About the Platform
Welcome to the Portal ecosystem — a unified platform for authentication, user management, and organization management. Learn about our architecture, infrastructure, and development workflow.
Platform Overview
The Portal ecosystem is a modern, scalable platform built with enterprise-grade technologies and best practices. It provides secure authentication, comprehensive user management, and flexible organization management through a suite of interconnected applications.
Core Applications
Architecture
The platform follows a modern microservices architecture with clear separation of concerns.
Frontend
Frontend Architecture
The frontend is built with modern web technologies:
- Framework: Next.js (React-based)
- Language: TypeScript
- Styling: Tailwind CSS + Custom Components
- State Management: React Context + Server Components
- Authentication: Kicklock SDK
- Internationalization: Built-in i18n support (4 languages)
Each application is independently deployable:
| Application | Port | Purpose |
|---|---|---|
| AUTH | 3003 | Authentication interface |
| USR | 3001 | User profile management |
| ORG | 3002 | Organization management |
| DOCS | 3000 | Documentation portal |
| Landing | 3004 | Marketing website |
All frontend applications share common components through a monorepo structure, ensuring consistency across the platform.
Kubernetes Infrastructure
Our platform runs on Kubernetes with a streamlined namespace structure.
Environments
We maintain only 2 environments for simplicity and efficiency:
| Environment | Purpose | Namespace Examples |
|---|---|---|
| Develop | Development and testing | portal-develop |
| Production | Live production system | portal-master |
Important: There is NO staging environment. We deploy directly from develop to production after thorough testing.
Namespace Structure
Our Kubernetes infrastructure is organized into the following namespaces:
Development Workflow
Our development process ensures code quality and deployment reliability.
Task Creation in Trello
All work starts in Trello. Tasks are created as cards with:
- Clear description and acceptance criteria
- Priority and labels
- Assigned team members
Branch Creation
For each task, a dedicated branch is created:
feature/TASK-123-add-new-feature
bugfix/TASK-456-fix-login-issueBranch names follow strict naming conventions based on task type and ID.
Development
All development happens in the task-specific branch:
- Write code following project conventions
- Add tests (mandatory)
- Update documentation if needed
GitHub Workflow
Everything is done through GitHub:
- Push code to GitHub
- Create Pull Request
- Automated tests run on GitHub Actions
- Code review by team members
- Merge to
developafter approval
Critical: Changes outside of GitHub are technically impossible. All deployments are triggered by Git pushes.
Automated Deployment
Once code is merged:
- Merge to
develop→ Automatically deploys to Development environment - Merge to
master→ Automatically deploys to Production environment
CI/CD Pipeline
Every code push triggers our automated pipeline:
┌─────────────────────────────────────────────────────────┐
│ Git Push │
└──────────────────────┬──────────────────────────────────┘
│
┌────────────▼────────────┐
│ Lint & Type Check │
└────────────┬────────────┘
│
┌────────────▼────────────┐
│ Run Tests │
└────────────┬────────────┘
│
┌────────────▼────────────┐
│ Build Docker Image │
└────────────┬────────────┘
│
┌────────────▼────────────┐
│ Push to Registry │
└────────────┬────────────┘
│
┌────────────▼────────────┐
│ Deploy to K8s │
└─────────────────────────┘The entire process is fully automated. Manual intervention is only needed for approval and code review.
Service Endpoints
Frontend Applications
| Application | Development | Production |
|---|---|---|
| AUTH | https://auth.dev.ibragimov.uk | https://auth.ibragimov.uk |
| USR | https://usr.dev.ibragimov.uk | https://usr.ibragimov.uk |
| ORG | https://org.dev.ibragimov.uk | https://org.ibragimov.uk |
| DOCS | https://docs.dev.ibragimov.uk | https://docs.ibragimov.uk |
Backend APIs
| Service | Development | Production |
|---|---|---|
| api-authn | https://api-authn.dev.ibragimov.uk | https://api-authn.ibragimov.uk |
| api-authz | https://api-authz.dev.ibragimov.uk | https://api-authz.ibragimov.uk |
| api-user | https://api-user.dev.ibragimov.uk | https://api-user.ibragimov.uk |
All endpoints use HTTPS with automatic SSL certificate management.
Technology Stack
Frontend Technologies
- Next.js 14+ — React framework with App Router
- TypeScript — Type-safe development
- Tailwind CSS — Utility-first styling
- Kicklock — Authentication SDK
- Nextra — Documentation framework (DOCS app)
- React Hook Form — Form management
- Zod — Schema validation
Backend Technologies
- Spring Boot 3.x — Application framework
- Java 21 — Programming language
- PostgreSQL — Database
- Liquibase — Database migrations
- Kicklock — Authentication provider (self-hosted)
- Hibernate — ORM
- Maven — Build tool
DevOps & Infrastructure
- Kubernetes — Container orchestration
- Helm — Package manager for Kubernetes
- Docker — Containerization
- GitHub Actions — CI/CD pipelines
- Nginx — Reverse proxy & load balancing
Security & Compliance
Security is our top priority. All components are designed with security-first principles.
Security Measures
- Self-hosted Authentication: All credentials stored on our servers
- End-to-end Encryption: TLS 1.3 for all communications
- Data Sovereignty: Complete control over user data
- Role-based Access Control: Granular permission management
- Audit Logging: All actions are logged and traceable
- Regular Security Updates: Automated dependency updates