API Gateway
Platform coreEngine 10 of 12 · Edge · Go
AuthN/Z, rate limits, routing and versioning · Go.
API Gateway
The API Gateway is the single edge for the platform: authentication, authorisation, rate limiting, routing and versioning, written in Go. Every request — web, mobile, partner or public API — passes through it, so policy is enforced in one place.
Inside the API Gateway
AuthN / AuthZ
Identity and permission at the edge
Rate limiting
Protect services under load
Routing & versioning
Contract-first, versioned APIs
Single entry
One enforced edge for all traffic
The other engines
Every engine is built once and consumed by all four suites. That is the platform-first dividend.
Workflow Engine
Configurable approvals, stage gates and state machines
Forms Engine
Admin-built forms and data capture, no redeploy
Automation Engine
Runbooks, drills and event-triggered actions
Integration Engine
Source and target adapters, gov-platform connectors
IAM
One login, RBAC and tenant isolation across the platform
File Service
Sovereign document storage, legal hold and evidence
Notifications
Email, SMS and in-app alerting, centrally governed
Licensing
Per-tenant entitlement and packaging control
AI Services
Copilots, contract review and detection, RAG-ready
Event Bus
Ordered, per-tenant, replayable domain events
Observability
RPO/RTO/latency SLOs and platform-wide audit
See the platform core in a deep-dive
From the gateway to the event bus — a working session on how the engines fit together in your environment.