Access SDK

The Engineering11 Access SDK is a microservice-based access control solution that manages API keys and access tokens with a focus on security, scalability, and automation.

Designed for microservice ecosystems, this SDK ensures fine-grained token management, event-driven access control, and automated cleanup of expired credentials.

Key Features

Token Management

Create, enable, disable, and delete access tokens securely.
Manages token lifecycle with fine-grained controls via TokenManagementService.

API Key Management

Generate API keys with custom scopes & expiration settings.
Uses ApiKeyRecordRepository for secure storage and retrieval.

Comparison with Alternatives

Product	Comparison
Auth0	Provides identity management, but Access SDK focuses on API keys & token lifecycle.
Okta	Okta offers broad authentication features, while Access SDK specializes in fine-grained token control.
Firebase Authentication	Firebase is user-centric, while Access SDK provides system-level access management.

Core Functionality

Step 1: Creating Access Tokens

Uses AccessTokenService to create tokens with customizable attributes.

Example:


await tokenManagement.createToken(ownerId, type, expiredDate, additionalInfo);

Step 2: Managing Token States

• Enable or disable tokens dynamically:


await tokenManagement.disableToken(token);

Step 3: Event-Driven Token Lifecycle

• Automatically publishes events for token actions:


sendToTopic(EVENTS.ACCESS_TOKEN_CREATED);

Step 4: Automated Token Cleanup

• Runs scheduled jobs to delete expired tokens:

cronExpression: '0 */12 * * *'; // Runs every 12 hours

API Endpoints

Token Management

Method	Endpoint	Description
PUT	/token/:token/disable	Disables a specified token.
PUT	/token/:token/enable	Enables a specified token.
DELETE	/token/:token	Deletes a specified token.

Event	Topic	Description
ACCESS_TOKEN_CREATED	accessToken	Triggered when an access token is created.
ACCESS_TOKEN_DELETED	accessToken	Triggered when an access token is deleted.

SDK File Structure

- token.controller.ts
- access-tasks.module.ts
- index.ts
- - token-management.service.ts
  - authorization-token.service.ts
- - base-token.ts
  - api-key-record.ts

Technologies Used

Node.js NestJS Firebase Functions

Usage Example


import { TokenManagementService } from "@engineering11/access-server-api";
 
const tokenService = new TokenManagementService();
 
async function generateToken(userId) {
  const newToken = await tokenService.createToken(userId, "session", new Date());
  console.log("Token Created:", newToken);
}

The Access SDK enables developers to create and manage API keys and tokens efficiently, ensuring security and automation in their applications.

Access SDK

Key Features

Token Management

Event Handling

API Key Management

Scheduled Tasks

Comparison with Alternatives

Core Functionality

Step 1: Creating Access Tokens

Step 2: Managing Token States

Step 3: Event-Driven Token Lifecycle

Step 4: Automated Token Cleanup

API Endpoints

Token Management

Event Topics

SDK File Structure

Technologies Used

Usage Example