Skip to content
/ inter-auth-spec Public

specification for inter-authentication APIs between multiple micro-services.

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

CONNECT-platform/inter-auth-spec

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

84 Commits
GOALS.md
GOALS.md
 
 
LICENSE
LICENSE
 
 
MOTIVATION.md
MOTIVATION.md
 
 
NOTATION.md
NOTATION.md
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
TERMINOLOGY.md
TERMINOLOGY.md
 
 

Repository files navigation

InterAuth specification

these documents aim to provide an interoperable, secure and easy-to-develop framework for seamless communication between various (micro)services in various scenarios. to be more specific, these documents focus on one service, consumer, requesting some functionality or data from another service, provider, with them most probably being developed and maintained by separate entities, and probably some financial transaction required in exchange for the services of the provider. these documents aim to put forth a specification such that implementations conforming to said specification can facilitate such integrations in a secure and highly interoperable manner.

targeted integrations can be broken into two categories:

  1. direct integration: where the functionality/data provided by the provider merely relates to the consumer, or by some other measure the provider can and will provide the aforementioned functionality/data to the consumer without authorization of any third-party being required

  2. authorized integration: where the functionality/data provided by the provider relates to, or by some other measure requires approval of a third-party, the authorizer

contents

for easing the process of accessing and reading different sections of this specification, it is broken down into several documents.

  1. motivation

    1. background

    2. direct integration

    3. authorized integration

  2. goals

    1. interoperability

    2. flexibility

    3. security

    4. seamlessness

    5. stateless-ness

    6. reusability

  3. terminology

    1. conformity

      1. standard implementation
      2. requirement indicators

    2. common terms

      1. service
      2. root address
      3. endpoint
      4. signing
      5. self-signing

    3. network

      1. trusted entities
      2. providers/consumers
      3. integration

  4. notation

  5. security

    1. secure communication

      1. standard implementation
      2. external communication

    2. signatures

      1. standard implementation

  6. protocols

    1. direct integration

    2. authorized integration

  7. security analysis

  8. further work

About

specification for inter-authentication APIs between multiple micro-services.

Resources

Readme

License

GPL-3.0 license

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published