ProAuth is based on a modular architecture which easily enables the addition of new modules like new Identity Providers, Protocols, Enterprise Directory Synchronization or TwoFactor Authentication Mechanisms. ProAuth can be horizontally scaled in a cloud environment and supports a zero-downtime deployment mechanism which also includes database schema changes.
The ProAuth application is divided into multiple services:
- ProAuth Core
- Authentication Pipelines / OIDC endpoints
- Authentication Views
- Management API
- User Store API
- SCIM API
- ProAuth Admin UI
- User interface to interact with Management API and User Store API
- Is an optional component and does not need to be accessed publicly
- Database Infrastructure
- ProAuth stores its configuration data in an MSSQL database
- ProAuth User Stores store the data in MSSQL databases
- Caching / State Store / PubSub
- ProAuth internally uses dapr to abstract the resource access to state store and messaging components.
- By default, ProAuth is configured with a Redis configuration as state store and PubSub component.
- Any components compatible with dapr can be configured and used.
ProAuth Core is designed to run as a multi-instance deployment to support load-balancing, failover, scaling and zero-downtime scenarios. For testing purposes, ProAuth Core can be run in single instance mode with in-memory caching and PubSub, but this setup is not recommended in a production environment.
ProAuth consists of the following components: