Dashboard to manage application access for employees
Config Repo: Edit what apps, icons and the URLs for those apps for several environments
Edit the application configuration files for each environment
Edit the config files in this
Outline which parts of the application each team is responsible for.
Digital Team | Security Team |
---|---|
Presentation Logic
i.e Application design, UI elements, UX (functionality), etc
Business Logic
i.e sorting, password change, session login, changes to application data, etc
Data Requests (from Security Endpoints)
Endpoint/API Access
Data Formatting (for display)
Data Formating
Application Session
Store user data after login in application session, used to hold tokens for password change, etc
Password Validation (Server side)
Compare against previous used password, etc
UI shows error message when accessing endpoint fails
GENERATE error when authentication fails for any reason
UI/UX informs user of missing/errors on input fields
GENERATE error when user account not set up properly
REPORT error generated by endpoint (Rollbar tracking)
GENERATE error when FID not functioning properly
REPORT error generated by UX to Rollbar
Certification changes, errors
This app runs a node server to provide several services that include logging into IdentityIQ/Ping, etc. The main GraphQL endpoint is connected to the identityIq API Url, however, we run an additional
The Server is extended to support GraphQL using middleware and add it to the server as a plugin .register(...)
format. The endpoint is connected to the identityIq
endpoint and uses PingID properties; both of these do not live in the repo, they are located in an AWS s3 bucket that gets mounted onto the container when service starts. identityIq
is an API URL that lives in the environment file in s3; how pingId
is a set of properties (token, adp_url, base64 key, etc) that get loaded from the PINGID_PROPERTIES_FILE
file in s3.
Relevant Files
services-js/access-boston/src/pages/_app.tsx
services-js/access-boston/src/server/access-boston.ts
services-js/access-boston/src/server/services/PingId.ts
modules-js/next-client-common/src/next-client-common.ts
services-js/access-boston/src/client/graphql/change-password.ts
services-js/access-boston/src/pages/change-password.tsx