Skillmine Auth - Documentation
  • Introduction
  • Get started
    • Create and integrate the first application
    • Customize sign-in experience
    • Enable social sign-in
    • Configuring the SSO (Single Sign On):
  • Protect your API
    • Protect your API on Node(Express)
    • Protect your API on Python
    • Protect your API on Spring Boot
  • Manage users
    • Manage users using Admin Console
    • Manage users using Management API
  • Auth Architecture
  • SSO Dashboard
  • SSO Application
  • Blueprints
  • Groups & Permissions
    • User Roles
    • Permissions
    • Group Category
    • Group
  • Workflow
    • Workflow
    • Manage Request
  • Settings
    • Authentication Methods
    • Schemas
    • Consent Management
    • Password Policy
    • CAPTCHA's
    • Site Group
    • Messaging Template
      • Built-In Template
      • Custom Template
    • Webhook Settings
    • Connectors
    • Device Restriction
    • MFA
      • End User Configuration Guide
      • End User Usage
    • MFA Settings
    • Payment Gateway
      • Providers
      • Payment Flows
      • Payment History
    • Open Id Connect Setttings
      • Client Settings
      • Scopes
    • SCIM
  • You don't need a user table
  • Localization
  • API Resource
  • Users
    • Search Users
    • Invite User
    • Create User
    • Bulk User Operations
      • Creation
      • Updation
      • Deletion
      • Reset Password
  • Report
    • User Report
    • Captcha Failure Report
    • Inactive users report
    • Provider wise Report
    • Webhook Report
    • Notification Report
    • Audit Trail Report
    • Mac Restriction Report
    • RADIUS Audit Trail Report
  • Social identities
  • References
    • OpenID Connect
  • Usecases
    • ECommerce Site Integration
    • Groups & Roles Integration
    • Custom Provider Integration
    • Salesforce Integration
  • Connectors
    • Office365
Powered by GitBook
On this page
  • 1. Introduction
  • 2. System Overview
  • 3. Component Architecture
  • 4. Data Flow Diagram
  • 5. Security Considerations
  • 6. Integration Points
  • 7. Scalability and Performance
  • 8. Disaster Recovery and High Availability

Auth Architecture

1. Introduction

This report presents the architecture of a robust Identity and Access Management (IAM) solution designed to facilitate secure and efficient user authentication, authorization, and management for digital applications. The solution is built to accommodate a wide range of authentication methods, support various access control policies, and integrate with numerous protocols while ensuring high levels of security and compliance.

2. System Overview

The IAM solution is structured around key components including User Management, Authentication and Authorization Services, MFA, Protocol Support, and Security Features. It is designed to be scalable, secure, and compliant with industry standards such as OpenID Connect, OAuth2, and SAML 2.0.

3. Component Architecture

3.1 User Management

Responsible for managing user profiles, roles, and permissions. It provides interfaces for user registration, profile updates, and role assignments.

3.2 Authentication Service

Handles user authentication using various methods like passwords, social logins, and MFA. It manages sessions and ensures that users are who they claim to be.

3.3 Authorization Service

Determines what authenticated users are allowed to do by enforcing access control policies, including RBAC (Role-Based Access Control) and ABAC (Attribute-Based Access Control).

3.4 Multi-Factor Authentication (MFA) Service

Enhances security by requiring additional verification methods beyond just passwords, including Email, SMS, FIDO2, biometrics (face and voice recognition), and custom methods.

3.5 Protocol Support

Facilitates communication with external systems and services using various protocols like OpenID Connect, OAuth2, SAML 2.0, LDAP, and REST APIs.

3.6 Security Features

Includes advanced security mechanisms like fraud detection, password breach detection, and secure data handling to protect against threats and vulnerabilities.

4. Data Flow Diagram

5. Security Considerations

The architecture incorporates comprehensive security measures, such as data encryption, secure coding practices, regular security assessments, and adherence to international security standards, to mitigate potential risks and vulnerabilities.

6. Integration Points

The solution is designed for flexible integration with a variety of external systems, including directory services, third-party authentication providers, and various application APIs, ensuring broad compatibility and extensibility.

7. Scalability and Performance

Scalability is achieved through distributed deployment, load balancing, and dynamic resource allocation, ensuring the system can handle high volumes of requests and scale as per demand.

8. Disaster Recovery and High Availability

A robust disaster recovery strategy, coupled with high-availability configurations, ensures the system remains operational and accessible, minimizing downtime in the event of system failures or disasters.

PreviousManage users using Management APINextSSO Dashboard

Last updated 1 year ago

Architecture Diagram