Showing posts from architecture

How to effectively visualize an Application Landscape in Enterprise Architecture

How to effectively visualize an Application Landscape in Enterprise Architecture

In enterprise & solution architecture, connecting boxes with arrows is an often used and overrated visualization from high-level, thru component architecture, down to data and class diagrams. However, to create a holistic view on systems, component diagrams are not enough! When it comes to analysis or transformation of a high-level application- or service-architecture, I prefer to draw an Application Landscape Diagram, which I would like to show and elaborate on in this post.

Securing isolated systems: Caveats of using plain OAUTH flows and how to solve them

Securing isolated systems: Caveats of using plain OAUTH flows and how to solve them

While OIDC and OAUTH are well-known standards, they don’t fit every purpose “out of the box.” In businesses with special regulations like banking, health care, etc., non-functional requirements to auth can be challenging. Different solutions and ways were evaluated to create a new identity provider for a medical network. The first approach was “just” using simple OAUTH by its most famous Authorization Code Flow. Of course, it failed fast, and I’ll show why and how we solved it in this post.