How to Set Up Authorizer with Oikos OpenHub: Secure Identity Management

Authorizer is an essential, open-source authentication and authorization solution designed for modern web and mobile applications. It provides a complete identity management layer, handling everything from secure email/password login and Social Logins (OAuth) to advanced features like JSON Web Tokens (JWT) and Role-Based Access Control (RBAC).

By deploying Authorizer via Oikos OpenHub, you gain a self-hosted identity provider managed within a reliable Platform-as-a-Service (PaaS) environment. This approach ensures you maintain full ownership and control over user data while benefiting from automated deployment and infrastructure management.

1. Accessing the Oikos OpenHub Catalog#

Access the Oikos Console#

  • Visit: Navigate to the Oikos launchpad at https://launch.nife.io.
  • Log In: Use your registered Oikos credentials to access the primary application dashboard.

Locate OpenHub#

  • Navigation: Look for the main navigation panel, usually on the left sidebar.
  • Selection: Click on OpenHub to browse the curated collection of supported open-source applications ready for one-click deployment.

Search for Authorizer#

  • Search Bar: Utilize the search functionality within the OpenHub catalog. Enter the term Authorizer.
  • Identify: Locate the official Authorizer application tile, which is pre-configured for deployment on the Oikos platform.

2. Configuring Mandatory Environment Variables#

Deploying Authorizer securely requires setting several critical environment variables. Oikos simplifies this by prompting you for the mandatory inputs.

Initiate Deployment#

  • Action: Hover over the Authorizer application tile and click the Deploy button.

Define Required Variables#

You will be prompted to configure variables essential for security and application integration. The two most critical are:

  • CLIENT_ID: A unique identifier for your application (e.g., a UUID or custom string). This is used by your frontend applications to interact with the Authorizer service.
  • CLIENT_SECRET: A cryptographic key used to secure the communication between your application and Authorizer. This must be a strong, complex, and unique value.

Database Configuration: Authorizer typically requires a database (e.g., PostgreSQL, MongoDB) to store user data. If Oikos doesn't automatically provision one, you may need to define variables like DATABASE_TYPE and DATABASE_URL to connect to an external or separate Oikos-deployed database service.

  • Review: Carefully review all default and custom variables (e.g., JWT_SECRET for token signing, DEFAULT_ROLES, etc.) to match your application's requirements.
  • Submit: Click Submit to confirm the configuration and begin the container orchestration process.

Monitor Deployment#

  • Process: Oikos will now provision the necessary computing resources, pull the Authorizer container image, apply the environment variables, and configure the secure network endpoint.
  • Completion: Wait for the status to change to Running.

3. Accessing the Authorizer Instance#

Launch the Application#

  • Action: Once the deployment is complete, click the Open App button.
  • Result: This will redirect you to the unique, secure URL of your deployed Authorizer instance.

Initial Administrator Setup#

  • Dashboard Access: The first time you access the application, you will typically be guided through creating the initial Administrator Account. This account is separate from end-user accounts and is used to manage settings, view users, and configure providers (like Google or GitHub OAuth).
  • Configuration: Use the Admin Dashboard to finalize settings, enable/disable login methods, and configure your Social Login credentials.

Core Benefits of Deploying Authorizer on Oikos#

Leveraging the Oikos PaaS for Authorizer provides a secure and efficient identity management backbone:

1. Robust Security and Isolation#

By self-hosting on Oikos, you gain data residency and control over sensitive user data. The platform ensures your Authorizer instance is secured with HTTPS/TLS and runs in an isolated container environment, minimizing the attack surface.

2. Full Authentication Feature Set#

Authorizer provides a complete, modern authentication suite out-of-the-box, including password hashing (Bcrypt/Scrypt), email verification flows, social login integrations, and advanced JSON Web Token (JWT) generation for seamless API authorization.

3. Integrated Role-Based Access Control (RBAC)#

Authorizer includes native support for defining user roles and permissions. This is crucial for applications requiring tiered access, and its configuration is centralized and easy to manage via the secure Oikos-hosted dashboard.

4. Simplified DevOps for Auth Services#

Managing an authentication service manually is complex. Oikos automates the container deployment, scaling, and necessary server patching, allowing developers to integrate with the secure API endpoints instantly without becoming infrastructure experts.

Official Documentation#

For in-depth guides on integrating Authorizer with your frontend or backend applications, API specifications, and advanced configurations:

Authorizer Official Documentation: https://docs.authorizer.dev