University-SSO (University Portal)
The Narrative
The university faced significant challenges with fragmented student services. Each department had its own portal, leading to data silos, inconsistent user experiences, and a complex authentication process that required students to maintain multiple sets of credentials.
I architected and implemented a unified monorepo system that centralizes authentication through a custom SSO layer. By leveraging shared packages and a modular architecture, we were able to consolidate the Student, Library, and Admin portals into a single, cohesive ecosystem with a unified database and design system.
Key Features
Centralized SSO
Implemented a robust authentication layer using OAuth2 and OpenID Connect, allowing seamless navigation across all portals.
Monorepo Architecture
Used Turborepo to manage multiple applications and shared packages, ensuring code reuse and consistent development patterns.
GitOps Deployment
Automated the infrastructure and application deployment using Terraform, Ansible, and ArgoCD for a reliable CI/CD pipeline.
Engineering
// SYSTEM_OVERVIEW
Multi-portal monorepo system with shared backend services, centralized authentication, and cloud-native deployment pipeline.
01_MODULE: CENTRALIZED IDENTITY MANAGEMENT
The core of the system is a centralized identity provider based on OIDC. This allows for a single point of entry and session management across multiple top-level domains and subdomains, ensuring that a student logged into the Library portal remains authenticated when moving to the Student portal.
02_MODULE: INFRASTRUCTURE AS CODE (IAC)
The entire environment is defined using Terraform and Ansible. This ensures that the production, staging, and development environments are identical and can be recreated from scratch within minutes. We use K3s for lightweight Kubernetes orchestration in a hybrid-cloud environment.
03_MODULE: DATABASE & STATE MANAGEMENT
A shared PostgreSQL instance is used with separate schemas for different portals to maintain data isolation while allowing for complex cross-service queries when necessary. Prisma ORM handles the type-safe migrations and client generation for all portals.