Architecture
Rafiki is a collection of three services that run together. Each one can be scaled horizontally.
- Backend - The main service, responsible for handling business logic and external communication
- Auth - A reference implementation of an Open Payments authorization server, used for grant authorization and authentication
- Frontend - An optional internal user interface, called the Rafiki Admin, for you to manage your Rafiki instance
These services rely on a number of databases.
- A Postgres database used by the
auth
service for storing auth-related resources (grants, access tokens, and interactions) - A Redis database used by the
auth
service to store session data - A Postgres database used by the
backend
service for Open Payments resources and application data -
TigerBeetle
, used by thebackend
service for accounting balances at the ILP layer - A Redis database used by the
backend
service as a cache to share STREAM connection details across processes
An additional package for token introspection is also included with Rafiki. This is an internal package that requires no action on your part if you’re using Rafiki’s auth
service.