{"id":31068419,"url":"https://github.com/kmaida/auth-architecture","last_synced_at":"2026-05-01T12:32:43.436Z","repository":{"id":304506040,"uuid":"1010783783","full_name":"kmaida/auth-architecture","owner":"kmaida","description":"Full demo of 4 architecture patterns for browser-based OAuth 2.0 / OIDC ","archived":false,"fork":false,"pushed_at":"2025-10-24T19:41:44.000Z","size":2857,"stargazers_count":5,"open_issues_count":3,"forks_count":2,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-01-31T00:32:17.386Z","etag":null,"topics":["api","authentication","authorization","fusionauth","nodejs","react"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kmaida.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-06-29T19:44:51.000Z","updated_at":"2025-12-08T08:42:05.000Z","dependencies_parsed_at":"2025-07-13T15:36:41.692Z","dependency_job_id":"328d363e-ae7a-4cf8-84cb-b3eebe5d795d","html_url":"https://github.com/kmaida/auth-architecture","commit_stats":null,"previous_names":["kmaida/auth-architecture"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/kmaida/auth-architecture","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kmaida%2Fauth-architecture","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kmaida%2Fauth-architecture/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kmaida%2Fauth-architecture/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kmaida%2Fauth-architecture/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kmaida","download_url":"https://codeload.github.com/kmaida/auth-architecture/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kmaida%2Fauth-architecture/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32497812,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-30T13:12:12.517Z","status":"online","status_checked_at":"2026-05-01T02:00:05.856Z","response_time":64,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","authentication","authorization","fusionauth","nodejs","react"],"created_at":"2025-09-15T21:09:21.422Z","updated_at":"2026-05-01T12:32:43.426Z","avatar_url":"https://github.com/kmaida.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Auth Architecture\n\nThis repo contains a set of apps demonstrating different auth architectures, a resource API server, and a \u003ca href=\"https://fusionauth.io\"\u003eFusionAuth\u003c/a\u003e Docker container with configuration (called a `kickstart`).\n\n- [FusionAuth authorization server](https://github.com/kmaida/auth-architecture/tree/main/fusionauth)\n- [Backend-for-Frontend](https://github.com/kmaida/auth-architecture/tree/main/bff) (BFF) [spec](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-browser-based-apps#name-backend-for-frontend-bff)\n- [Token-Mediating Backend](https://github.com/kmaida/auth-architecture/tree/main/tmb) (TMB) [spec](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-browser-based-apps#name-token-mediating-backend)\n- [Browser-based OAuth 2.0 client](https://github.com/kmaida/auth-architecture/tree/main/bboc) (BBOC) [spec](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-browser-based-apps#name-browser-based-oauth-20-clie)\n- [Backend-for-Frontend with Hosted Backend](https://github.com/kmaida/auth-architecture/tree/main/bff-hb) (BFF-HB) [FusionAuth hosted backend](https://fusionauth.io/docs/apis/hosted-backend)\n- [Resource API server](https://github.com/kmaida/auth-architecture/tree/main/resource-api)\n\n\u003e [!NOTE]\n\u003e This repo's demos are built with React and Node. An **Angular** version of this architecture demo set is available at [https://github.com/kmaida/auth-architecture-ng](https://github.com/kmaida/auth-architecture-ng).\n\n## Prerequisites\n\n- [Docker](https://docker.com) (for use of `docker compose`) or a Docker Desktop alternative (like [Podman](https://podman.io/) for PC or [Orbstack](https://orbstack.dev/) for Mac)\n- [Node.js](https://nodejs.org)\n\n## Installation\n\n1. Clone this repo\n2. Remove the `.sample` suffix from `/fusionauth/.env.sample` (and make the changes mentioned in the file)\n3. From the cloned `/fusionauth` folder, run: `docker compose up -d`\n4. FusionAuth will be installed in a Docker container and will use the included `/fusionauth/kickstart/kickstart.json` to set the appropriate FusionAuth configuration for use with this repo\n5. Verify that FusionAuth is installed and configured properly by navigating to `http://localhost:9011/admin`\n6. If you get a login screen at `http://localhost:9011/admin`, the kickstart was successful\n7. Log in with the admin credentials: `admin@example.com` / `password`\n8. In the FusionAuth dashboard, go to Applications and make sure there are three apps: `Auth Architecture (BFF \u0026 TMB)`, `Auth Architecture (BBOC \u0026 BFF-HB)`, and `FusionAuth`\n\n## Architecture\n\nUse the READMEs in each architecture folder (`/bff`, `/tmb`, `/bboc`, `/bff-hb`) for instructions on setting up that architecture. All demos use one FusionAuth instance.\n\n### Concurrent architectures\n\nYou will not be able to run multiple architecture demos at the same time because they share ports. If you'd like to run multiple apps at the same time, you must change the ports.\n\nAll apps share the same FusionAuth instance, so there is no need to run multiple FusionAuth containers.\n\n## Resource API\n\nUse the README in the `/resource-api` folder for setup instructions.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkmaida%2Fauth-architecture","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkmaida%2Fauth-architecture","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkmaida%2Fauth-architecture/lists"}