Reference architectures

Access Gateway deployments can be constructed in any number of ways to solve common problems such as scalability, performance and fault tolerance. Reference architectures represent of a set of possible deployment scenarios used as a starting point to solve these known problems.

Typically Access Gateway architectures are combination of:

Applications Sets of application providing user services, such as Customer identity access management (CIAM), Workforce, Kerberos or others. Typically these application share certain characteristics such as target audience, performance requirements, security requirements or others.

Okta org

An Okta org providing authentication and authorization.

Access Gateway Access Gateway individual instances or sets(high availability clusters), in a variety of configurations, each intended to high light a particular benefit or use case.
Firewalls Firewalls, in multiple locations within an architecture, providing traditional monitoring , security and other services for inbound and outbound traffic.
Load balancers Load balancers, providing routing around load and other requirements.

Other common components include:

Directory service LDAP, Active directory and similar directory services
Database Databases used to augment directory services and applications for the purposes of authentication and authorization. See About application data stores for more information.
Proxy servers Proxying requests, from typically behind firewalls, for Access Gateway, administrators and users.

 

Some of the most common architectures include:

Workforce heterogeneous application reference architecture Common architectures for applications designed to business services and more.
CIAM  application reference architecture Common architectures for applications designed for consumer focused services

Kerberos application reference architecture

Common architectures for applications designed for Windows Kerberos focused services.

Related topics

Security best practices

Common Access Gateway flows

Access Gateway sequence flows