Access Gateway deployments can be constructed in any number of ways to solve common problems such as scalability, performance and fault tolerance. Reference architectures represent of a set of possible deployment scenarios used as a starting point to solve these known problems.
Typically Access Gateway architectures are combination of:
|Applications||Sets of application providing user services, such as Customer identity access management (CIAM), Workforce, Kerberos or others. Typically these application share certain characteristics such as target audience, performance requirements, security requirements or others.|
An Okta org providing authentication and authorization.
|Access Gateway||Access Gateway individual instances or sets(high availability clusters), in a variety of configurations, each intended to high light a particular benefit or use case.|
|Firewalls||Firewalls, in multiple locations within an architecture, providing traditional monitoring , security and other services for inbound and outbound traffic.|
|Load balancers||Load balancers, providing routing around load and other requirements.|
Other common components include:
|Directory service||LDAP, Active directory and similar directory services|
|Database||Databases used to augment directory services and applications for the purposes of authentication and authorization. See About application data stores for more information.|
|Proxy servers||Proxying requests, from typically behind firewalls, for Access Gateway, administrators and users.|
Some of the most common architectures include:
|Workforce heterogeneous application reference architecture||Common architectures for applications designed to business services and more.|
|CIAM application reference architecture||Common architectures for applications designed for consumer focused services|
Common architectures for applications designed for Windows Kerberos focused services.