# Architecture

Below is the pictorial representation of the architecture and the relationship with the various components of HexaEight Authentication platform.

HexaEight Platform (IdP)

HexaEight Platform manages identities, provides Identity Login tokens and issues Asymmetric shared Keys for specific destinations to Users and Machines.

HexaEight Token Servers

HexaEight Token Server manages authorization and fetches asymmetric shared keys for users and resource Servers in Client Applications

HexaEight Middleware

HexaEight Middleware is installed on Resource Servers and associated with a Client Application. HexaEight Middleware allows Resource servers to authenticate and communicate across Client Applications. Additionally, it decrypts all incoming and encrypts all outgoing requests to maintain data confidentiality as well as protecting them from potential attacks and unauthorized access

HexaEight-Mobile-Authenticator

HexaEight provides a Free Mobile app available for both Android and iOS that is used by end users to authenticate across applications, systems and devices. The mobile application is also used by Application owners and administrators to authorize Machines Identities

# Applications and Resource Servers

erDiagram
    Organization-A ||--|{ HexaEight-Token-Servers : deploys
        Organization-A {
        Employees Internal
        Users External
        Applications Interanet
	Applications External
	Resource-Servers Internal
	}
	HexaEight-Platform ||..|{ HexaEight-Token-Servers : protects
	HexaEight-Token-Servers }|..|{ Resource-Servers : protects
        Resource-Servers {
        Uses HexaEight-Middleware
	}
	HexaEight-Token-Servers }|..|{ Resource-Servers : protects
	HexaEight-Token-Servers }|..|{ Internal-Applications : protects
        Internal-Applications{
	Uses HexaEight-Sessions
	}
	HexaEight-Token-Servers }|..|{ External-Applications : protects
        External-Applications{
	Uses HexaEight-Sessions
	}
	Resource-Servers }|..|{ External-Applications : uses
	Resource-Servers }|..|{ Internal-Applications : uses
	Internal-Applications }|..|{ Internal-Employees : authenticates
        Internal-Employees{
	Use HexaEight-Mobile-Authenticator
	To   Login-Into-Application
	}
	External-Applications }|..|{ External-Users : authenticates
        External-Users{
	Use HexaEight-Mobile-Authenticator
	To   Login-Into-Application
	}

# Systems and Users

HexaEight Authentication Plugins

HexaEight Authentication Plugins protects Systems and authenticates users into Operating Systems like Windows, Unix , Mac or Custom OS. Authentication Plugins are responsible for only authenticating users using a One Time Password via Encrypted Captchas.

erDiagram
    Organization-A ||--|{ HexaEight-Token-Servers : deploys
        Organization-A {
        Employees Internal
        Users Internal
        Systems Internal
	Resource-Servers Internal
	}
	HexaEight-Platform ||..|{ HexaEight-Token-Servers : protects
	HexaEight-Token-Servers }|..|{ Systems : protects
	HexaEight-Token-Servers }|..|{ Resource-Servers : protects
	Systems }|..|{ Users : authenticates
        Systems{
        Uses Authentication-Plugins
	To Allow-User-To-Login
	Using One-Time-Password
	Apps Creates-New-HexaEight-Session
	}
        Users{
	Uses HexaEight-Mobile-Authenticator
	}
	Systems }|..|{ Resource-Servers : accesss
        Resource-Servers{
	Uses HexaEight-Middleware
	}

# Devices

HexaEight Libraries

HexaEight Libraries form the core of HexaEight Platform and can be used to develop custom solutions for secure machine-to-machine as well as user-to-machine authentication and communication.

erDiagram
    Organization-A ||--|{ HexaEight-Token-Servers : deploys
        Organization-A {
        Doors Protected
        Robots Internal
        Access-System Internal
	Employees Internal
	}
	HexaEight-Platform ||..|{ HexaEight-Token-Servers : protects
	HexaEight-Platform }|..|{ Doors : protects
	HexaEight-Token-Servers }|..|{ Access-System : protects
	Doors }|..|{ Robots : authenticates-and-allows
	Doors }|..|{ Users : authenticates-and-allows
        Doors{
	Org-A-Develops Custom-solution
	Using HexaEight-Libraries
	}
        Robots{
	Org-A-Integrates Custom-solution
	Using HexaEight-Libraries
	}
        Users{
	Uses HexaEight-Mobile-Authenticator
	}
        Access-System{
	Uses HexaEight-Middleware
	}
	Doors }|..|{ Access-System : logs-entry-and-exit

In the subsequent sections, we will explore the various concepts that are used in HexaEight Platform.