System architecture Soffid Architecture Soffid 3 system is composed of up to five different components: IAM console Sync server Repository PAM Jump server (optional) LDAP Directory server (optional) Enterprise SSO (optional) IAM Console Is the portal used by administrators to manage identity management objects and by end-users to use the self service portal. It's 100% web and can be deployed in any Windows or Linux server. Kubernetes and Docker deployments are supported as well. Repository Is a relational database that stores all the information about configuration, policies and identity objects, including users, accounts and permissions. Any of the following repositories are supported: Maria DB My SQL Oracle SqlServer PostgreSQL Sync server Is the responsible for connecting the repository with the managed systems. The integration can be in both ways, fetching changes from managed system and pushing changes from Soffid repository. The sync server can be deployed in many different ways, allowing central, distributed and hybrid deployments, both on cloud or on premise. PAM Jump server Is a piece used to allow access to privileged accounts, recording the screen and every keystroke, file or clipboard transfer. Directory server Is a directory server based on OpenLDAP. It can only be installed on a Linux server with Docker. Mixed architecture In the following image you can view an example of the architecture with a mysql database managed directly from the main servers and an Active Directory and an Oracle database managed through a sync proxy installed on the same host as the managed system.