Overview of interfaces
3.2. Overview of IAM interfaces

This document gives an overview over IAM's interfaces, i.e. how users and other systems can interact with Airlock IAM.

It does not list systems called by IAM (such as databases, LDAP, SMTP, SMS, etc.).

Overview of IAM interfaces
Name
Module
Description
Client Type
Internal/Exernal
Access
Config Editor
Nodes
Loginapp (JSP)
Loginapp
Web-frontend for users authentication and self-services: JSP-based HTML application.
Browser
External
Loginapp
Loginapp REST API
Loginapp
Web-frontend for users authentication and self-services: single-page application using the Loginapp REST API.
Browser
External
Loginapp >> UI Settings
Loginapp REST API
Loginapp
User-facing REST API called by single-page applications (SPA), mobile apps and alike.
Authentication, self-registration, various self-services. See 21. REST APIs provided by IAM for details.
Mobile App
Browser (SPA)
Other REST Client
External
Loginapp
Loginapp One-Shot Interface
Loginapp
Processes single HTTP requests send to IAM by the Gateway (WAF) using "one-shot" authentication flow. Used for REST API protection and alike.
See 17.6. HTTP request authentication (Airlock One-Shot flow).
Airlock Gateway (WAF)
External
Loginapp >> Airlock One-Shot Authentication
RADIUS Server
Service Container
RADIUS server for user authentication.
RADIUS client
External
Service Container >> Services >> RADIUS Service
Adminapp REST API
Adminapp
Web-frontend for user and token management, maintenance messages management, log viewer and configuration.
Single-page application using the Adminapp REST API (exception: ConfigEditor).
Browser
Internal
Adminapp
Adminapp REST API
Adminapp
REST API for Loginapp. See 21. REST APIs provided by IAM for details.
REST Client
Internal
Adminapp
Transaction Approval
Transaction Approval
Application exposing a REST API for verifying transactions (e.g. payment) using the users' second factors.
REST Client
Internal
Transaction Approval
API Policy Service
API Policy Service
Internal interface used between Gateway (WAF)/API Gateway and IAM for API key-based access control.
Airlock Gateway (WAF) / API Gateway
Internal
API Policy Service

Similar interfaces do not offer the same amount of features! This is especially true for the Loginapp interfaces: The Loginapp REST API feature set ≠ Loginapp (JSP) interface feature set. interfaces: feature set ≠ Loginapp (JSP) interface feature set.