# How it works {% hint style="warning" %} Please be sure of your agent type and version and pick the right documentation accordingly. {% endhint %} {% tabs %} {% tab title="Node.js" %} {% hint style="danger" %} This is the documentation of the `forest-express-sequelize` and `forest-express-mongoose` Node.js agents that will soon reach end-of-support. `forest-express-sequelize` v9 and `forest-express-mongoose` v9 are replaced by [`@forestadmin/agent`](https://docs.forestadmin.com/developer-guide-agents-nodejs/) v1. Please check your agent type and version and read on or switch to the right documentation. {% endhint %} {% endtab %} {% tab title="Ruby on Rails" %} {% hint style="success" %} This is still the latest Ruby on Rails documentation of the `forest_liana` agent, you’re at the right place, please read on. {% endhint %} {% endtab %} {% tab title="Python" %} {% hint style="danger" %} This is the documentation of the `django-forestadmin` Django agent that will soon reach end-of-support. If you’re using a Django agent, notice that `django-forestadmin` v1 is replaced by [`forestadmin-agent-django`](https://docs.forestadmin.com/developer-guide-agents-python) v1. If you’re using a Flask agent, go to the [`forestadmin-agent-flask`](https://docs.forestadmin.com/developer-guide-agents-python) v1 documentation. Please check your agent type and version and read on or switch to the right documentation. {% endhint %} {% endtab %} {% tab title="PHP" %} {% hint style="danger" %} This is the documentation of the `forestadmin/laravel-forestadmin` Laravel agent that will soon reach end-of-support. If you’re using a Laravel agent, notice that `forestadmin/laravel-forestadmin` v1 is replaced by [`forestadmin/laravel-forestadmin`](https://docs.forestadmin.com/developer-guide-agents-php) v3. If you’re using a Symfony agent, go to the [`forestadmin/symfony-forestadmin`](https://docs.forestadmin.com/developer-guide-agents-php) v1 documentation. Please check your agent type and version and read on or switch to the right documentation. {% endhint %} {% endtab %} {% endtabs %} ## How it works Before you start writing a single line of code, it’s a good idea to get an overview of how Forest Admin works. The magic lies in its architecture. Forest Admin provides you with: * An API hosted on your server to retrieve your data. We call it the **Admin Backend** * if you chose a database as a datasource (PostgreSQLL, MySQL / MariaDB, MSSQL, MongoDB), your Admin Backend will be generated as a **standalone folder**. * if you chose an existing app as a datasource (Rails, Django, Laravel, Express/Sequelize, Express/Mongoose), your Admin Backend will be generated **within your app**. * A user interface to access and manage your data from your browser. This **Forest Admin User Interface** is built and managed through resources hosted on Forest Admin's servers. {% tabs %} {% tab title="SQL/Mongodb" %} ![The Admin Backend is a Node.JS REST API hosted on your servers](https://2014605362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fx9GURwd0RAwi8uWZgH5v%2Fuploads%2Fgit-blob-39191bdfc167090ed2ccb124e8f3ac0b4df70503%2Fhow-it-works-2.jpg?alt=media) {% endtab %} {% tab title="Rails/Django/Laravel" %} ![The Admin Backend is a Rails Engine mounted on your application](https://2014605362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fx9GURwd0RAwi8uWZgH5v%2Fuploads%2Fgit-blob-eb9105d9ba7e19c4e9821c4643502344fe114499%2Fhow-it-works-3.jpg?alt=media) {% endtab %} {% endtabs %} {% hint style="info" %} For a more in-depth explanation of Forest Admin's architecture (the Node.JS agent version), please read the [following article](https://medium.com/forest-admin/a-deep-dive-into-forest-admins-architecture-and-its-benefits-for-the-developers-who-trust-it-1d49212fb4b). {% endhint %} ### The Admin Backend The Admin Backend is generated upon install and **hosted on your end**. It includes an API allowing to **translate calls made from the Forest Admin UI into queries** to your database (covering actions such as CRUD, search & filters, pagination, sorting, etc.). It also provides the Forest Admin servers with the information needed to build the User Interface (the **Forest Admin Schema**). This information includes table names, column names and types, and relationships. It is sent when you run your Admin Backend [within a file called `forestadmin-schema.json`](https://docs.forestadmin.com/documentation/models#the-forestadmin-schema-json-file). ### Data Privacy When logging into the **Forest Admin UI** in your browser, you will connect to: 1. The **Forest Admin servers** to retrieve the **Forest Admin UI.** 2. The **Admin Backend** to retrieve your **data** and populate the Forest Admin UI with it. {% hint style="warning" %} As your data transits directly from the Admin Backend hosted on your end and the user browser, **it never transits through our servers**. {% endhint %} {% tabs %} {% tab title="SQL/Mongodb" %} ![](https://2014605362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fx9GURwd0RAwi8uWZgH5v%2Fuploads%2Fgit-blob-c324bbb7e5db9c9f4bc33662bbb5a325c10f899c%2Fhow-it-works-4.jpg?alt=media) {% endtab %} {% tab title="Rails/Django/Laravel" %} ![](https://2014605362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fx9GURwd0RAwi8uWZgH5v%2Fuploads%2Fgit-blob-eb9105d9ba7e19c4e9821c4643502344fe114499%2Fhow-it-works-3.jpg?alt=media) {% endtab %} {% endtabs %} ### Security The connection to both servers to the **Admin Backend** and the **Forest Admin Servers** are protected using 2 different [**JWT**](https://jwt.io/) signed by 2 different keys: 1. `FOREST_ENV_SECRET` to authenticate all requests made to the **Forest Admin Servers** 2. `FOREST_AUTH_SECRET` to authenticate all requests made to the **Admin Backend** {% tabs %} {% tab title="SQL/Mongodb" %} ![](https://2014605362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fx9GURwd0RAwi8uWZgH5v%2Fuploads%2Fgit-blob-ae86750e40abccf3d10bd55a8e0d636b37330d7d%2Fhow-it-works-5.jpg?alt=media) {% endtab %} {% tab title="Rails/Django/Laravel" %} ![](https://2014605362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fx9GURwd0RAwi8uWZgH5v%2Fuploads%2Fgit-blob-4813f05e94003b21b0e6a05b015d5c7a5f80f85e%2Fhow-it-works-6.jpg?alt=media) {% endtab %} {% endtabs %} {% hint style="warning" %} `FOREST_ENV_SECRET` is provided by Forest Admin and ensures your **Admin Backend** interacts with the relevant environment configuration on our end\*\*.\*\* `FOREST_AUTH_SECRET` is chosen freely by you and is never disclosed to anyone\*\*.\*\* {% endhint %} {% hint style="info" %} The JWT Data Token contains all the details of the requesting user. On any authenticated request to your Admin Backend, you can access them with the variable `req.user`. {% code title="req.user content example" %} ```javascript { "id": "172", "email": "angelicabengtsson@doha2019.com", "firstName": "Angelica", "lastName": "Bengtsson", "team": "Pole Vault", "role": "Manager", "tags": [{ key: "country", value: "Canada" }], "renderingId": "4998", "iat": 1569913709, "exp": 1571123309 } ``` {% endcode %} {% endhint %} #### **No 3rd-party Tracking** The **Forest Admin UI** has an option to completely disable any 3rd-party provider that could track data available from your browser to guarantee the respect of data privacy. {% tabs %} {% tab title="SQL/Mongodb" %} ![](https://2014605362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fx9GURwd0RAwi8uWZgH5v%2Fuploads%2Fgit-blob-ceaee3fdedc1295b41823becdfc303934d3e9e27%2Fhow-it-works-7.jpg?alt=media) {% endtab %} {% tab title="Rails/Django/Laravel" %} ![](https://2014605362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fx9GURwd0RAwi8uWZgH5v%2Fuploads%2Fgit-blob-cc6f57ac7c43340bd388161bd3a7e18eafd889e9%2Fhow-it-works-8.jpg?alt=media) {% endtab %} {% endtabs %} #### IP Whitelisting The [IP whitelisting](https://docs.forestadmin.com/documentation/extra-help/setup/forest-admin-ip-white-listing-forest-cloud) feature allows you to create a list of trusted IP addresses or IP ranges from which your admin users can both access to the **Forest Admin UI** and interact with your **Admin Backend**. {% tabs %} {% tab title="SQL/Mongodb" %} ![](https://2014605362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fx9GURwd0RAwi8uWZgH5v%2Fuploads%2Fgit-blob-95f6ca72fa187e8b7bf53416102bcb0bab30d424%2Fhow-it-works-9.jpg?alt=media) {% endtab %} {% tab title="Rails/Django/Laravel" %} ![](https://2014605362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fx9GURwd0RAwi8uWZgH5v%2Fuploads%2Fgit-blob-026cb7abb3b57cbb0dbd4b6124a0906a1a197011%2Fhow-it-works-10.jpg?alt=media) {% endtab %} {% endtabs %} #### **DMZ & VPN** You're free to host your **Admin Backend** in the cloud architecture you want to be compliant with your security infrastructure (DMZ, VPN, etc.). ![](https://2014605362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fx9GURwd0RAwi8uWZgH5v%2Fuploads%2Fgit-blob-d67d3eda81675cefb6260aaa47b62fc5cab9a7f8%2Fhow-it-works-11.jpg?alt=media) ### Credentials We’re already working with companies compliant with the following Industry Standard Certifications. ![](https://2014605362-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LR7SWfEwsNtj_ZiSkSA%2F-LyoMNikAmY-iZUF4zMR%2F-LyoS1LZmU_0hjmoobyi%2Fimage.png?alt=media\&token=67a16278-1f39-42be-a955-0231b6319941) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.forestadmin.com/documentation/reference-guide/how-it-works.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.