Digital Access component architecture overview

This is an illustration of the Smart ID Digital Access component architecture with an overview of the subcomponents. 

Below, you find a more detailed image of the architecture with default port numbers. 

Digital Access component system:

• Access point
  The access point is the gatekeeper for all resource and access requests. It interacts with the policy service to validate queries and authorize access. You can set up several access points, to handle situations with large numbers of access requests (load balancing). The access point functionality can be divided into web access and access via the Access Client in Digital Access.

• Administration service
  Digital Access is a complete network of services, with the administration service as the natural connecting point, or hub. The administrator manages all configuration of Digital Access on the administration service through Digital Access Admin.

• Policy service
  The policy service makes access decisions, authenticates, audits, and validates certificates as well as digital signatures. The policy service makes the access decisions depending on access policies.

• Authentication service
  The authentication service handles authentication of users accessing resources. The authentication service supports several authentication methods.

• Distribution service
  With the Distribution service, soft tokens can be distributed to users in a effective way and when tokens are distributed they can be bound to a user by seed provisioning.

• Internal database
  Digital Access component user accounts and credentials for authorization and authentication are stored in the internal database, a PostgreSQL database bundled with Digital Access component. The internal database can be exchanged for an external database (see Digital Access component requirements and interoperability for a list of supported databases).

Communicates with Digital Access component:

• User
  A user is a known registered identity that is unique in Digital Access component. A user can request access to a resource or get a ticket (SAML) for access to other systems.  The user can access resources through the Digital Access component application portal.

• System administrator
  The system administrator communicates with Digital Access component through the administration interface.

• Resources in Digital Access
  In Digital Access, you register applications, folders, files, and URLs – everything users need remote access to – as web resources (web enabled applications), tunnel resources (client-server applications that are not web enabled) or customized resources. 

Port numbers

This illustration shows the Digital Access subcomponents with port numbers that are used for traffic between the services.

For a list of all port numbers, see Default ports in Smart ID.

Related information

• Access Client in Digital Access

• Access point in Digital Access, add, set up and configure

• Administration service in Digital Access, set up internal and external communication

• Authentication methods in Digital Access

• Authentication service in Digital Access, add, set up, and configure

• Database service in Digital Access

• Distribution service in Digital Access, add, set up and configure

• Hardening of Digital Access component appliance

• High availability architecture for Digital Access component

• Digital Access component overview

• Digital Access interfaces

• Policy service in Digital Access, add, set up, and configure

• Default ports in Smart ID

• Resources in Digital Access

• High availability architecture for Digital Access component

• Users in Digital Access