Digital Access component architecture overview
This is an illustration of the Smart ID Digital Access component architecture with an overview of the subcomponents.
Below, you find a more detailed image of the architecture with default port numbers.
Digital Access component system:
Access point
The access point is the gatekeeper for all resource and access requests. It interacts with the policy service to validate queries and authorize access. You can set up several access points, to handle situations with large numbers of access requests (load balancing). The access point functionality can be divided into web access and access via the Access Client in Digital Access.Administration service
Digital Access is a complete network of services, with the administration service as the natural connecting point, or hub. The administrator manages all configuration of Digital Access on the administration service through Digital Access Admin.Policy service
The policy service makes access decisions, authenticates, audits, and validates certificates as well as digital signatures. The policy service makes the access decisions depending on access policies.Authentication service
The authentication service handles authentication of users accessing resources. The authentication service supports several authentication methods.Distribution service
With the Distribution service, soft tokens can be distributed to users in a effective way and when tokens are distributed they can be bound to a user by seed provisioning.Internal database
Digital Access component user accounts and credentials for authorization and authentication are stored in the internal database, a PostgreSQL database bundled with Digital Access component. The internal database can be exchanged for an external database (see Digital Access component requirements and interoperability for a list of supported databases).
Communicates with Digital Access component:
User
A user is a known registered identity that is unique in Digital Access component. A user can request access to a resource or get a ticket (SAML) for access to other systems. The user can access resources through the Digital Access component application portal.System administrator
The system administrator communicates with Digital Access component through the administration interface.Resources in Digital Access
In Digital Access, you register applications, folders, files, and URLs – everything users need remote access to – as web resources (web enabled applications), tunnel resources (client-server applications that are not web enabled) or customized resources.
Port numbers
This illustration shows the Digital Access subcomponents with port numbers that are used for traffic between the services.
For a list of all port numbers, see Default ports in Smart ID.