IAM System

Spring Boot microservices IAM system built for a university information system. Handles authentication and authorisation across multiple client applications.

Technical Approach

• JWT RS256 — asymmetric key signing. Tokens carry claims; the gateway verifies them without a database round-trip
• RBAC — role-based access control for students, staff, and administrators
• Redis — token blacklisting on logout and manual revocation. Invalidated tokens are rejected before they expire
• RabbitMQ — async event bus. Auth events fan out to an audit log service without coupling the auth path to storage writes
• PostgreSQL — user, role, permission, and audit data
• Docker Compose — full local stack in one command