Overview of IAM interfaces

This document gives an overview over IAM's interfaces, i.e. how users and other systems can interact with Airlock IAM.

It does not list systems called by IAM (such as databases, LDAP, SMTP, SMS, etc.).

Overview of IAM interfaces

Name

Module

Description

Client Type

Internal/Exernal
Access

Config Editor
Nodes

Loginapp UI

Loginapp

Web-frontend for users authentication and self-services: single-page application using the Loginapp REST API.

Browser

External

Loginapp >> UI Settings

Loginapp REST API

Loginapp

User-facing REST API called by single-page applications (SPA), mobile apps and alike.
Authentication, self-registration, various self-services. See IAM REST APIs for details.

Mobile App
Browser (SPA)
Other REST Client

External

Loginapp

Loginapp One-Shot Interface

Loginapp

Processes single HTTP requests send to IAM by the Gateway using "one-shot" authentication flow. Used for REST API protection and alike.
See HTTP request authentication (One-Shot flow).

Airlock Gateway

External

Loginapp >> One-Shot Authentication

RADIUS Server

Service Container

RADIUS server for user authentication.

RADIUS client

External

Service Container >> Services >> RADIUS Service

Adminapp UI

Adminapp

Web-frontend for user and token management, maintenance messages management, log viewer and configuration.
Single-page application using the Adminapp REST API (exception: ConfigEditor).

Browser

Internal

Adminapp

Adminapp REST API

Adminapp

REST API for Loginapp. See IAM REST APIs for details.

REST Client

Internal

Adminapp

Transaction Approval

Transaction Approval

Application exposing a REST API for verifying transactions (e.g. payment) using the users' second factors.

REST Client

Internal

Transaction Approval

API Policy Service

API Policy Service

Internal interface used between Gateway/API Gateway and IAM for API key-based access control.

Airlock Gateway / API Gateway

Internal

API Policy Service