System architecture

Soffid 3 system is composed of up to five different components:

  • IAM console 
  • Sync server
  • Repository
  • PAM Jump server (optional)
  • LDAP Directory server (optional)
  • Enterprise SSO (optional)


IAM Console

Is the portal used by administrators and users to manage identitiy management objects. It's 100% web and can be deployed in any Windows or Linux server. Kubernetes and Docker deployments are supported as well.


Is a relational database that stores all the information about configuration, policies and identity objects, including users, accounts and permissions.

Any of the following repositories are supported:

  • Maria DB
  • My SQL
  • Oracle
  • SqlServer
  • PostgreSQL

Sync server

Is the responsible for connecting the repository with the managed systems. The integration can be in both ways, fetching changes from managed system and pushing changes from Soffid repository.

The sync server can be deployed in many different ways, allowing central, distributed and hybrid deployments, both on cloud or on premise.

PAM Jump server

Is a piece used to allow access to privileged accounts, recording the screen and every keystroke, file or clipboard transfer.

It can only be installed on a Linux server with Docker.

Directory server

Is a directory server based on OpenLDAP. It can only be installed on a Linux server with Docker.




Revision #4
Created Tue, Jan 19, 2021 6:45 AM by Gabriel Buades
Updated Mon, Mar 15, 2021 3:18 PM by