Rybakov Foundation authentication system
About the project:
Rybakov Foundation is a non-profit organization founded by Igor and Ekaterina Rybakov in 2015. Rybakov Foundation creates programs that can change public institutions and create new conditions for the lives of Russians. Fund’s programs are divided into three main areas: educational, social and entrepreneurial.
Rybakov Foundation had the task to create a unified mechanism for registering accounts and to make authentication of participants of the foundation’s projects. A system for managing users’ access to foundation’s Internet resources (UNID RF) was created and implemented.
REAK SOFT made a custom version of Blitz Identity Provider for the Rybakov Foundation in 2016. UNID RF is based on the Blitz Identity Provider authentication server. The user when registering on any website within the foundation’s ecosystem, creates an account in the UNID RF system. Then using Single Sign-On technology he can access all online projects without the need for reauthentication. To register, the user has to specify only e-mail and password or use a social network account.
In 2016, the Rybakov Foundation launched several websites in the field of online education, entrepreneurship development and support of social projects.
Implementation:
4 months.
Project objective:
Create a unified account registration and management system, and ensure end-to-end authentication of all participants in the projects of the Rybakov Foundation’s ecosystem.
Key results:
- We created a unified authentication system UNID RF for 12 websites of the Rybakov Foundation.
- Users register their accounts themselves using the UNID RF web application or through the user interfaces of the foundation’s sites.
- Users can use the UNID RF email/password or social network accounts (Facebook, Google etc.) to log into the sites. When a new user enters through a social network, he is automatically registered or linked to an existing UNID RF account.
- We created a UNID RF Profile Web application that allows users to manage their account’s data, configure two-factor authentication, and monitor security events for their account.
- We also created a web application for the user to automatically restore access to the account if he forgets his password.
- Administrators of UNID RF were provided with a web-based console, through which all settings of the authentication system are managed, including the connection of new applications via the OpenID Connect protocol, user account management, customization of the login page, audit of security events etc.