VAuthenticator is an OpenID Connect and OAuth2 authorization server ecosystem. The repository started from an OAuth2 authorization server built during a master thesis and now contains the backend, admin UI, runtime UI configuration service, and Helm deployment assets.
| Project | Purpose |
|---|---|
auth-server |
Kotlin/Spring Boot authorization server with OAuth2, OIDC, MFA, account lifecycle, roles, keys, templates, and management APIs. |
management-ui |
Standalone React/TypeScript admin UI for managing clients, accounts, roles, keys, and email templates. |
config-manager |
Go service that exposes runtime configuration consumed by the management UI. |
helm-charts |
Helm chart and chart repository docs for Kubernetes deployment. |
Backend capabilities include:
- OAuth2 Authorization Server and OpenID Connect support on Spring Boot 4.x and Spring Security 7+
- JWT access token and ID token customization through Lambda integration
- Client application, role, account, and key management APIs
- Signup, welcome email, email verification, password reset, and password change flows
- MFA with email, SMS, and OTP support
- Post-login workflows, including forced password reset
- RP-initiated logout and OIDC Session Management
- Custom actuator management endpoints for setup and cleanup
Storage and infrastructure options include:
- DynamoDB or PostgreSQL persistence profiles
- Redis for authorization code storage, distributed session storage, and cache
- AWS KMS-backed keys or local/plain Java key management
- S3 or filesystem-backed document/static asset loading
Add these hostnames to your local hosts file:
127.0.0.1 local.api.vauthenticator.com
127.0.0.1 local.management.vauthenticator.com
127.0.0.1 local.ui-config-manager.vauthenticator.com
Start the auth-server dependencies and tenant setup from the auth-server local docs:
Run the configuration service used by the management UI:
cd config-manager
export CONFIG_MANAGER_ENV_FILE=.env.example
make runBuild and serve the management UI locally:
cd management-ui
bash build.sh
docker compose -f local/docker-compose.yml upThe local UI is served from:
http://local.management.vauthenticator.com:8085/secure/admin/index
The nginx config in management-ui/local proxies GET /api/config to config-manager on host.docker.internal:8086 and forwards the Host header as local.ui-config-manager.vauthenticator.com.
| Project | Commands |
|---|---|
auth-server |
./mvnw test, ./mvnw package, ./mvnw spring-boot:run |
auth-server/src/main/frontend |
npm install, npm run build, npm run production-build, npm run watch |
management-ui/src |
npm install, npm run build, npm run production-build, npm run watch |
management-ui |
bash build.sh |
config-manager |
make test, make run, make build, make tidy |