Overview of IAM interfaces

This document gives an overview over IAM's interfaces, i.e. how users and other systems can interact with Airlock IAM.

It does not list systems called by IAM (such as databases, LDAP, SMTP, SMS, etc.).

Overview of IAM interfaces

Name

Module

Description

Client Type

Internal/Exernal
Access

Config Editor
Nodes

Loginapp (JSP)

Loginapp

Web-frontend for users authentication and self-services: JSP-based HTML application.

Deprecated: will be removed in IAM 8.0.

Browser

External

Loginapp

Loginapp REST API

Loginapp

Web-frontend for users authentication and self-services: single-page application using the Loginapp REST API.

Browser

External

Loginapp >> UI Settings

Loginapp REST API

Loginapp

User-facing REST API called by single-page applications (SPA), mobile apps and alike.
Authentication, self-registration, various self-services. See REST APIs provided by IAM for details.

Mobile App
Browser (SPA)
Other REST Client

External

Loginapp

Loginapp One-Shot Interface

Loginapp

Processes single HTTP requests send to IAM by the Gateway (WAF) using "one-shot" authentication flow. Used for REST API protection and alike.
See HTTP request authentication (Airlock One-Shot flow).

Airlock Gateway (WAF)

External

Loginapp >> Airlock One-Shot Authentication

RADIUS Server

Service Container

RADIUS server for user authentication.

RADIUS client

External

Service Container >> Services >> RADIUS Service

Adminapp REST API

Adminapp

Web-frontend for user and token management, maintenance messages management, log viewer and configuration.
Single-page application using the Adminapp REST API (exception: ConfigEditor).

Browser

Internal

Adminapp

Adminapp REST API

Adminapp

REST API for Loginapp. See REST APIs provided by IAM for details.

REST Client

Internal

Adminapp

Transaction Approval

Transaction Approval

Application exposing a REST API for verifying transactions (e.g. payment) using the users' second factors.

REST Client

Internal

Transaction Approval

API Policy Service

API Policy Service

Internal interface used between Gateway (WAF)/API Gateway and IAM for API key-based access control.

Airlock Gateway (WAF) / API Gateway

Internal

API Policy Service

Similar interfaces do not offer the same amount of features! This is especially true for the Loginapp interfaces: The Loginapp REST API feature set ≠ Loginapp (JSP) interface feature set. interfaces: feature set ≠ Loginapp (JSP) interface feature set.