Skip to content
IA.00Infrastructure architecture

The platform stack, end to end.

Seven architecture pillars compose the FlyttGo platform — multi-tenant SaaS, API-first interoperability, Kubernetes orchestration, multi-region deployment, identity federation, payment infrastructure, append-only data pipeline. Same contract under every deployment substrate.

IA.0X·Architecture pillars
  • IA.01

    Multi-tenant SaaS architecture

    Per-tenant schema isolation, tenant-scoped encryption keys, row-level security policies. Compute and storage logically partitioned per organization with optional dedicated-pool deployment.

  • IA.02

    API-first interoperability

    Every platform capability addressable via versioned REST endpoints. OpenAPI 3.1 specifications generated per release; GraphQL gateway federates across modules where joins span planes.

  • IA.03

    Kubernetes orchestration

    Workloads scheduled on Kubernetes — managed (GKE / EKS / AKS) or sovereign-cluster equivalents. Helm-charted releases, GitOps-driven rollout via Argo CD, pinned via Sigstore-signed images.

  • IA.04

    Multi-region deployment model

    Primary regions, secondary regions, sovereign environments selectable per tenant. Region-aware DNS routing, asynchronous cross-region replication, residency tags enforced at the data layer.

  • IA.05

    Identity federation compatibility

    OIDC and SAML 2.0 federation as first-class. eIDAS LoA mapping, qualified-signature flows, cross-border attribute exchange via Identra. Workspace SSO into the entire module surface in one hop.

  • IA.06

    Payment infrastructure compatibility

    PSD2-ready strong customer authentication, open-banking endpoints, ISO 20022 messaging, transaction-monitoring hooks. Settles into the same audit envelope as identity and operations events.

  • IA.07

    Data pipeline structure

    PostgreSQL primaries with logical replication; Kafka-style stream backbone for cross-module events; columnar warehouse for analytics. Append-only audit_log captures every mutation as JSONB before/after.

IA.SK·Layered stack

Seven layers, one orchestration contract.

  • L.07
    Edge
    CDN · WAF · region-aware DNS · TLS 1.3
  • L.06
    Identity
    Identra · OIDC · SAML 2.0 · eIDAS · MFA · qualified signatures
  • L.05
    API gateway
    Versioned REST · GraphQL federation · per-tenant rate limits
  • L.04
    Orchestration
    Kubernetes · Helm · Argo CD · Sigstore-signed images
  • L.03
    Modules
    Transify · Workverge · Civitas · EduPro · Identra · Payvera · Ledgera · FlyttGo
  • L.02
    Data
    PostgreSQL primaries · logical replication · Kafka stream · columnar warehouse
  • L.01
    Observability
    Centralised logging · OpenTelemetry traces · tamper-evident audit_log

Same orchestration contract under every deployment substrate — FlyttGo-managed, customer cloud, sovereign datacenter.

CR.00 / TS.00

Security & trust signals

SOC 2 / ISO 27001 alignment, SBOM, Sigstore-signed releases.

Open
SV.00

Sovereign deployment

National hosting + data-residency posture.

Open
API.PG

Live API playground

Pick an endpoint, hit Send, see the real response.

Open playground