Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.blnkfinance.com/llms.txt

Use this file to discover all available pages before exploring further.

The Production License lets you run the full Blnk stack, including Core, Cloud Dashboard, and Watch, in a dedicated environment. You can deploy it in your own infrastructure or run it in a dedicated cloud environment managed by Blnk. Built for teams that need stronger security controls, data residency support, custom tooling, or a closer operational partnership with Blnk. This doc provides a step-by-step guide for deploying the Production License in your own infrastructure. Let’s get started!

Deployment guide

Use this guide to deploy Blnk Production License on AWS, GCP, Azure, or any cloud provider. Before you begin, make sure you have:
  1. A managed Postgres instance
  2. A managed Redis instance
1

Get your Production License

After purchasing a Production License, you’ll receive an email with your license details.Your license details will include a base64-encoded license string, which is the recommended way to activate your license. You may also receive a license file named blnk-enterprise.lic. Both contain the same license information and enabled features.
2

Prepare your Postgres

Create two databases in your Postgres instance: one for Blnk Core and one for Blnk Cloud. Keeping these databases separate isolates ledger data from Cloud management data.
CREATE DATABASE blnk;
CREATE DATABASE "blnk-cloud";
3

Pull the Docker image

Pull the enterprise image from GitHub Container Registry:
Docker
docker pull ghcr.io/blnkfinance/blnk-enterprise:latest
Using a custom image? Use the image name provided in your license email or onboarding instructions.
4

Add primary environment variables

Create an environment file, such as .env or enterprise.env.Add the following variables and replace the placeholder values with your Postgres URL, Redis URL, and license string.
.env
ENTERPRISE_POSTGRES_URL=postgres://user:password@host:5432/postgres?sslmode=require
ENTERPRISE_REDIS_URL=redis://host:6379/0
ENTERPRISE_LICENSE_B64=your_base64_license_string
Environment variableDescription
ENTERPRISE_POSTGRES_URLConnection string for your Postgres instance.
ENTERPRISE_REDIS_URLConnection string for your Redis instance.
ENTERPRISE_LICENSE_B64Base64-encoded license string from Step 1. Takes precedence over ENTERPRISE_LICENSE_FILE. To use a file instead, set ENTERPRISE_LICENSE_FILE to the path of your .lic file.
5

Set up public app config

Add these variables to the same environment file. They configure how users access the Cloud Dashboard.
.env
ENTERPRISE_PUBLIC_PORT=8080
ENTERPRISE_PUBLIC_URL=https://ledger.yourdomain.com
Environment variableDescription
ENTERPRISE_PUBLIC_PORTPort exposed by the enterprise launcher for the Cloud Dashboard.
ENTERPRISE_PUBLIC_URLPublic URL where users access the Cloud Dashboard, including https://. Use this value when configuring CORS_ORIGINS in the next step.
6

Set up Plane Environment variables

Plane powers the Cloud Dashboard and stores its data in the blnk-cloud database.Add these variables to the same environment file you created in the previous step.
.env
ENVIRONMENT=production
CORS_ORIGINS=https://ledger.yourdomain.com

BLNK_ENCRYPTION_KEY=0123456789abcdef0123456789abcdef
JWT_SECRET=your_long_random_secret_here
Environment variableDescription
ENVIRONMENTSet to production for Production License deployments. This enables production-only checks and Sentry monitoring.
CORS_ORIGINSComma-separated list of browser origins allowed to access the Plane API. Do not include spaces. Make sure ENTERPRISE_PUBLIC_URL is included.
BLNK_ENCRYPTION_KEYA unique 32-character key used to encrypt sensitive data, such as instance connection keys. Do not change this value after deployment, or previously encrypted data may become unreadable.
JWT_SECRETA strong random secret used to sign and verify authentication tokens.
7

Set up SMTP

Configure SMTP so Plane can send emails from your deployment, including login alerts, password resets, and Cloud notifications.If you do not already have an SMTP provider, services such as Resend, SendGrid, or Amazon SES can be used. After configuring your provider, add the SMTP credentials to the same .env file.
SMTP is optional. You can skip this step if you do not need email notifications yet.
.env
EMAIL_PROVIDER=smtp
SMTP_HOST=smtp.example.com
SMTP_PORT=587
SMTP_AUTH_USERNAME=your_username
SMTP_AUTH_PASSWORD=your_password
SMTP_TLS_MODE=auto
SMTP_SKIP_TLS_VERIFY=false
Environment variableDescription
EMAIL_PROVIDERWhich email transport Plane uses. Set to smtp, or leave unset to use SMTP when SMTP_HOST is set.
SMTP_HOSTHostname of your SMTP server.
SMTP_PORTPort your SMTP server listens on.
SMTP_AUTH_USERNAMEUsername for SMTP authentication.
SMTP_AUTH_PASSWORDPassword or API key for SMTP authentication.
SMTP_TLS_MODEHow Plane negotiates TLS with the SMTP server.
SMTP_SKIP_TLS_VERIFYWhether to skip TLS certificate verification. Use false in production.
8

Run the enterprise image

Start the stack with the image you pulled earlier. Map the host port to ENTERPRISE_PUBLIC_PORT, e.g. 8080 if you used the value from the public app config step.
Docker
docker run -d \
  --name blnk-enterprise \
  -p 8080:8080 \
  --env-file ./enterprise.env \
  ghcr.io/blnkfinance/blnk-enterprise:latest
If you use a license file instead of ENTERPRISE_LICENSE_B64, mount blnk-enterprise.lic into the container and set ENTERPRISE_LICENSE_FILE to its path in your env file.
9

Verify your deployment

Confirm the stack started and is reachable.
  1. Check that the container is running: 
    docker ps
  2. Call the health endpoint on the mapped port: 
    curl http://localhost:8080/health
  3. Open ENTERPRISE_PUBLIC_URL in your browser. If you are testing locally before DNS is ready, use http://localhost:8080 and ensure that origin is listed in CORS_ORIGINS.
    Your deployment is ready when the health check succeeds and the Cloud Dashboard loads.

API base URL and paths

The Production License image runs Blnk Core, Blnk Cloud, and Blnk Watch together. How you reach each service depends on which API you are calling. Your public entry point is ENTERPRISE_PUBLIC_URL (the same host and port you mapped in the docker run step, for example https://ledger.yourdomain.com).
Cloud APIs are served on their normal routes at ENTERPRISE_PUBLIC_URL. They are the same paths documented in the Cloud API reference, including:
PrefixPurpose
/proxyForward writes and reads to a Core instance (use instance_id on the query string)
/dataRead instance data with query filters
/alerts, /mcpAlerts and MCP integrations
cURL example
curl -X POST 'https://ledger.yourdomain.com/proxy/ledgers?instance_id=YOUR_INSTANCE_ID' \
  -H 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{"name": "My Ledger"}'
Authenticate with API keys or OAuth as described in the Cloud reference. Replace https://ledger.yourdomain.com with your ENTERPRISE_PUBLIC_URL.

What’s next

Your deployment is now running. Sign in at ENTERPRISE_PUBLIC_URL, set up your workspace, and start using the Cloud Dashboard. A Core instance will be deployed automatically and ready to use once you’re in. You can also connect more Blnk Core instances to the same dashboard if you wish to manage multiple environments.

Connect instance

Learn how to connect multiple Core instances to your dashboard through the Query Agent.

Working with Blnk Core

Start building your application with the Blnk Core.

Navigating Cloud

Operate your financial data with the Cloud Dashboard.

Advanced configurations

Customize your deployment with optional environment variables.