So there has been some recent thought on the approach to take with the Identity Server project, and I believe would assist in speeding up the readiness of individual projects moving forward.
That is, originally, the intent was to include user management capabilities in the user interfaces within the Bastille.Id.Server project. This was a more traditional approach of providing interfaces close to the point of identity authentication and management.
However, with a micro-service approach, we would separate those duties of managing one's profile, managing organizations, grants, and other features to separate client apps that work within that scope.
Taking this approach, Bastille.Id.Server would simply provide the interfaces to allow for the authentication of a user, generation and validation of tokens for clients, 2FA, and for PAT.
A new client would be created (Bastille.Id.Account) to manage a user's profile, grants. This would utilize the Bastille.Id.Api for interacting with user data.
A new client would be created (Bastille.Id.Admin) to provide interfaces for managing an organization, organization groups, organization roles, claims, organization users; where organization. This would utilize the Bastille.Id.Api for interacting with client data.
These individual pieces would all then work together through a single database back-end, allow for the retrieval and storage of data.
The reasoning behind this allows for a smaller footprint of code per scope which tends to move progress forward on critical pieces and fixes faster, rather than waiting on a batch of other development to complete for a release. It also frees up load on a host that is hosting the core Bastille.Id.Server to handle the cryptographically intense processing rather than a slew of additional requests for profile management. This workload can be offloaded to the API and respective client apps.
So there has been some recent thought on the approach to take with the Identity Server project, and I believe would assist in speeding up the readiness of individual projects moving forward.
That is, originally, the intent was to include user management capabilities in the user interfaces within the Bastille.Id.Server project. This was a more traditional approach of providing interfaces close to the point of identity authentication and management.
However, with a micro-service approach, we would separate those duties of managing one's profile, managing organizations, grants, and other features to separate client apps that work within that scope.
Taking this approach, Bastille.Id.Server would simply provide the interfaces to allow for the authentication of a user, generation and validation of tokens for clients, 2FA, and for PAT.
A new client would be created (Bastille.Id.Account) to manage a user's profile, grants. This would utilize the Bastille.Id.Api for interacting with user data.
A new client would be created (Bastille.Id.Admin) to provide interfaces for managing an organization, organization groups, organization roles, claims, organization users; where organization. This would utilize the Bastille.Id.Api for interacting with client data.
These individual pieces would all then work together through a single database back-end, allow for the retrieval and storage of data.
The reasoning behind this allows for a smaller footprint of code per scope which tends to move progress forward on critical pieces and fixes faster, rather than waiting on a batch of other development to complete for a release. It also frees up load on a host that is hosting the core Bastille.Id.Server to handle the cryptographically intense processing rather than a slew of additional requests for profile management. This workload can be offloaded to the API and respective client apps.