Skip to main content

Architecture Overview

The Apex platform turns real-world assets into blockchain-backed tokens and exposes them to partners through a single Integration API. This section gives you a big-picture, non-technical tour of how the platform is put together — enough to understand how the system works and what you need in place before you start integrating, without diving into internal implementation detail.

Who should read this: technical leads, solution architects, and product owners on the integrator side who are evaluating or preparing an integration. No prior knowledge of the platform internals is required.

What the platform does

At a high level, the platform is responsible for:

  • Tokenizing assets — representing a real-world asset (an estate) as divisible, blockchain-backed tokens.
  • Applying business rules — deciding which category an asset belongs to, which rules apply, and which fees are charged.
  • Running markets — primary issuance, secondary-market trades, OTC deals, and rental income flows.
  • Onboarding users — creating users and migrating existing user bases, with or without their own wallet.
  • Talking to the chain safely — on-chain signing and broadcasting are delegated to an external custody service, so private keys never live inside the platform.

As an integrator, you interact with all of this through one well-defined API surface. You never need to know how tokens are minted or which blockchain node is used — those concerns stay behind the gateway.

Two sides you can integrate with

The Integration API exposes two complementary capability sets. Most integrations use both, but you can adopt them independently depending on your product.

SideWho it servesWhat you can do
Operational (admin) sideOperators and issuers managing the offeringRun tokenization operations (create and manage tokens), organize the category tree, and configure fees and rules — the setup that defines what is offered and on what terms.
Investor (user) sideEnd-users / investorsOnboard and manage investors, then let them buy, sell, view holdings and history, and take part in primary issuance, secondary market, OTC, and rental flows.

In short: the operational side sets up and governs the assets, while the investor side is where end-users transact against them. Both are reached through the same authenticated gateway, with access scoped to your integration's permissions.

How you connect

From an integrator's point of view, the platform is a single, hardened entry point. Callers (clients) enter through a gateway that authenticates and routes the request onward. Anything that requires keys or the blockchain is handled by external services — including the custody service, which the platform talks to like a third party.

Tokenization flow: a request from the integrator passes through the gateway into the platform, while custody and the blockchain are reached as third-party services.
BoundaryWhat it means for you
ClientsHuman and system inputs — Admin UI, User UI, and your integrator system.
GatewayThe single entry point — TLS, authentication, rate limiting, and routing.
PlatformApplies business rules and orchestrates the tokenization use cases.
External servicesCustody (keys & signing), blockchain networks, and supporting providers — all reached as third parties.

Custody is a third-party service

A key thing to understand: the platform never holds private keys itself. All key storage, signing, and broadcasting happens in a separate custody service that the platform calls like any other external provider. From your perspective as an integrator this means:

  • You never handle keys, and you never call custody directly.
  • On-chain operations may complete asynchronously — the platform confirms them and can notify you via webhooks.
  • Which custody backend is used (MPC, HSM, Cloud KMS, …) is an operator/procurement decision — see Required Third-Party Services.

Where you connect

As an integrator you only ever talk to the Integration Gateway. Your requests are authenticated, rate-limited, and routed to the Integration API. You do not get direct access to the platform internals, the custody service, or the blockchain nodes — by design. This keeps your integration stable and keeps sensitive operations isolated behind a hardened boundary.

  1. How Tokenization Works — an end-to-end flow, conceptually.
  2. Required Third-Party Services — what to procure before you start.
  3. Security & Access — how you authenticate and what limits apply.