{"id":22268218,"url":"https://github.com/curityio/dynamic-user-routing","last_synced_at":"2025-03-25T14:45:49.380Z","repository":{"id":74437453,"uuid":"368443788","full_name":"curityio/dynamic-user-routing","owner":"curityio","description":"Dynamic routing of users to their home region, during authentication and API requests","archived":false,"fork":false,"pushed_at":"2023-05-04T16:35:20.000Z","size":323,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-01-30T13:31:42.763Z","etag":null,"topics":["api-gateway","authentication-action","claims","multi-region","oauth2","use-case","wrapper-jwt"],"latest_commit_sha":null,"homepage":"https://curity.io/resources/learn/dynamic-user-routing/","language":"Lua","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/curityio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-05-18T07:44:52.000Z","updated_at":"2023-04-27T09:29:59.000Z","dependencies_parsed_at":"2024-12-03T11:12:02.882Z","dependency_job_id":"ab565c36-ec7e-4fa1-8cc3-a836816eb129","html_url":"https://github.com/curityio/dynamic-user-routing","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fdynamic-user-routing","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fdynamic-user-routing/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fdynamic-user-routing/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fdynamic-user-routing/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/curityio","download_url":"https://codeload.github.com/curityio/dynamic-user-routing/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245486241,"owners_count":20623239,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api-gateway","authentication-action","claims","multi-region","oauth2","use-case","wrapper-jwt"],"created_at":"2024-12-03T11:11:56.060Z","updated_at":"2025-03-25T14:45:49.307Z","avatar_url":"https://github.com/curityio.png","language":"Lua","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Dynamic User Routing\n\n[![Quality](https://img.shields.io/badge/quality-demo-red)](https://curity.io/resources/code-examples/status/)\n[![Availability](https://img.shields.io/badge/availability-source-blue)](https://curity.io/resources/code-examples/status/)\n\nHow to route OAuth requests to a user's home region, in a global deployment.\\\nThis ensures that Personally Identifiable Information (PII) never gets stored in the wrong region.\n\n## Install Prerequisites\n\n- Install Docker Desktop and configure memory resources of 8GB\n- Install ngrok\n- Install jq\n- Copy a valid `license.json` file into the idsvr folder\n\n## Deploy the System\n\nRun one of these commands, supplying the name of the reverse proxy you want to use.\\\nWhen prompted, copy the ngrok URL, such as https://5036fca5f99d.eu.ngrok.io, for providing to OAuth Tools:\n\n```bash\n./run.sh nginx\n./run.sh kong\n```\n\nThen press enter to open OAuth Tools and to deploy the Docker components.\\\nThe reverse proxy will be deployed, along with instances of the Curity Identity Server for EU and US regions.\n\n## Access the System\n\nOnce the system is up, select 'Use Webfinger' in OAuth tools and enter the ngrok URL.\\\nThe Curity Identity Server runtime nodes are accessed via the Reverse Proxy, which uses the ngrok URL.\\\nAdminister the system via the admin node, signing in as user `admin` and password `Password1`.\n\n| Component | Base URL | URL Type |\n| --------- | -------- | -------- |\n| Reverse Proxy | https://5036fca5f99d.eu.ngrok.io | External |\n| Curity Admin Node | https://localhost:6749/admin | External |\n| Curity Europe Runtime | http://internal-curity-eu:8443 | Internal |\n| Curity USA Runtime | http://internal-curity-us:8443 | Internal |\n\n## Test Regional Logins\n\nIn OAuth Tools, run a Code Flow login for the following client, then redeem the code for tokens.\\\nThe login will begin in the EU region, then may switch to the US region once the user is identified.\n\n- Client ID: tools-client\n- Client Secret: Password1\n- Sign in as 'testuser.eu' or 'testuser.us' with password 'Password1'\n- Verify from logs that you are routed to the expected Curity instance\n\n## View Logs\n\nThe console outputs logs for all components, whose docker IDs can be retrieved with these commands:\n\n```bash\nexport CURITY_EU_CONTAINER_ID=$(docker container ls | grep curity_eu | awk '{print $1}')\nexport CURITY_US_CONTAINER_ID=$(docker container ls | grep curity_us | awk '{print $1}')\nexport KONG_CONTAINER_ID=$(docker container ls | grep kong | awk '{print $1}')\nexport NGINX_CONTAINER_ID=$(docker container ls | grep openresty | awk '{print $1}')\n```\n\nTo view proxy server logs in a separate terminal window, use a command of this form:\n\n```bash\ndocker logs -f $NGINX_CONTAINER_ID\n```\n\n## Cloud Reverse Proxies\n\nIf you use a cloud reverse proxy, have a look at the [CLOUD.md](CLOUD.md) document to learn how to configure dynamic user\nrouting in such a case.\n\n## Website Documentation\n\nSee the Curity website resources for further information:\n\n- [Dynamic User Routing Design](https://curity.io/resources/learn/dynamic-user-routing/)\n- [Implementing Dynamic User Routing](https://curity.io/resources/learn/implementing-dynamic-user-routing/)\n\n## More Information\n\nPlease visit [curity.io](https://curity.io/) for more information about the Curity Identity Server.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fdynamic-user-routing","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcurityio%2Fdynamic-user-routing","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fdynamic-user-routing/lists"}