Generic authentication and authorization service written in Clojure
remove unnecessary (do) in delete user app role route handler
add description to api docs ui
change services to api-v1 routes


browse  log 



You can also use your local clone with git send-email.


generated using Luminus version "4.33"



You will need Leiningen 2.0 or above installed.


To start a web server for the application, run:

lein run

#Development Notes

This service is a database of users and apps, and it deals with authentication tokens. That's it. This API is mostly open, and unauthenticated itself, which means it should be a private backend service used by your application services, but not accessible from the internet. There are a few authenticated API endpoints for creating application objects and roles. These objects are a matter of your application design, and should only be manipulated by developer administrators setting up the grsroot-auth service with data about the services it provides authentication and authorization for.

This service is built around the Clojure library buddy and is mostly a formalization of the blog series Securing Cloure Microservices using buddy.

#Getting Started


  • To create apps and app roles, it is necessary to have a user of type super-admin for the grsroot-auth app.
#Making private and public keys


mkdir -p env/dev/resources/keys
cd env/dev/resources/keys
openssl genrsa -aes256 -out private-key.pem 2048
openssl rsa -pubout -in private-key.pem -out public-key.pem


Copyright © 2022 FIXME