Multi-tenant SaaS public portal architecture integrating state identity providers through TylerID Gateway for secure citizen application processing. Public users authenticate via State IDP using OIDC/OAuth 2.0, with tokens validated through an auth broker before accessing a React/Material UI frontend backed by containerized Node.js/Express services on AWS with auto-scaling. The backend orchestrates user management, application processing, payment workflows through a payment provider engine, email notifications, and secure API integration with a regulator portal, all persisting data in MongoDB Atlas. This architecture demonstrates federated identity best practices for government SaaS solutions, ensuring secure citizen access while maintaining separation between state infrastructure and cloud-hosted application services. Fork this diagram on Diagrams.so to customize authentication flows, add AWS service details like ECS or Lambda, or adapt the payment and notification modules for your RFP requirements.