dfd analisis de sistemas: flujo JWT en infografía tech

Tech architecture infographic titled "JWT Token Flow" using archetype DATA PIPELINE (extract → transform → load), adapted to explain authentication and authorization token movement for a non-technical executive audience. Show a left-to-right hand-drawn whiteboard style pipeline with labeled boxes connected by clear directional arrows: 1) Browser — icon: web browser — role: 'User app sends login and API requests'; 2) API Gateway / REST API — icon: server rack or endpoint node — role: 'Receives HTTPS requests and validates access'; 3) Auth Service — icon: shield with key — role: 'Verifies credentials and issues JWT token'; 4) Cache — icon: memory chip — role: 'Stores session metadata or revoked token list'; 5) Queue — icon: message queue stack — role: 'Carries async audit and event messages'; 6) Database — icon: cylinder — role: 'Stores users, roles, and token-related records'; 7) Protected API Service — icon: microservice box — role: 'Processes authorized business requests'. Use arrows with short English labels showing accurate flow: Browser → API Gateway labeled 'HTTPS login request'; API Gateway → Auth Service labeled 'REST credentials check'; Auth Service → Database labeled 'SELECT user, roles'; Database → Auth Service labeled 'User record'; Auth Service → Cache labeled 'Store jti / revocation state'; Auth Service → Queue labeled 'Auth event'; Auth Service → Browser labeled '200 OK + JWT token'; Browser → API Gateway labeled 'HTTPS Authorization: Bearer JWT'; API Gateway → Cache labeled 'Check denylist / session'; API Gateway → Protected API Service labeled 'Validated JWT claims'; Protected API Service → Database labeled 'SELECT / INSERT data'; Protected API Service → Queue labeled 'Async audit event'; Protected API Service → Browser labeled '200 OK JSON response'; optionally show failed branch Browser/API Gateway response labeled '401 Unauthorized' for invalid or expired JWT. Include small generic cloud icon above API area only as infrastructure context, with no vendor branding. Add a numbered legend 1-7 in English: 1. 'User signs in from the browser over HTTPS.' 2. 'API forwards credentials to the Auth Service.' 3. 'Auth Service checks user data in the Database.' 4. 'Auth Service issues a signed JWT token and may store token state in Cache.' 5. 'Browser sends the JWT in the Authorization header on later requests.' 6. 'API validates the JWT, checks Cache if needed, and passes valid claims to the protected service.' 7. 'Protected service reads or writes Database data, emits audit events to Queue, and returns a JSON response.' Make the diagram visually simple, executive-friendly, and technically accurate, with bold box titles, one-line role descriptions, clear arrows, minimal jargon, and subtle annotations such as 'illustrative flow, not an audited reference architecture'. Visual style: hand-drawn whiteboard sketch, cool blue and cyan palette, soft gray outlines, light marker shading, clean spacing, friendly explanatory mood, editorial developer-blog illustration, isometric or flat tech-diagram style, vector-clean infographic layout. All text MUST be written in English (array). Every heading, label, caption, legend and metric name in the image must be in English — not English. Spell each English word correctly using English characters and diacritics. Numbers stay as digits, no real cloud-vendor logos (AWS / GCP / Azure) — use generic cloud icons, no watermarks No real cloud-vendor logos (AWS, GCP, Azure) beyond generic cloud icons. Common protocol names (HTTPS, TCP, JWT, OAuth, REST, GraphQL) stay in canonical English form. No security-claim overstatements (do not present diagrams as audited reference architectures).