Full Stack reference Cloud Deployment

Full stack reference cloud installation refers to the case where ODM/OEM operator chooses to use all the cloud components along with any standard OAuth 2.0 IdP or AWS Cognito as a IdP for the deployment.

Following diagram illustrates the call flow when user choose to use the full stack cloud deployment.

../_images/cloud-fullstack-callflow.png

In this deployment mode, user accounts and user authentication is managed by AWS Cognito.

As shown in the diagram, the user first authenticates with AWS Cognito, providing the necessary credentials for authentication. After successful authentication, the user or mobile app receives user identity information encapsulated within a JWT from the IDP provider. The next step involves the mobile app reaching out to the internal Authorizer microservice via the Gateway. Upon successful JWT authentication, the Authorizer embeds the user’s scope and access level and encrypts this information into a new JWT. This new JWT is also referred as AuthZ token. Subsequently, the user or mobile app presents this new JWT token to the Proxy microservice. The Proxy validates this new JWT token before forwarding the requests to any valid device via the TCPMux Server.