Features
Here we will try to quickly present the features supported by ARCHWAY.
All these features are accessible via the user interface.
Route Management
ARCHWAY is based on Spring Cloud Gateway.
It also offers most of the features provided by the latter.
This is the minimum...
- Creation of routes
- Definition of route conditions (Predicates)
- Modification of requests (Filters)
- Modification of responses (Filters)
Securing Routes
It also adds a mechanism to secure routes and endpoints.
- Is authentication required?
- Is a specific role required?
You can manage route security at two levels:
- At the level of the route itself.
- At the level of the endpoints.
User Management
ARCHWAY manages several types of users:
- DB user, created in the database
- OAuth2 user (Google, GitHub)
- LDAP user
These users will be the users of the microservices behind the APP Gateway.
Supported Features
- User information
- Organizations
- MFA (Multi-Factor Authentication)
- Groups within the organization (and therefore roles)
- Password policy (complexity, failures, change)
- Blocking
- Allowed date and time ranges.
- Session time
MFA (Multi-Factor Authentication)
ARCHWAY supports built-in MFA (Multi-Factor Authentication) for users.
Organizations (multitenant)
ARCHWAY allows managing tenants (organizations).
This feature allows you to compartmentalize data by organization.
Each tenant can have its own configuration, its own users, its own groups, etc.
If the user is in multiple organizations, they will have to choose which organization they want to connect to.
Authentication and Authorization
ARCHWAY offers a ready-to-use authentication and authorization mechanism of type RBAC (role-based access control).
This will allow you to easily use roles to secure your routes, services, and endpoints.
In a few points:
- User management in the database
- Password change by date
- User repudiation
- MFA (Multi-Factor Authentication)
- Concept of groups (grouping of roles)
As previously mentioned, ARCHWAY manages tenants. Also, a user can have different roles in each organization.
Locales
You can configure locales via UI. ARCHWAY will transmit in the HTTP request the locale chosen by the user.
Frontend
ARCHWAY provides a modern interface for administering routes, users, organizations, etc.
But not only that, ARCHWAY supports certain features like:
- Adding a user button
- Consent popup
The user button allows you to:
- log in
- change language
- change organization
- enable/disable MFA
- update the password
- access the user profile
- log out
Swagger-UI
ARCHWAY provides a Swagger-UI to visualize the OpenAPI specifications.
When you set the path of the OpenAPI specification in the route, the Swagger-UI will be available.
Connections
ARCHWAY allows you to connect in several ways:
- Via the login form
- Via an
OAuth2mechanism - Via a
JWTmechanism
An administration interface allows you to view the connection history (especially the connection failures).
Vault
ARCHWAY offers a vault similar to what AshiCorp Vault offers but simpler.
The vault manages 2 types of items:
- secrets that are encrypted in the database with a symmetric key.
- and clear values.
You can add an expiration date to the encrypted items to be informed of the need to update them.
Moreover, encrypted elements are never displayed in the interface, which helps avoid certain mishaps.
The items stored in the vault can be used in different places identified by this icon: