StarGate¶
Plane: Identity Plane (part of DotID)
Purpose¶
Internal web application for administering the Identity Plane. Named in the spirit of AWS Gandalf — the gatekeeper. StarGate provides a unified admin interface for managing users, organizations, accounts, policies, and developer registrations.
Responsibilities¶
User management (list, search, view details)
Organization and account administration
IAM policy and group management
Action namespace and permission set configuration
Developer app registration approval workflow
Audit log viewing and filtering
System health dashboard
Technology¶
Component |
Technology |
|---|---|
Framework |
React + TypeScript |
UI Library |
IBM Carbon Design System |
Auth |
keycloak-js (PKCE) |
Keycloak Admin |
@keycloak/keycloak-admin-client |
Build |
Vite |
Pages¶
Page |
Data Source |
Description |
|---|---|---|
Dashboard |
Authorization API |
Summary counts and system health |
Users |
Keycloak Admin API |
User listing with search and pagination |
Groups |
Authorization API |
IAM groups per account |
Services |
Keycloak Admin API |
OAuth2 client listing |
Organizations |
Authorization API |
Organization hierarchy with OUs and SCPs |
Accounts |
Authorization API |
Account listing with password policy |
Namespaces |
Authorization API |
Action namespace and definition management |
Permission Sets |
Authorization API |
IAM policies per account |
Approvals |
Dev2m API |
Developer app registration queue |
Audit Log |
Authorization API |
Event log with filtering |
Dependencies¶
Service |
Relationship |
|---|---|
DotID (Keycloak) |
Authentication (PKCE), user/client management |
Authorization Service |
Organizations, accounts, policies, groups, audit |
Dev2m API |
Developer registration approval workflow |
Deployment¶
Environment |
URL |
|---|---|
Production |
|
Local Dev |
|