ACL

The Anti-Corruption Layer protects the domain from external systems, legacy models, and contracts that should not leak into the business core.

What is an ACL?

ACL stands for Anti-Corruption Layer. It is a layer or pattern that prevents the concepts, models, and limitations of external systems from contaminating our internal domain.

Why is it needed?

Because external systems:

  • often have different models
  • are sometimes poorly designed
  • may use inconsistent naming
  • may impose technical rules we don’t want to propagate

If those models flow directly into the domain, we end up adapting our system to someone else’s decisions.

Core responsibilities

  • Encapsulate external adapters
  • Translate models
  • Isolate third-party dependencies
  • Apply retries and circuit breakers
  • Handle external technical quirks

Common cases

  • Integrating with Stripe or a payment provider
  • Connecting to a legacy ERP
  • External email service
  • Shipping providers
  • Legacy systems with incompatible models

What it protects exactly

It protects:

  • the language of the domain
  • the way entities are modeled
  • conceptual consistency
  • internal business rules

Central ACL vs. per-domain ACL

Sometimes the ACL is implemented as a central service or repository. Other times it is implemented per domain or per specific integration.

There is no single right answer. What matters is not creating an “integrations monolith” without clear ownership.

Practical example

Suppose the external ERP uses:

  • confusing field names
  • odd date formats
  • states that are incompatible with the domain

The ACL receives that data, translates it, and delivers to the domain a model that is understandable and consistent.

Summary

The ACL keeps the domain from deforming itself to fit external systems. It is a layer of protection, translation, and resilience.