ApiGateway ASP.NET Core Web API Will use YARP (Yet Another Reverse Proxy) or Ocelot for routing Responsible for authentication, authorization, threat detection, rate limiting

UsersService ASP.NET Core Web API Handles: User registration, login, roles (Admin, User) Issues JWT tokens

OrdersService (dummy service for testing) ASP.NET Core Web API Returns fake order data (GET /orders, POST /orders) Some endpoints restricted by role (e.g., Admin can delete orders)