Asar — Identity Platform
Go-based identity and access management platform for enterprise authentication flows. Provides OAuth2/OIDC/SAML protocol surfaces, MFA orchestration, device trust and fingerprinting, session and token lifecycle, and hardened credential handling — designed as a modular IdP foundation for workforce and client identity.
View Code
Technology Stack
Go
TypeScript
React
OAuth2
OpenID Connect
SAML
JWT
JWKS
WebAuthn
MFA
RBAC
Microservices
REST/OpenAPI
Argon2id
Device Trust
Anomaly Scoring
Key Results
OAuth2, OpenID Connect, SAML, JWKS
Protocols
MFA orchestration, device trust, anomaly scoring
Assurance
Argon2id credentials, RBAC, hardened login flows
Security
Modular IdP microservices with OpenAPI contracts
Architecture
Pre-commercial (private)
Release Stage
Challenges & Solutions
- Designing a multi-protocol IdP foundation (OAuth2/OIDC/SAML) with consistent token and session semantics
- Integrating device fingerprinting and trust signals into authentication and step-up decisions
- Shipping a TypeScript browser SDK and React admin surfaces alongside Go IdP services
- Building secure credential storage with modern password hashing and account lockout policies
- Orchestrating MFA routes across push, inline, and fallback factors without weakening assurance
- Publishing discovery documents, JWKS rotation, and internal token issuance for service-to-service trust
- Structuring microservices for fingerprint collection, matching, and risk scoring with clear API boundaries
Project Stats
N/A
Team
Ongoing
Duration