H
Hub Finance PortalMojaloop switch operations
DFSP portalHub portal
Mojaloop hub operations

A generic operator + participant portal for any Mojaloop switch.

A loosely-coupled monolith with two scoped frontends — one for the hub operator, one for participating DFSPs — speaking native Mojaloop admin and FSPIOP shapes. Optional modules (Tazama for fraud, ALS for aliases) plug in via environment configuration so the same build runs for any country or scheme.

Open Hub portal Open DFSP portal
Backed by
Mojaloop APIs
Optional
Tazama module
Deploy
In-cluster, separate ns
ArchitectureMock first · live ready
Browser
  -> Next.js App  (app/(hub) | app/(dfsp))
       -> Next.js API   (app/api/**)
            -> lib/hub/client.ts
                 mock                         (default)
                 CENTRAL_LEDGER_ADMIN_URL     /participants, /positions, /limits
                 CENTRAL_SETTLEMENT_URL       /settlementWindows, /settlements
                 ALS_ADMIN_URL                /oracles, /parties
                 TAZAMA_API_URL               /alerts   (optional module)

Two scoped portals

Hub Operator portal

Used by the SPV / scheme operator and the supervising central bank. Full visibility over participants, positions, settlements, transfers, ALS and audit.

  • • Manage DFSPs, Net Debit Caps and pre-funding
  • • Open / close / finalize settlement windows
  • • ALS oracles and registered parties
  • • Hub-wide audit log and reporting
Open Hub portal

DFSP portal

Used by participating DFSPs. Strictly scoped to the caller's own fspId, both in the UI and on every API route.

  • • Own balances, NDC usage and funding history
  • • Own transfers and settlement participation
  • • Lookup a single transfer where they're a party
  • • Manage their own staff users
Open DFSP portal

What the demo covers

Hub operations

Participants, positions, NDC limits, funds in/out, settlement windows, ALS oracles & parties.

Audit

Tamper-evident record of every operator action on the hub, ready to be appended to a write-only store.

Reporting

Settlement reports, transfer activity, aggregates per DFSP and per currency.

Optional modules

Not every Mojaloop switch runs every module. The portal exposes optional capabilities in a clearly separated «Modules» section in the sidebar, gated by feature flags so a deployment can turn them off without code changes.

Tazama (fraud / AML)enabled

When enabled (NEXT_PUBLIC_TAZAMA_ENABLED=true) the hub portal exposes a fraud-alert queue with severity triage and decisioning. The Tazama module is isolated under /hub/modules/tazama and permissions are gated by tazama:*.

Account Lookup Service

Mojaloop ALS oracles + registered parties. Available by default; the portal shows oracle endpoints and a per-DFSP party list for routing instant payments by alias.

Role-based access

Permissions are enforced both in the UI and on every Next.js API route. Roles map to JWT claims from Keycloak / Ory in production; the demo ships a persona switcher in each portal so you can see how each role experiences the UI.

RoleScope
hub-adminAll hub permissions including users & roles
hub-operatorParticipants, positions/NDC, funds, settlements, ALS, Tazama read, audit
hub-finance-managerPositions, NDC, funds, settlements (incl. finalize), reports
hub-finance-viewerRead-only finance and reports
hub-fraud-analystTazama alerts (read/write), transfer lookup, audit
hub-reportingRead-only across the hub for reporting
hub-user-managerManage users and role assignments
dfsp-admin / finance / operator / viewerSelf-scoped DFSP access, never cross-DFSP