You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.

System Architecture

The EmpowerID system is built based on containerized server roles, including front-end UI, back-end job, various application microservices, and Database servers.  EmpowerID is architected to automatically balance jobs across multiple containers for a fully redundant processing capability. Each back-end job container instance communicates an "I'm alive" heartbeat with the database to verify its availability to process requests. All jobs operate in a process claim mode that allows any container to process any job or perform any role that it is configured to perform in concert with the other servers and services. Jobs and processes leverage queues so processes are not interrupted when servers go offline, and changes can be batched up and retried. The EmpowerID UI is stateless and load balanced. The databases are geographically mirrored, supporting automatic fail-over. Many of the modules operate as independent microservices that are published from EmpowerID as Azure App Services.

The EmpowerID application landscape includes the following components: 

  • Azure SQL Database  

  • EmpowerID Core Containers – UI and Worker

  • EmpowerID Microservices 

  • EmpowerID Workflow Developer Studio client application 

EmpowerID is implemented into three distinct environments for Development, User Acceptance, and Production.

EmpowerID’s SaaS service runs on Microsoft Azure as a highly scalable and available completely managed offering. EmpowerID Service Operations and Datacenter Operations will provision standardized core Service infrastructure in established Azure datacenter locations at a location agreed upon with the customer to facilitate data residency and latency requirements for the customer’s production EmpowerID Cloud Identity environment. See the production and non-production environment details in the Included Services section below. 

 Core service SaaS infrastructure setup includes: 

  • The required Azure Kubernetes Container infrastructure to operate the service

  • Network infrastructure setup and configuration, such as firewalls and load balancing

  • EmpowerID Cloud Identity database installation and configuration 

  • EmpowerID Cloud Identity container microservice deployments as per best practices 

  • Installation of quality-of-service monitoring software

  • Testing the EmpowerID Production environment by performing base configuration testing 

  • Disaster Recovery infrastructure setup and configuration

  • Service endpoints and URLs finalization

  • Service monitoring setup 

Reference Architecture