Single Sign-On portal for cloud management

INVID Gruppen provides IT services in Sweden within three main functions; infrastructure, cloud services and operational support. LiteBreeze developed a web portal that incorporates multiple platforms through a Single Sign-On interface. This enables customers to run, monitor and manage network hosts and their users.

This web portal acts as a Single Sign-On (SSO) interface to INVID Gruppen’s cloud infrastructure, through a user-friendly interface. The customers can register support tickets, manage orders and service subscriptions offered by INVID Gruppen. They can also access their cloud monitoring, issue tracking and user management services through a single sign in at the portal, thus avoiding the need to replicate the user details across their multiple platforms.

INVID cloud is also capable of interacting with the cloud service provider's other platforms through APIs.

Key Functionalities

  • User management

Manage users under INVID Gruppen's sub companies and their permissions in their cloud network. User management includes adding new users to the Windows domain network, managing a user’s groups and their passwords.

  • Support ticket system

Create and manage support tickets within the organization. The tickets created are submitted to Easit through API for case management.

  • Network host management

Deploy and monitor new hosts in client networks through a user-friendly UI. The interface also allows the users to see the installed applications in each host in the network and set notifications and thresholds for the hosts.

  • Order management

Manage orders for add-on services offered by INVID Gruppen. Orders can be attested by users with corresponding permissions.

  • Manage service subscriptions

This section allows the users to add, renew or cancel various service subscriptions offered by INVID Gruppen through integrating their market place in the portal.

Technical Overview 

This web portal is built on Laravel 5.1 as the backend server and uses MySQL for primary data storage. AngularJS and Kendo UI power the front end.

A node.js based socket server is used for implementing the event-listener system to connect the asynchronous ADFS login with the frontend. Redis is used as the pub-sub interface to the event listener system. This allows remotely triggered logouts to take place without page refreshes.

INVID cloud communicates with the ADFS server through Lightweight Directory Access Protocol (LDAP) over Secure Sockets Layer (SSL) / Transport Layer Security (TLS) for managing the users and user permissions.

The user login credentials and their permissions are stored in INVID cloud's ADFS server, and authentication is carried out through SAML2 protocol using a customized implementation of SimpleSamlPhp.

Once a user is authenticated, the ADFS server issues claims for the user and the Laravel app uses these claims for the access control on the frontend.

This portal interacts with various REST APIS such as Easit, WHMCS and Owncloud and internal APIs of the cloud service provider.

"It has been a great pleasure to work with LiteBreeze. Our project had significant complexities but their developers are highly skilled and helped us tackle all possible challenges. All programmers apply Swedish methods in their client interactions and are very professional. I highly recommend LiteBreeze as a cost-effective development partner!  "     Linus Linné (Västerås, Sweden)

Team of developers who worked on this project: Athira SR, Manu KM, Rahim PA