System Architecture

Understanding the IRA FORCE platform architecture, components, and how they work together to deliver a comprehensive workforce management solution.

Architecture Overview

IRA FORCE is built on a modern, cloud-native microservices architecture designed for scalability, reliability, and security. The platform handles millions of clock events, incidents, and real-time communications daily across distributed teams.

Client Layer

📱 Mobile Apps iOS / Android

🌐 Web Portal React SPA

🖥️ Kiosk Mode PWA

🔌 API Clients REST / GraphQL

API Gateway Layer

🚪 Kong API Gateway Rate Limiting • Auth • Routing

Microservices Layer

👤 Auth Service

👥 Employee Service

📅 Scheduling Service

⏱️ Attendance Service

🚨 Incident Service

📍 Geofence Service

💬 Comms Service

📊 Analytics Service

Data Layer

🐘 PostgreSQL Primary DB

🔴 Redis Cache / Queue

📦 S3 File Storage

🔍 Elasticsearch Search / Logs

Core Services

Each microservice is responsible for a specific domain and communicates via REST APIs and message queues.

👤

Authentication Service

Handles user authentication, JWT token management, OAuth 2.0 flows, SSO integration, and API key management.

Node.js JWT OAuth 2.0

👥

Employee Service

Manages employee records, profiles, skills, certifications, and organizational hierarchy.

Node.js PostgreSQL GraphQL

📅

Scheduling Service

Handles shift creation, assignment, swaps, and AI-powered auto-scheduling based on availability and skills.

Python Celery ML Models

⏱️

Attendance Service

Processes clock-in/out events, manages timesheets, handles geofence validation, and calculates overtime.

Go Redis PostGIS

🚨

Incident Service

Manages security incident reporting, escalation workflows, evidence attachments, and client notifications.

Node.js S3 WebSocket

📍

Geofence Service

Real-time location tracking, geofence boundary management, zone alerts, and patrol route monitoring.

Go PostGIS Redis Geo

Technology Stack

Cloud Provider

IRA FORCE is deployed on AWS with multi-region support for US, EU, and APAC regions to ensure data residency compliance.

Backend Technologies

Languages: Node.js (v20 LTS), Python 3.11, Go 1.21

Frameworks: Express.js, FastAPI, Gin

Databases: PostgreSQL 15 with PostGIS, Redis 7, Elasticsearch 8

Message Queue: RabbitMQ, Redis Streams

Container Orchestration: Kubernetes (EKS)

Frontend Technologies

Web: React 18, TypeScript, Tailwind CSS, Vite

Mobile: React Native, Expo

State Management: Zustand, React Query

Real-time: Socket.io, WebSocket

Infrastructure & DevOps

Cloud: AWS (EKS, RDS, ElastiCache, S3, CloudFront)

CI/CD: GitHub Actions, Jenkins, ArgoCD

Monitoring: Prometheus, Grafana, Datadog

Logging: ELK Stack, CloudWatch

Infrastructure as Code: Terraform, Helm

Data Flow

Understanding how data flows through the system is crucial for debugging and performance optimization.

Clock-In Flow Example

1. Mobile App → API Gateway (Kong)
   ↓ JWT validation, rate limiting
2. API Gateway → Attendance Service
   ↓ Parse clock event, validate geofence
3. Attendance Service → Geofence Service
   ↓ Check employee location against site boundary
4. Geofence Service → Redis (PostGIS query cached)
   ↓ Return geofence validation result
5. Attendance Service → PostgreSQL
   ↓ Persist clock event
6. Attendance Service → RabbitMQ
   ↓ Publish "clock.created" event
7. Analytics Service → Consume event
   ↓ Update real-time dashboards
8. Notification Service → Push notification to supervisor

Security Architecture

Security is built into every layer of the IRA FORCE platform.

🔐 Authentication

Multi-factor authentication, biometric support, SSO via SAML/OIDC

🔒 Encryption

TLS 1.3 in transit, AES-256 at rest, field-level encryption for PII

🛡️ Access Control

Role-based access control (RBAC) with granular permissions

📋 Compliance

SOC 2 Type II, ISO 27001, GDPR, CCPA, HIPAA-ready

Next Steps

Next Environments → Related API Overview →