Skip to main content

Architecture Decisions

Building a B2C application requires identity architecture that supports the complete customer lifecycle while protecting customer credentials and personal data.

Four decisions shape the architecture:

  • Integration pattern: where identity screens live and how your application and ThunderID divide responsibility.
  • Identity sources: where customer identities come from and which system owns the canonical record.
  • Tokens and APIs: how sessions, tokens, permissions, and API validation work after sign-in.
  • Run and observe: how your team deploys, monitors, audits, and connects the identity system.

Start with the integration pattern because it defines the boundary between your application and ThunderID. Review the supporting decisions as your application needs more control over identity data, API protection, deployment, or operations.

Start here
Integration Pattern

Where do identity screens live, and who controls the journey?

Choose an integration pattern →
Supporting decisions
Identity Sources

Where do identities come from, and which system owns the record?

Explore →
Tokens & APIs

How are post-sign-in credentials shaped, and how do your APIs validate them?

Explore →
Run & Observe

How do you configure, deploy, monitor, and connect the identity system?

Explore →
ThunderID LogoThunderID Logo

Product

DocsAPIsSDKs

Community

ContributingDiscussionsReport an Issue

Resources

ReleasesGitHubBrand Guidelines
© WSO2 LLC. All rights reserved.Privacy PolicyCookie Policy