flowchart TB
%% Define node styles by group
classDef auth fill:#66ff66,stroke:#333,stroke-width:1px %% Authentication - Green
classDef authz fill:#6699ff,stroke:#333,stroke-width:1px %% Authorization - Blue
classDef dmz fill:#dddddd,stroke:#333,stroke-width:1px %% DMZ - Grey
classDef idp fill:#ffff77,stroke:#333,stroke-width:1px %% IDPs - Yellow
classDef phase1 stroke:#ff0000,stroke-width:2px %% Phase 1 highlight
%% Core components - Phase 1
Client[Client Devices]
DMZ[DMZ/Perimeter]
Okta[Okta Tenant - FedRAMP]:::phase1
GovCloud[AWS GovCloud]:::phase1
%% Identity components
AD[DMZ Active Directory]:::idp
%% Authentication components - Green
Auth[Authentication Services]:::auth
Auth1[Adaptive MFA]:::auth
Auth2[SSO]:::auth
Auth3[Step-up Auth]:::auth
%% Authorization components - Blue
AuthZ[Authorization Services]:::authz
AuthZ1[OAuth 2.0/OIDC]:::authz
AuthZ2[API Access Management]:::authz
%% DMZ components - Grey
DMZ1[Load Balancers]:::dmz
DMZ2[API Gateways]:::dmz
DMZ3[WAF]:::dmz
%% Lifecycle - Important
Life[Lifecycle Management]
Life1[Registration]
Life2[Account Recovery]
%% AWS components
Connect[AWS Direct Connect]
GCAccount[GovCloud Account]
%% Structured layout with explicit positioning
Client --> DMZ
DMZ --> Okta
DMZ --> GovCloud
Okta <--> GovCloud
%% DMZ breakdown
DMZ --- DMZ1
DMZ --- DMZ2
DMZ --- DMZ3
DMZ --> AD
%% Okta core components
Okta --> Auth
Okta --> AuthZ
Okta --> Life
%% Authentication details
Auth --> Auth1
Auth --> Auth2
Auth --> Auth3
%% Authorization details
AuthZ --> AuthZ1
AuthZ --> AuthZ2
%% Lifecycle details
Life --> Life1
Life --> Life2
%% AWS connectivity
Okta <--> Connect
Connect --> GCAccount
GCAccount --> GovCloud
%% Apply classes
class DMZ,DMZ1,DMZ2,DMZ3 dmz
class Auth,Auth1,Auth2,Auth3 auth
class AuthZ,AuthZ1,AuthZ2 authz
class AD,Okta idp
class Okta,GovCloud phase1
- April 9, 2025
- 4:22 pm
- No Comments
Facebook
Twitter
LinkedIn