Barong

Barong is a authentication service for microservice architectures using JWT standard. It's developped and maintained by Openware team.

Overview

It includes the following features:

• Registration of users
• Role based access control (RBAC)
• Embedded KyC process
• Integrated KycAID plugin
• Mailing system: event based, support multi-language, secured by cryptographic signatures
• Service accounts
• Focused on user privacy: sensitive informations are encrypted in database using vault, masks are applied on fields in user API endpoints

Development

Prerequisites:

• Ruby version: 2.6.6
• Bundler preinstalled
• MySQL preinstalled

1. Install RubyGems dependencies

   bundle install

2. Copy initialisation files

   bin/init_config

3. Create database and run migrations

   bundle exec rake db:create db:migrate

4. Start local server

   bundle exec rails server

Barong Levels

In the process of verification Barong assign different levels to accounts

• Level 0 is default account level
• Level 1 will apply after email verification
• Level 2 will apply after phone verification
• Level 3 will apply after identity & document verification

Useful links to documentation

Barong configuration

Troubleshooting

REST Admin API documentation

REST Management API documentation

REST User API documentation

API Keys creation and usage

Captcha policy overview and configuration

Setting up 2FA

Barong password hashing

Barong data encryption

License

Barong is released under the terms of the Apache License 2.0.