Architecture

System Components

JWT access tokens contain user identity and organization context, validated statelessly on every request via signature verification.

Users, organizations, and roles cached in Redis by ID. Invalidated on writes.

⌘I