IAM API

IAM API exposes Keycloak's admin REST API and OIDC discovery endpoints. Custom endpoints handle SCIM 2.0 for automated user provisioning from enterprise IdPs. All token responses comply with JWT standards with configurable expiry per tenant policy.

Relationships

◇ Composes outgoing 3

Target Element	Element Type
IAM Platform	Software System
Auth Token Issue	API Endpoint
SCIM Users Provision	API Endpoint

◇ Part of incoming 3

Source Element	Element Type
IAM Platform	Software System
Auth Token Issue	API Endpoint
SCIM Users Provision	API Endpoint

◆ Owned by incoming 1

Source Element	Element Type
Identity Record Aggregate	Data Aggregate

→ Served by incoming 1

Source Element	Element Type
Security GKE Cluster	Cloud Service

Architecture Context

Diagrams

Not yet referenced in any diagram

Properties

Type Software Subsystem

Layer Application

Domain Security and Compliance

Status active

Owner Security Team

Additional Metadata

Catalog Id SUB-SEC-001

Environments production, staging

Owns Data Aggregates Identity Record Aggregate

Served By Cloud Services Security GKE Cluster

Archimate Type application-component

C4 Type Container

Togaf Type Application Component

Meta Model

Business

Organization

Application current

Technology