TIS elements and architecture introducedIn addition to just an Identity Provider (IdP) or Identity and Access Management (IAM) service, TIS is also a development platform external applications and services are built on top of. Most of these applications and services tend to use user accounts and people's identities as an integral element in them. In addition they often utilise one or more of the TIS elements listed below. Trivore ID – This is the core of TIS, an OpenID Connect Certified OpenID Provider identity management with strong identification, multi-level KYC, GPDR-compliance, and 100+ user and identity related attributes Management API – REST API extending the scope of the platform with extensive Authorisations, multi-purpose Contracts, personal Wallets, personal Paycard storage, simple Subscriptions, and other line-of-business neutral functionality close to the personal data and identity. General TIS APIs for user, group, role, datastorage, custom field, access control, etc. management. APIs extending the identity with additional features, like Wallet, Paycards, Contracts, Subscriptions, and Authorisations. APIs extending the platform base functionality with features like SSO configuration, sending email and text messages to verify personal information or for other purposes. APIs integrating to external strong identity, corporate identity, authorisation, and related data considered master data in TIS. Additional elements on external modules and services integrating to TIS. And example of this category is the Product and Pricing management. These modules are not normally deployed.
Client SDK – Light-weight wrapper for developers to start using the Management API quickly and efficiently. Management UI – This is what is also known as onePortal to manage the service, tenants, namespaces, accounts, roles, groups, integrations, etc. End-users are not normally allowed to sign-in to this webui. Self-service UI – It is usually a good practise to allow for end-users to have access to their personal settings, own data, authorisations, contracts, and subscriptions via this or similar UI. This UI is made with Java using the Client SDK and Vaadin Flow 14, and the source code is available for customers. External user directories for use cases where the password master is not located in TIS, but in LDAP, ADDS, ADFS, or some other SAML-based user directory.
Image Modified TIS main elements. |