Overview
Notes
BOFE will connect to backoffice-manager directly and send all the request to it. Note that BOFE does not access any other service directly.
BOFE request will not go through Tyk gateway but will connect through Cloudflare WARP VPN and then go through Traefik ingress to reach the backoffice-manager.
JWT will be used to do authentication & authorization.
Can refer to IAM for Back Office (Technical) for context about how Okta and OAuth2/OIDC is used.
Detailed Designs
Attachments:
go_to_people.png (image/png)
click_add_person.png (image/png)
fill_user_details.png (image/png)
add_groups.png (image/png)
add_groups.png (image/png)
add_groups.png (image/png)
click_save.png (image/png)
user_add_success.png (image/png)
select_person.png (image/png)
go_to_profile.png (image/png)
linked_object_edit.png (image/png)
fill_in_checker.png (image/png)
linked_object_click_save.png (image/png)
go_to_people.png (image/png)
select_person.png (image/png)
click_suspend.png (image/png)
go_to_people.png (image/png)
select_person.png (image/png)
click_activate.png (image/png)
dashboard_user_settings.png (image/png)
click_password_reset.png (image/png)
confirm_your_identity.png (image/png)
set_a_new_password.png (image/png)
go_to_people.png (image/png)
select_person.png (image/png)
groups_tab.png (image/png)
select_group_add.png (image/png)
go_to_directory_groups.png (image/png)
click_add_group.png (image/png)
fill_group_name.png (image/png)
click_group_save.png (image/png)
