsaw under one editorial standard. 1,445 terms, single voice. About this reference →

Rate this term

No ratings yet

🤖 AI Guestbook educational data only

| |

Last 30 days

Agents 0

No pings yet today

No pings yesterday

Perplexity 7 Amazonbot 7 Unknown AI 2 Google 1 Ahrefs 1

Also referenced

Microservices 36 API Versioning 29 API Gateway Pattern 22 GraphQL vs REST vs gRPC 19

How they use it

crawler 18

Related categories

architecture 1.9k api_design 532

⚡ DEV INTEL Tools & Severity

🔵 Info ⚙ Fix effort: High

⚡ Quick Fix

Create a thin PHP BFF that aggregates data from multiple internal services for a specific client (mobile, web, partner) — tailor the API shape to what each client actually needs

📦 Applies To

PHP 7.0+ web api

🔗 Prerequisites

API Design Principles Microservices GraphQL

🔍 Detection Hints

Single API serving mobile and web with very different data needs; mobile app fetching 10x more data than it displays

Auto-detectable: ✗ No postman lighthouse

⚠ Related Problems