Unifyia Platform Single-Server Deployment
The platform can be deployed as a self-managed solution in either a cloud or on-premises environment using a single-server deployment approach. In this deployment model, all required services for identity and access management (IAM) are hosted on a single server, consolidating all the key functionalities. This deployment model is well-suited for organizations that prefer a simplified infrastructure with minimal overhead while maintaining full control over their identity and access management framework. It allows for quick deployment, easier maintenance, and reduced complexity compared to distributed architectures.
This page provides you a brief understanding of the single-server deployment on cloud and on-premises to enable you to choose a deployment approach suitable for your organization. For more information, contact our team.
Refer to the Unifyia platform Cloud and On-premises architecture diagrams to get a brief understanding of how the various servers and microservices are integrated as a comprehensive solution for future-proof, agile identity and access management solution.
List of Services
The following are the services that are to be deployed as a apart of the cloud or on-premises, single-server deployment approach on a single server i.e. Unifyia Platform Server:
| Microservices | Description |
|---|---|
| Database | This service will be the primary database to store all the users, devices, identities, and other information that is required for enrollment and issuance. |
| Authentication | The service verifies the identity of users or other entities attempting to access a network or system. |
| Certificate Authentication | This service allows organizations to authenticate and verify a user's identity using certificates. It enables certificate-based authentication. |
| Config Server | This service manages all the required configurations of the platform. |
| CMS | The Credential Management Service manages the identities/credentials issued to the users. |
| API Gateway Service | This service allows third-party or client applications to integrate with the platform. For example, Unifyia ID Wallet interfaces with the platform for the issuance and management of digital identities using the API gateway service. |
| Certificate Authority Service | This service allows interfacing with the certificate authorities. |
| Gateway Service | This service allows interfacing with all the other microservices in the application server. |
| Notification Service | Manages the notification services - emails and SMS. |
| Reports Management Service | Manages the predefined report templates. Allows customized report generation. |
| User Management Service | Manages the users and various configurations required for the identity and access management orchestration. |
| Consul Service | This is a registry for service name to IP mapping. The service-to-service requests are managed by the consul service. |
Key Deployment Features
- Simplified Deployment & Management – Requires only a single machine (physical or virtual) to host all IAM services, reduces administrative overhead, and easy troubleshooting and maintenance.
- Flexible Hosting – Supports deployment on cloud providers (AWS) or on-premises data centers.
- Performance & Scalability Considerations – Optimized for small to medium-scale deployments with moderate traffic.
- Security & Compliance – Centralized management of security policies.
- Automation & CI/CD Support – Compatible with modern DevOps workflows and containerization (Docker, Kubernetes).
Unifyia Platform Architecture
Cloud Architecture
On-Premises Architecture
Cloud Deployment Specifications
The following are the prerequisites for the cloud deployment:
- Install the required softwares.
- Create a single EC2 instance for the required services with proper firewall (security groups) inbound rules to open the required ports internally in the network for the services to communicate with each other.
- Add the required DNS records in Route 53 or your domain.
- A full certificate chain and private key certificates are required to establish a chain of trust.
EC2 Instances
Since the single-server deployment is on single EC2 instance, Unifyia requires you to choose the configuration based on the number of users. The Unifyia-recommended hardware specifications are provided in the below table.
| Unifyia Recommended Requirements for the Unifyia Platform | ||
|---|---|---|
| Small | Medium | High |
|
RAM: 32 GB HDD: 100 GB CPUs - 4 |
RAM: 64 GB HDD: 150 GB CPUs - 8 |
RAM: 128 GB HDD: 300 GB CPUs - 16 |
On-Premises Deployment
The following are the prerequisites for the on-premises deployment:
- Install the required softwares.
- Require four servers one each for database, authentication, certificate authentication, and application.
- Required ports to be available internally in the Unifyia Platform Server.
- Add the required DNS records using the IP address of the Unifyia platform server where you are deploying the Unifyia platform. These records allow communication with downstream services.
- A full certificate chain and private key certificates are required to establish a chain of trust.
Server Specifications
The Unifyia platform will be deployed on a single machine. The Unifyia-recommended hardware specifications are provided in the below table.
| Unifyia Recommended Requirements for the Unifyia Platform | ||
|---|---|---|
| Small | Medium | High |
|
RAM: 32 GB HDD: 100 GB CPUs - 4 |
RAM: 64 GB HDD: 150 GB CPUs - 8 |
RAM: 128 GB HDD: 300 GB CPUs - 16 |
Softwares
The following table lists the supported operating systems and the software packages required for the deployment:
| Requirement | Software Flavors/Versions |
|---|---|
| Open JDK Java | Version 21 |
| Operating Systems | AWS Linux 2, RHEL v8+, Rocky Linux v8+, Ubuntu v22.04, Ubuntu v24.04, and CentOS Stream |
| Database | PostgreSQL |
| Docker | Latest Version |
| Docker Compose | Latest Version |
| jq | Latest Version |
| cURL packages | Latest Version |