Deployment and Architecture
Appice fits three deployment models — SaaS multi-tenant, single-tenant cloud, and fully on-premise — to match your sovereignty, latency, and integration constraints. This page covers the architecture, integration points, and scale targets your IT and infra teams need.
Three deployment models
SaaS multi-tenant
Default. Run on Appice's managed cloud in your chosen region.
- Time to provision: hours
- Logical tenant isolation
- Auto-scaling, auto-patching
- SLA: 99.95% uptime
- Per-event pricing
Single-tenant cloud
Dedicated VPC and database for customers with sovereignty or peering needs.
- Time to provision: 2–4 weeks
- Network isolation at VPC level
- Optional VPC peering with customer
- SLA: 99.95% uptime
- Annual capacity-based pricing
On-premise
Run Appice inside your own data center or sovereign cloud.
- Time to provision: 6–12 weeks
- Customer-controlled infrastructure
- Air-gap deployments supported
- SLA: per contract
- Annual licence pricing
Reference architecture
The Appice production stack runs on three logical tiers, each isolated in its own private subnet:
- Edge. Internet-facing load balancer, WAF, DDoS protection. Terminates TLS. Routes traffic to the API plane.
- API plane. Stateless application servers handling SDK ingest, REST API, webhooks. Auto-scales horizontally based on request rate.
- Data plane. Stream processors (Kafka), analytics store (ClickHouse), profile store (PostgreSQL), object storage (S3). All encrypted at rest with per-tenant or per-region keys.
- Decision plane. Allyvate ML inference servers serving real-time decisions. Models trained nightly on customer data; never trained across customers.
- Channel plane. Push (FCM, APNs), email, SMS adapters. Talk to the Inform layer to honour customer-side sequencing rules.
Integration points
| System | Direction | Protocol | Purpose |
|---|---|---|---|
| Mobile / Web SDKs | Inbound | HTTPS (TLS 1.2+) | Event ingest, profile updates, in-app render |
| Server-side ingest | Inbound | HTTPS REST | Backend events, batched user updates |
| Webhooks | Outbound | HTTPS (signed payload) | Notify customer systems on events, decisions, deliveries |
| Identity provider | Inbound | SAML 2.0 / OIDC | Admin SSO |
| Push (APNs) | Outbound | HTTP/2 | iOS push delivery |
| Push (FCM) | Outbound | HTTPS | Android and Web push |
| Email gateway | Outbound | HTTPS REST or SMTP | Customer-routed email (SendGrid, customer SMTP, etc.) |
| SMS gateway | Outbound | HTTPS REST | Customer-routed SMS (Twilio, MessageBird, customer-chosen) |
| CDP / data warehouse | Inbound and Outbound | HTTPS REST, S3 export | Optional sync with Snowflake, BigQuery, customer warehouse |
| Banking core / IBM MFP / Kony | Inbound | HTTPS REST | Adapter-based integration with banking core systems |
Scale targets
| Metric | Per-tenant target |
|---|---|
| Event ingest | 50,000 events/sec sustained, 200,000 events/sec burst |
| API request rate | 10,000 requests/sec sustained per tenant |
| Allyvate decision latency | p95 < 50ms, p99 < 120ms |
| In-app render trigger latency | p95 < 200ms (event → in-app shown) |
| Push delivery | 1M devices in < 60 sec end-to-end (subject to APNs/FCM) |
| Active profiles per workspace | 200M+ tested in production |
SLAs
| Service | Availability target | Credit |
|---|---|---|
| SDK and API ingest endpoints | 99.95% monthly | Per master agreement |
| Allyvate decision API | 99.9% monthly | Per master agreement |
| Admin console | 99.5% monthly | Per master agreement |
| Webhook delivery | At-least-once with 24-hour retry window | — |
Real-time uptime: status.appice.io
Disaster recovery
| Class | RTO | RPO |
|---|---|---|
| SaaS multi-tenant | 4 hours | 15 minutes |
| Single-tenant cloud | 4 hours | 15 minutes |
| On-premise | Per customer DR plan | Per customer DR plan |
Annual DR exercises are run for SaaS and single-tenant cloud. Reports available under NDA.
Day-2 operations
- Status page:
status.appice.io— incident updates, scheduled maintenance, RSS/email subscribe - Audit log API: programmatic access to admin actions for SIEM forwarding
- Metrics export: per-workspace usage and quality metrics via API or CSV
- Rate-limit headers: every API response includes
X-RateLimit-RemainingandX-RateLimit-Reset
Need an architecture review? We provide HLD/LLD documents, network diagrams, and threat models under NDA. Contact your account team or security@appice.ai.