Authn & Authz #
Authn and authz connects different our internal services and ensures that your data stays private and completely separate from other customers.
Quantum ID #
Quantum ID is our internal SSO service and is used whenever you log into one of our properties.
Flavors #
There are different methods to authenticate:
- openid-based flows
- forward authentication
- IP authentication
Architecture #
The following sequence diagrams provide a high-level overview (short of e.g. openid-connect flows, etc.) of when services interact with each other.
Server to Service #
sequenceDiagram participant Cluster participant ID participant Logging participant Metrics participant Tenant rect rgb(160, 160, 160) Cluster->>ID: authn ID->>Logging: authz ID->>Metrics: authz Logging->>Tenant: writes Metrics->>Tenant: writes end rect rgb(237, 22, 81) Grafana->>Tenant: query (logs and metrics) end
Customers #
Deployments or other commands:
sequenceDiagram participant C as Customer participant cli as Quantum-CLI participant ID participant Console rect rgb(237, 22, 81) C->>cli: uses cli->>ID: authn ID->>Console: authz (deployment) end
Docker pull or push:
sequenceDiagram participant C as Customer participant ID participant Registry rect rgb(237, 22, 81) C->>ID: authn (docker push) ID->>Registry: authz end
Grafana usage:
sequenceDiagram participant C as Customer participant ID participant Tenant participant Grafana rect rgb(237, 22, 81) C->>ID: authn (session) ID->>Tenant: authz Grafana->>Tenant: stream logs and metrics end