DJPConnect: Identity & Access Management Platform

The Challenge

The Directorate General of Taxes (DJP) operates dozens of independent web applications, each with its own separate login and user management system. This fragmented approach created several problems:

• Poor User Experience: Employees had to remember multiple usernames and passwords.
• Security Risks: There was no centralized way to enforce security policies, manage access, or terminate sessions across all applications.
• High Operational Overhead: Onboarding or offboarding an employee required manual changes across many different systems.

The Solution

As the lead architect and engineer, I designed and built DJPConnect, a modern, centralized Identity & Access Management (IAM) platform from the ground up. The system was designed as a cloud-native, microservices-based application to serve as the single source of truth for authentication and authorization for the entire organization.

Architecture & Technology

DJPConnect was built on a robust, polyglot microservices architecture deployed on an OpenShift/Kubernetes cluster. Key technologies included:

• API: A comprehensive, standards-based API was exposed using API Platform, providing both REST and GraphQL endpoints for maximum flexibility.
• Backend Services: The microservices were developed using a combination of PHP/Symfony and Java/Spring Boot, chosen based on the best fit for each service's domain.
• Data & Messaging: The platform utilized a mix of persistence layers including PostgreSQL, Redis, and MongoDB. Asynchronous communication between services was handled by RabbitMQ.

By implementing modern standards like OAuth 2.0, DJPConnect provided a secure and seamless Single Sign-On (SSO) experience, allowing users to log in once and access all authorized applications.

This project was foundational to modernizing the IT landscape at DJP, significantly improving security, user experience, and operational efficiency.