Environments

Local Development (Docker Compose)

Start the full stack: cd docker && docker compose up --build

Service	Base URL	Notes
Identity API	`http://localhost:5000`	IS7 OIDC discovery at `/.well-known/openid-configuration`
Platform API	`http://localhost:5004/platform/api/v1`	PlatformAdmin only
Admin API	`http://localhost:5002/admin/api/v1`	TenantAdmin / SuperAdmin
Shopper API	`http://localhost:5001/api/v1`	End customer / member
POS API	`http://localhost:5003/pos/api/v1`	POS terminals, 200ms SLA
SQL Server	`localhost:1433`	4 databases
Redis	`localhost:6379`	Feature flags, POS session cache
Admin Portal	`http://localhost:3001`	Next.js 16 UI
Platform Portal	`http://localhost:3000`	Next.js 16 UI
Developer Portal	`http://localhost:3002`	This site

Health Checks

Each API exposes health endpoints:

curl http://localhost:5002/health/live   # Liveness probe
curl http://localhost:5002/health/ready  # Readiness (SQL + Redis)

Environment Variables

Key variables for each API (see docker/docker-compose.yml for defaults):

Variable	Used by	Description
`ConnectionStrings__Identity`	All	SQL Server connection to RSA_Identity
`ConnectionStrings__Platform`	Platform API	SQL Server connection to RSA_Platform
`IdentityServer__Authority`	All APIs	IS7 base URL for JWT validation
`Redis__ConnectionString`	All APIs	Redis connection string
`Cors__Origins`	All APIs	Allowed frontend origins
`REQUIRE_TOTP`	Identity	Set `false` in dev to bypass MFA
`SendGrid__ApiKey`	Admin, Identity	Email sending
`DataProtection__BlobUri`	All	Azure Blob for key ring (prod only)

In local development the Data Protection keys are stored in ~/.aspnet/DataProtection-Keys. In production they are stored in Azure Blob Storage.

Staging & Production

Production base URLs follow the pattern https://api.{yourcompany}.com/{service}. Contact your platform administrator for environment-specific URLs. All production endpoints require HTTPS and enforce HSTS.