{"id":36911961,"url":"https://github.com/wisdom-oss/service-user-management","last_synced_at":"2026-01-12T15:59:37.700Z","repository":{"id":254434740,"uuid":"845548619","full_name":"wisdom-oss/service-user-management","owner":"wisdom-oss","description":"👥 user and permission management using OpenID Connect","archived":false,"fork":false,"pushed_at":"2025-03-06T21:41:48.000Z","size":172,"stargazers_count":0,"open_issues_count":3,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-06T22:27:48.335Z","etag":null,"topics":["backend"],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wisdom-oss.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-08-21T13:13:51.000Z","updated_at":"2025-03-06T21:40:45.000Z","dependencies_parsed_at":"2024-08-23T13:04:41.403Z","dependency_job_id":"82f57312-e5cd-4b70-ab22-1a607f655655","html_url":"https://github.com/wisdom-oss/service-user-management","commit_stats":null,"previous_names":["wisdom-oss/service-user-management"],"tags_count":0,"template":false,"template_full_name":"wisdom-oss/microservice-template","purl":"pkg:github/wisdom-oss/service-user-management","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wisdom-oss%2Fservice-user-management","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wisdom-oss%2Fservice-user-management/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wisdom-oss%2Fservice-user-management/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wisdom-oss%2Fservice-user-management/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wisdom-oss","download_url":"https://codeload.github.com/wisdom-oss/service-user-management/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wisdom-oss%2Fservice-user-management/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28341901,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-12T15:50:39.657Z","status":"ssl_error","status_checked_at":"2026-01-12T15:49:49.297Z","response_time":98,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["backend"],"created_at":"2026-01-12T15:59:35.513Z","updated_at":"2026-01-12T15:59:37.687Z","avatar_url":"https://github.com/wisdom-oss.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\u003cimg height=\"150px\" src=\"https://raw.githubusercontent.com/wisdom-oss/brand/main/svg/standalone_color.svg\"\u003e\n\u003ch1\u003eUser Management\u003c/h1\u003e\n\u003ch3\u003eservice-user-management\u003c/h3\u003e\n\u003cp\u003e👥 user and permission management using OpenID Connect\u003c/p\u003e\n\u003cimg src=\"https://img.shields.io/github/go-mod/go-version/wisdom-oss/service-user-management?style=for-the-badge\" alt=\"Go Lang Version\"/\u003e\n\u003ca href=\"openapi.yaml\"\u003e\n\u003cimg src=\"https://img.shields.io/badge/Schema%20Version-3.0.0-6BA539?style=for-the-badge\u0026logo=OpenAPI%20Initiative\" alt=\"Open\nAPI Schema Version\"/\u003e\u003c/a\u003e\n\u003c/div\u003e\n\n\u003e [!IMPORTANT]\n\u003e This microservice depends on an external OpenID Connect Provider\n\nThis microservice acts as a middle-man between the OpenID Connect Provider used\nfor authentication of users and the permission management inside the WISdoM\nplatform to minimize the amount of customization required in a OpenID Connect\nProvider.\nIt accepts the authentication codes generated by the OpenID Connect Provider\nand uses them to request an ID Token from the provider.\nThis ID token is then used to provide an access token which allows \nauthenticating with backend services and allows dynamically showing and hiding \nentries in the frontend.\nThe user management service uses signed JWTs to ensure that no tampering can\nhappen on the client side to gain access to services without proper \nauthorization.\n\n## Configuration\nThe microservice requires access to a PostgreSQL database for storing the\nexternal identifiers of users and for persisting permission information about\nthe users.\nTo connect the microservice to a database, please set the following environment\nvariables:\n  - `PGUSER`\n  - `PGPASSWORD`\n  - `PGHOST`\n  - `PGDATABASE`\n\nand if necessary:\n  - `PGPORT`\n\nFurthermore, you need to specify the client id and secret for the OpenID Connect\nprovider as well as the issuer as shown in your provider using the following\nenvironment variables:\n  - `OIDC_CLIENT_ID`\n  - `OIDC_CLIENT_SECRET`\n  - `OIDC_ISSUER`\n  - `OIDC_REDIRECT_URI` — The URI to which a request should be redirected to if it started in the frontend\n\nThe required certificates are automatically generated during the initial startup\nand stored in the microservice.\nIt is recommended to create a volume mount if using docker to persist the\ncertificates during container recreation to ensure updates to not break already\nrunning sessions\n\n## Usage\nTo use the User Management, just navigate to the `/login` endpoint and the \nservice automatically redirects you to the configured OIDC provider and sets\nthe redirect URI according to the configuration.\n\n\u003e [!IMPORTANT]\n\u003e If the redirecti uri isn't the service itself, you need to take additional\n\u003e steps to retrieve a token set. Using the built-in callback page _isn't\n\u003e recommended_ as the flow may appear unnatural for users.\n\u003e \n\u003e Read more here: [Using an external callback page](#using-an-external-callback-page-recommended)\n\n\n### With the built-in callback page\n\n\u003e[!NOTE]\n\u003e The built-in callback page should only be used while developing and testing\n\u003e of the service as it may break the login flow otherwise\n\n\nThe built-in callback page automatically redirects users to the token endpoint\nat which a new token set is generated and sent back.\n\n\n\n### Using an external callback page (recommended)\nIf you're using an external callback page, the OIDC provider redirects the\nusers to the one specified by you.\nThe provider will add the following query parameters to the redirection which\nyou need to request a new token set:\n  - `code`\n  - `state`\n\nPlease use those query parameters and the according values and request a new\ntoken set using the `/token` endpoint as indicated in the \n[api documentation](openapi.yaml)","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwisdom-oss%2Fservice-user-management","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwisdom-oss%2Fservice-user-management","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwisdom-oss%2Fservice-user-management/lists"}