Skip to content

Architecture

VitalBridge is a cloud-native, event-driven healthcare platform designed around domain-oriented microservices, strict tenant isolation, and asynchronous communication.

The platform supports multi-tenant healthcare organizations, including hospitals, clinics, telehealth providers, and enterprise wellness programs. Every core domain is implemented as an independently deployable service with its own database, ownership boundaries, and event contracts.

Architectural Principles

VitalBridge follows several non-negotiable architectural principles:

  • Database-per-service ownership
  • Event-driven communication using Kafka
  • Transactional Outbox pattern for reliable event delivery
  • CQRS separation between commands and queries
  • Multi-tenant isolation enforced at every service boundary
  • Keycloak-based identity and role management
  • Eventual consistency across bounded contexts
  • Horizontal scalability through stateless services

Platform Overview

The platform is organized into multiple bounded contexts:

Identity & Access

Responsible for authentication, authorization, user provisioning, and Keycloak integration.

  • Identity Service
  • Keycloak

Tenant Management

Responsible for onboarding and managing healthcare organizations.

  • Tenant Registry Service
  • Admin Service
  • Super Admin Service

Provider Management

Responsible for healthcare provider profiles and scheduling.

  • Doctor Service
  • Doctor Schedule Service

Patient Management

Responsible for patient records and patient-specific workflows.

  • Patient Service

Appointment & Telehealth

Responsible for appointment lifecycle management and virtual consultations.

  • Appointment Service
  • Video Session Service

Platform Services

Cross-cutting services used throughout the platform.

  • Communication Engine Service
  • Audit Log Service
  • Analytics Service

High-Level Architecture

VitalBridge follows a domain-oriented microservices architecture where each service owns its data, business rules, and event contracts.

The platform is composed of four primary layers:

  • Client Applications
  • API & Identity Layer
  • Domain Services Layer
  • Infrastructure Layer
flowchart TB

%% =====================================================
%% CLIENT APPLICATIONS
%% =====================================================

subgraph Clients["Client Applications"]
    SA["Super Admin Portal"]
    TA["Tenant Admin Portal"]
    PR["Provider Portal"]
    PT["Patient Portal"]
end

%% =====================================================
%% ENTRY LAYER
%% =====================================================

subgraph Gateway["API Gateway"]
  GW["API Gateway"]
  KC["Keycloak"]
  GW --> KC
end

Clients --> Gateway

%% =====================================================
%% DOMAIN SERVICES
%% =====================================================

subgraph DomainServices["Domain Services"]
  subgraph Identity["Identity & Access"]
    ID["Identity Service"]
    ID_DB[("Identity DB")]
    ID --> ID_DB
  end

  subgraph TenantMgmt["Tenant Management"]
      TR["Tenant Registry Service"]
      SA_SVC["Super Admin Service"]
      ADM["Admin Service"]

      TR_DB[("Tenant Registry DB")]
      SA_DB[("Super Admin DB")]
      ADM_DB[("Admin DB")]

      TR --> TR_DB
      SA_SVC --> SA_DB
      ADM --> ADM_DB
  end

  subgraph Clinical["Clinical Operations"]

      DOC["Doctor Service"]
      PAT["Patient Service"]
      SCH["Doctor Schedule Service"]
      APPT["Appointment Service"]

      DOC_DB[("Doctor DB")]
      PAT_DB[("Patient DB")]
      SCH_DB[("Doctor Schedule DB")]
      APPT_DB[("Appointment DB")]

      DOC --> DOC_DB
      PAT --> PAT_DB
      SCH --> SCH_DB
      APPT --> APPT_DB

  end

  subgraph Telehealth["Telehealth"]

      VIDEO["Video Session Service"]

      VIDEO_DB[("Video Session DB")]

      VIDEO --> VIDEO_DB

  end

  subgraph Platform["Platform Services"]

      COMM["Communication Engine Service"]
      AUDIT["Audit Log Service"]
      ANALYTICS["Analytics Service"]

      COMM_DB[("Communication DB")]
      AUDIT_DB[("Audit Log DB")]
      ANALYTICS_DB[("Analytics DB")]

      COMM --> COMM_DB
      AUDIT --> AUDIT_DB
      ANALYTICS --> ANALYTICS_DB

  end
end

subgraph Infrastructure["Platform Infrastructure Services"]
  KAFKA["Apache Kafka"]
  REDIS["Redis"]
  JITSI["Jitsi"]
end

%% =====================================================
%% GATEWAY ROUTING
%% =====================================================

Gateway --> ID

Gateway --> TR
Gateway --> SA_SVC
Gateway --> ADM

Gateway --> DOC
Gateway --> PAT
Gateway --> SCH
Gateway --> APPT

Gateway --> VIDEO

%% =====================================================
%% EVENT BACKBONE
%% =====================================================

ID <-.-> KAFKA

TR <-.-> KAFKA
SA_SVC <-.-> KAFKA
ADM <-.-> KAFKA

DOC <-.-> KAFKA
PAT <-.-> KAFKA
SCH <-.-> KAFKA
APPT <-.-> KAFKA

VIDEO <-.-> KAFKA

COMM <-.-> KAFKA
AUDIT <-.-> KAFKA
ANALYTICS <-.-> KAFKA

%% =====================================================
%% SHARED INFRASTRUCTURE
%% =====================================================


SCH --> REDIS
APPT --> REDIS

VIDEO --> JITSI
Hold "Alt" / "Option" to enable pan & zoom

Event-Driven Architecture

flowchart LR
SERVICE["Domain Service"]
OUTBOX["Transactional Outbox"]
KAFKA["Apache Kafka"]
CONSUMER["Consumer Service"]
SERVICE --> OUTBOX
OUTBOX --> KAFKA
KAFKA --> CONSUMER
Hold "Alt" / "Option" to enable pan & zoom

Platform Infrastructure

flowchart TB

subgraph Infrastructure
    KC["Keycloak"]
    KAFKA["Apache Kafka"]
    REDIS["Redis"]
    JITSI["Jitsi"]
    PG["PostgreSQL"]
end
Hold "Alt" / "Option" to enable pan & zoom