A lightweight Go server application providing the FestivalsIdentityAPI, a RESTful API that handles all authentication and authorization needs for FestivalsApp components.
Development • Deployment • Engage
The FestivalsApp backend is secured using three different mechanisms to ensure both secure communication and controlled access:
- Mutual TLS (mTLS) – Every party must have a valid client certificate issued by the FestivalsApp Root CA to establish secure communication with other services. This prevents unauthorized access at the transport layer. For more details, refer to the festivals-pki repository.
- API Keys – Required for accessing read-only parts of the FestivalsAPI. These keys provide a simple way to authenticate services and users that do not require full access.
- JSON Web Tokens (JWTs) – Used for all other interactions. JWTs enable role-based access control (RBAC), ensuring users are authorized to access specific functions based on their assigned roles and also implement resource access based on user identity. The system verifies JWTs on every request to enforce access restrictions dynamically.
In addition to these mechanisms, the backend enforces strict firewall rules and network segmentation to minimize exposure to unauthorized access.
The FestivalsApp Identity Server follows a modular structure for clarity and maintainability. The database directory
for managing the database, while auth handles core authentication logic, server manages API routes and middleware
and operation documents deployment and environment. GitHub Actions are in .github, and .vscode provides recommended
settings. The entry point is main.go, with dependencies in go.mod and go.sum.
Refer to FestivalsIdentityAPI Documentation for details on available endpoints.
- Golang Version 1.24.1+
- Visual Studio Code 1.99.2+
- Plugin recommendations are managed via workspace recommendations.
- Bash script friendly environment
The Go binaries are able to run without system dependencies so there are not many requirements for the system to run the festivals-identity-server binary, just follow the deployment guide for deploying it inside a virtual machine or the local deployment guide for running it on your macOS developer machine.
I welcome every contribution, whether it is a pull request or a fixed typo. The best place to discuss questions and suggestions regarding the festivals-identity-server is the issues section. More general information and a good starting point if you want to get involved is the festival-documentation repository.
The following channels are available for discussions, feedback, and support requests:
| Type | Channel |
|---|---|
| General Discussion |  |
| Other Requests |  |
Copyright (c) 2020-2025 Simon Gaus. Licensed under the GNU Lesser General Public License v3.0