Below is an architecture diagram of a third party push. Panintelligence will receive data from the third party system that contains user data at regular intervals.

Drawio

mVer	2
zoom	1
simple	0
zoominComment	10
inCommentcustContentId	01900675092
pageId	1899626497
custContentIdlbox	19006750921
diagramDisplayName	Untitled Diagram-1723127272428.drawio	lbox	1
contentVer	2
revision	2
baseUrl	https://panintelligence.atlassian.net/wiki
diagramName	Untitled Diagram-1723127272428.drawio
pCenter	0
width	749
links
tbstyle
height	392.611083984375

Possible architectural patterns

Since the third party system either pushes the data to panintelligence via the Panintelligence API or receives data as a composite of the claims data within the JWT, there are few architectural considerations to make.

Authentication push

Your authentication server will need to have a route defined to the panintelligence API. It is advisable to do this via your load balancer.

Oauth JWT

If you’re accessing your authentication system defined as Oauth, you will need to define a route from your Panintelligence application server to your authentication server. For egress access, it is advisable to create an egress-only gateway to limit access from the internet to your application layer.

Drawio

mVer	2
simple	0
zoom	1
inComment	0
pageId	1899626497
custContentId	1902149675
diagramDisplayName	arch-sec.drawio
lbox	1
contentVer	1
revision	1
baseUrl	https://panintelligence.atlassian.net/wiki
diagramName	arch-sec.drawio
pCenter	0
width	901.0000000000001
links
tbstyle
height	1010.5000000000001

Versions Compared

Old Version 4

New Version Current

Key

Possible architectural patterns

Authentication push

Oauth JWT

Page Comparison

Versions Compared

Old Version 4

New Version Current

Key

Possible architectural patterns

Authentication push

Oauth JWT