Architecture
Overviews
API scopes
There are 2 difference API scopes in the system, one for external facing (frontend, public facing), one for internal facing (service-2-services communication)
Public or External-Facing Scope
- APIs openned to public through Gateway public IPs
- Handles communication between the frontend and internal services.
- Requires authentication, authorization, and security measures (using OAuth2 with Bearer authentication)
- Highly secured access
Internal-Facing Scope
- Facilitates communication between different backend services or components.
- Used for service-to-service communication within the system.
- User indentity is passed between services as raw values
- Internal services communications via internal or VPN network
- Less secured and doesn't have any protection
Internal access IPs (Production):
| Service | Public Access endpoint | Internal Access endpoint | API doc | Note |
|---|---|---|---|---|
| API gateway | https://api.namde.vn | http://10.20.236.40:3000 | https://api.namde.vn/api-doc/ | API doc will be closed for security |
| Auth service | No | http://10.20.236.40:3100 | http://localhost:3100/api-doc | |
| Payment service | No | http://10.20.236.40:3200 | http://localhost:3200/api-doc |
| Database | Access endpoint | Username | Password |
|---|---|---|---|
| PostgresSQL | http://10.20.236.163:5432 | 18kings.prod | ? |
| Mongo | http://10.20.236.163:27017 | 18kings.prod | ? |
| Redis | http://10.20.236.163:6379 | no | ? |