Skip to content
/ auth-service Public

Authorization and Authentication Service. Used primarily for 3PPI transfers in addition to services where authentication is required, usually during quoting phase

License

View license
4 stars 10 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mojaloop/auth-service

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

163 Commits
.circleci
.circleci
 
 
.husky
.husky
 
 
config
config
 
 
docker
docker
 
 
docs
docs
 
 
migrations
migrations
 
 
scripts
scripts
 
 
secrets
secrets
 
 
seeds
seeds
 
 
src
src
 
 
test
test
 
 
.dockerignore
.dockerignore
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
.grype.yaml
.grype.yaml
 
 
.ncurc.js
.ncurc.js
 
 
.nvmrc
.nvmrc
 
 
.prettierrc.js
.prettierrc.js
 
 
.versionrc.js
.versionrc.js
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CODEOWNERS
CODEOWNERS
 
 
Dockerfile
Dockerfile
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
ambient.d.ts
ambient.d.ts
 
 
audit-ci.jsonc
audit-ci.jsonc
 
 
commitlint.config.js
commitlint.config.js
 
 
docker-compose.yml
docker-compose.yml
 
 
eslint.config.mjs
eslint.config.mjs
 
 
jest.bdd.config.js
jest.bdd.config.js
 
 
jest.config.js
jest.config.js
 
 
jest.coverage.config.js
jest.coverage.config.js
 
 
jest.integration.config.js
jest.integration.config.js
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
sbom-v15.2.7.csv
sbom-v15.2.7.csv
 
 
tsconfig.build.json
tsconfig.build.json
 
 
tsconfig.json
tsconfig.json
 
 

Repository files navigation

Auth Service (Work in Progress)

Git Commit Git Releases Npm Version NPM Vulnerabilities CircleCI

Mojaloop central AuthZ + AuthN service. Currently for FIDO implementation in a Mojaloop switch.

Overview

Setup

Clone repo

git clone git@github.com:mojaloop/AuthService.git

Improve local DNS resolver

Add the 127.0.0.1 auth-service.local entry in your /etc/hosts so the auth-service is reachable on http://auth-service.local:4004. Elsewhere use http://localhost:4004

Install service dependencies

cd auth-service
npm ci

Run local dockerized auth-service

npm run docker:build
npm run docker:run

To check the auth-service health visit http://auth-service.local:4004/health

Run locally with database in docker-compose

docker-compose up -d mysql
npm run migrate
npm run start

Updating the OpenApi (Swagger) Spec

We use multi-file-swagger to make our swagger files more manageable.

After making changes to the .yaml files in ./src/interface/, update the swagger.json file like so:

    npm run build:openapi

Note: We will likely want to move to swagger 3.0 at some point, and once we do, we will be able to use the common api snippets library to factor out common Mojaloop snippets. Keep track of #352 - Update to OpenAPI v3

Auditing Dependencies

We use audit-ci along with npm audit to check dependencies for node vulnerabilities, and keep track of resolved dependencies with an audit-ci.jsonc file.

To start a new resolution process, run:

npm run audit:fix

You can then check to see if the CI will pass based on the current dependencies with:

npm run audit:check

The audit-ci.jsonc contains any audit-exceptions that cannot be fixed to ensure that CircleCI will build correctly.

About

Authorization and Authentication Service. Used primarily for 3PPI transfers in addition to services where authentication is required, usually during quoting phase

Topics

ml-core-service ml-l1-secured

Resources

Readme

License

View license
Activity
Custom properties

Stars

4 stars

Watchers

18 watching

Forks

10 forks
Report repository

Releases 62

v15.2.7 Release Latest
Jul 25, 2025
+ 61 releases

Packages

No packages published

Contributors 14

Languages