Our client, Gyldendal, had an on-premise authentication and authorization system, with all logic centralized in a single system. This system was integrated with a third-party service for the authorization process. When the third-party service became unavailable, the entire authorization process would collapse. The client aimed to upgrade the system to enhance robustness and reliability. Additionally, they used third-party application monitoring services to oversee all systems.
To address these issues, we restructured the system into a set of microservices, separating user management, authentication, license management, and internal and external authorization. Due to GDPR constraints, user management data remained on-premise, while the other components were hosted on Azure Cloud. We created application services for APIs and an administration website. Multiple Azure Functions were developed to handle migrations and message consumption from other microservices, utilizing various triggers such as HTTP, Service Bus Message, and timer triggers.
License management was similarly divided between on-premise and Azure Cloud, with a comparable set of components. Additional services and APIs were created to download and save third-party authorization information in an on-premise MongoDB database, complying with GDPR requirements.
Authorization was split into multiple microservices, with some hosted on-premise and others on Azure Cloud. An authorization API (App Service) was hosted on Azure Cloud to retrieve data from a Cosmos database. A publisher-subscriber model was implemented using Azure Service Bus and Azure Functions to insert data into the Cosmos database.
All components and services, whether on-premise or on Azure Cloud, utilized Application Insights for telemetry and application information logging.
Gyldendal successfully achieved their goal of minimal downtime for the authentication and authorization process, enhancing the robustness of the system.
The revamped architecture provided comprehensive monitoring and issue detection capabilities through the use of Azure Cloud services and Application Insights.
