OVES Access ManagementΒΆ
Welcome to the OVES Access Management system documentation. This project provides a comprehensive architecture for managing user identities, secrets, and access control across internal and external systems.
ποΈ Architecture OverviewΒΆ
Our system integrates three key components:
- Azure AD - Identity provider for internal users (employees, contractors, sales associates)
- Keycloak - Identity provider for external users (customers, partners, franchisees)
- Odoo - Shared business platform with dual authentication paths
π― Key FeaturesΒΆ
- Dual Identity Management: Separate but integrated identity systems for internal and external users
- Centralized Secret Management: Secure credential storage and rotation policies
- Single Sign-On (SSO): Seamless authentication across all systems
- Role-Based Access Control: Granular permissions based on user types and responsibilities
- Comprehensive Auditing: Complete audit trails across all systems
π Quick StartΒΆ
-
Install Documentation Tools:
pip install -r requirements.txt -
Run Documentation Locally:
mkdocs serve -
Browse Architecture:
- Architecture Overview
- Implementation Guides
- Deployment Instructions
π User CategoriesΒΆ
| User Type | Identity Provider | Access Level | Primary Systems |
|---|---|---|---|
| Employees | Azure AD | Full Internal | Teams, Odoo, AWS Console |
| Contractors | Azure AD | Limited Internal | Specific Tools, Odoo |
| Sales Associates | Azure AD | Sales-focused | Odoo, CRM Systems |
| Customers | Keycloak | External Portal | Customer Portal, Subscriptions |
| Partners | Keycloak | Partner Portal | Partner Dashboard, Resources |
| Franchisees | Keycloak | Franchisee Tools | Franchise Management |
π Security PrinciplesΒΆ
- Zero Trust Architecture: Verify every user and device
- Least Privilege Access: Minimum necessary permissions
- Defense in Depth: Multiple security layers
- Regular Auditing: Continuous monitoring and compliance
π Documentation StructureΒΆ
- Architecture - System design and component relationships
- Implementation - Step-by-step setup guides
- Deployment - Configuration and deployment instructions
Next Steps: Start with the Architecture Overview to understand the system design, then follow the Implementation Guides for hands-on setup.