Identity Management System

A neutrino walks through a bar.

Description

I noticed during my first days of work that the setup for account management was decentralized, with each IT system having its own login credentials. As the number of systems grew, managing these credentials became increasingly unwieldy. To address this issue, I suggested a single-sign-on (SSO) solution, which would allow users to access multiple systems using a single set of credentials.

The SSO solution was designed with the concept of Role-based Access Control (RBAC) in mind. RBAC is a method of controlling access to resources based on a user's role within an organization. The system was designed to be flexible and granular, allowing for specific permissions to be assigned to individual users.

Functions

Account Data

  • Create, modify, and delete accounts.

Permission Data

  • Create applications and modules that they consist of.

  • Create and delete actions that a user can perform.

  • Create roles and map them to application modules.

  • Map permissions to roles and actions.

Security Logging

  • Log certain events for monitoring and security audit purposes

Work Done

Interview

  • Collaborated with team members to gather requirements and ensure system met business needs.

Development

  • Designed database schema and created entity-relationship charts to ensure efficient data storage and relationships.

  • Developed backend code and tested it thoroughly to ensure functionality, reliability, and performance.

  • Created database, tables, views, and stored procedures

  • Created comprehensive API documentation to facilitate future development and integration.

Deployment

  • Successfully deployed system to production environment.

  • Provided training and support to team members to ensure successful adoption and usage of the system.

  • Assimilated system with existing systems to unify discrete accounts.

Security

  • Periodically check the logs for any unusual events.

Tech Stack

Express.js Swagger MicrosoftSQLServer GitHub

  • Pino + Prometheus + Grafana Loki - logging, visualization, and data analysis

  • Grafana k6 + locust.py - load testing

  • JSON Web Tokens - authentication base

  • bcrypt - password hashing

PreviousImage / File Processing SystemNextServer Overhaul / Administration

Last updated