Authentication && Authorization MicroService created for container-based deployments.


100.0.334 years ago4 years agoMinified + gzip package size for annams in KB



Authentication && Authorization MicroService created for container-based deployments.

Build Status Maintainability Test Coverage

  1. Authentication
  2. Authorisation
  3. MicroService

Documentation Index

  1. Configuring Annams
  2. Deploying Annams
  3. REST-ful API
  4. GraphQL API
  5. Contributing

Annams Elsewhere



Authentication is the process of knowing who a user is. Annams provides for the following methods of authenticating a user:

  • Email/password
  • Username/password
  • One-Time-Email
  • Via Facebook
  • Via Google

To keep Annams stateless, we utilise JSON Web Tokens (JWTs) which are signed using asymmetric keys.


Authorization is the process of restricting access to content a user may access. Annams allows you to create Resource Types, Groups, and Accounts.

  1. Resource Types are atomic and can be assigned one or more Groups.
  2. Groups can be assigned one or more Accounts.
  3. Accounts belonging to a Group that has access to a Resource Type will be able to access the Resource Type, otherwise, access can be denied.


Annams was created for deployment as part of a larger microservice architecture and accounts for both intra-network communications with other microservices, as well as communication with a client-side application. We implement the following features:

  • Basic HTTP header security
  • GZIP compressed responses
  • Metrics collection/exposing (via Prometheus)
  • Liveness Checks
  • Readiness Checks
  • Cross-Origin-Resource-Sharing (CORS)
  • MicroServices compatible logging (via Pino)
  • Containerisable (via Docker)
  • Traceability (via Zipkin)
  • Support for Consumer Driven Contract (CDC) Testing (via Wiremock)
  • Virtual Machine Deployment Support (via PM2)
  • Container Deployment Support (via Docker)
  • Container Deployment Support (via Kubernetes)
  • REST-ful API

Future Development

The following are on the roadmap for future development:

  • HTTP/2 Compatibility
  • GraphQL API
  • Administrator Frontend

Architecture Notes

Primary Technologies

  • Shell Scripting
  • JavaScript (ES2017)
  • Docker
  • Kubernetes

Significant Frameworks/Libraries/Tools

Third Party Services


Annams is licensed under the GPLv3 license.

Authentication && Authorization MicroService (ANNAMS)

Copyright (C) 2018 Joseph Matthias Goh (@zephinzer)

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see


(please contribute!)

If you find any bugs or have a feature request, please open an issue on github!

The npm package download data comes from npm's download counts api and package details come from