Socket
Socket
Sign inDemoInstall

ct-lifecycle

Package Overview
Dependencies
12
Maintainers
1
Alerts
File Explorer

Install Socket

Detect and block malicious and high-risk dependencies

Install

    ct-lifecycle

Assert the SSOT principle for users and groups across disparate applications and services.

Maintainers
1

Readme

User Lifecycle Management

lifecycle is a piece of software intended to help implement the Single Source of Truth principle across disparate applications and services. It is intended to be used alongside a single-sign-on authentication system such as SAML or OIDC, and provide lifecycle management for the users in these applications.

Why?

Some software we use doesn't have good user lifecycle management. While we can use SSO to log into these pieces of software, we end up with ghost users, manual user and role management, and worse of all, users with non-sso authentication methods.

How?

The application is intended to be run in an automated scheduled fashion. A docker container will be provided where a config volume can be mounted to configure your applications.

Layout

A typical workflow for lifecycle will have one source, such as LDAP or a CSV file, and multiple targets, such as Google Apps or SuiteCRM. The entire user and group list will be extracted from the source, and used to set up the target in a matching way. This can include adding and removing users, changing contact details and disabling user accounts.

Ideally if a target has an access-level system thats vaguely sensible, we can manage a user's access too - a target will manage roles within its application, and make sure users are in the correct roles as specified in source

User Stories

User Creation

  1. Alice starts at company, and has an LDAP account created for them by Bob.
  2. When lifecycle is next run, it pulls Alice's account details from LDAP, and uses them to create a matching user for them in SuiteCRM.
  3. Alice is able to log into SuiteCRM immediately via SAML, and has the correct permissions and access.

User Disablement

  1. Charlie decides to move on from company, and on their final day their LDAP account is disabled.
  2. When lifecycle is next run, it notices Charlie's LDAP account is disabled, and disables their SuiteCRM access.
  3. Charlie is no longer able to authenticate to SuiteCRM, and they no longer show up as a valid user for other SuiteCRM users.

User Access Change

  1. David moves from the engineering department to the sales department, and is added to the sales group
  2. When lifecycle is next run, it will modify David's roles to give them access to sales specific functionality within SuiteCRM.
  3. David is able to log into SuiteCRM and has correct access.

FAQs

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Python Software Foundation Announces 5-Year Sponsorship Commitment from Fastly

Security News

Python Software Foundation Announces 5-Year Sponsorship Commitment from Fastly

The Python Software Foundation has secured a 5-year sponsorship from Fastly that supports PSF's activities and events, most notably the security and reliability of the Python Package Index (PyPI).

By Sarah Gooding  -  May 17, 2024
CISA Launches Vulnrichment Project as NVD Backlog Hits 10,000

Security News

CISA Launches Vulnrichment Project as NVD Backlog Hits 10,000

CISA launched a new project called Vulnrichment to enrich CVEs with details that help prioritize patching and mitigation efforts, as the NVD backlog of unenriched CVEs awaiting analysis surpasses 10,000.

By Sarah Gooding  -  May 09, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc