Skip to main content

Hybrid architecture for SecureAuth® Identity Platform

The Identity Platform hybrid architecture is a combination of on-premises and cloud-based components. Cloud-based components include a new administrative interface, configuration storage, and services necessary to conduct authentication. The on-premises SecureAuth appliance stores all legacy administrative components and conducts local services for administrative and end user features.

After you have finished with this topic, learn more about the hybrid architecture for the SecureAuth® Identity Platform, version 19.07 and later, by viewing a detailed video.

To view the cloud architecture, see the Cloud architecture for SecureAuth Identity Platform image.

hybrid_arch_2104.png

60566030.png SecureAuth Identity Platform on-premises (appliance)

The on-premises appliance hosts configuration data, APIs that communicate with the cloud and Web Admin, and a new secure storage database. Admin API calls are used in Web Admin and appliance communications. The internal Application API makes calls to the customer cloud database and Secure Storage API. The latter API stores credential information locally on the appliance, avoiding credential storage in the cloud.

60566031.png SecureAuth Identity Platform client-side (browser)

Access the New Experience Web Admin through a SecureAuth legacy client-side browser that connects to the U.S.-based, Amazon Simple Storage Service (Amazon S3). Admin API calls, contained in the middleware data layer, enable communications with the on-premises SecureAuth appliance. The template rendering engine reads and renders JSON files and inputs on the page, and then submits data objects to APIs. API logging code is stored in Utilities.

60566032.png SecureAuth Cloud

The U.S.-based Amazon Web Services S3 hosts the SecureAuth Cloud that communicates with SecureAuth Identity Platform on-premises via authenticated APIs, and includes the REST API cloud storage. The container-based, customer-specific repository stores directory and application integration data from the Web Admin configuration. Sensitive data, such as directory integration credentials and user data, are not stored in the SecureAuth Cloud.