Interservice Authorization

Interservice authorization


Sign up for new users. User swift from the original app to the targeted one through single sign-on or additional authorization with the new authorization aspects.


Develop a number of user verification stages that users are to complete (guess google ReCaptcha, login and password input, request and enter SMS verification code).

Tech stack

React, TypeScript, NextJS, PostgreSQL, Jest, cypress.


Our client is a West-European commercial bank that provides services to juridical and natural persons. Therefore, the bank caters to large companies with high financial turnover, smaller businesses, as well as natural persons.


The client has clearly indicated the challenge. To achieve successful integration with the main front, a subsidiary front must have a feature of redirecting to the main front automatically or manually with the use of the balancing settings. The external system requires the process to be built in the following way:

  • The external system can authorize a so-called “new user” or a “familiar user”.
  • Before authorizing a “similar user”, the external system can send a set of business data required for the customization of front authorization and for calculating authorization parameters. The feature of sending business data is not obligatory.
  • The user follows the link leading to some app that requires authorization. As a result of the transfer, the app redirects the user to the authorization front with the parameters, or the user accesses the authorization front at the very beginning.
  • The user accesses the authorization front. The authorization front receives a list of authorization factors required to be used and leveraged consistently. According to the authorization results, the user enters either the targeted app or the authorization error page.
  • After successful authorization, the user follows the link to the targeted app, while their cookies are placed in the security token. Next, the front app is to perform automatic token validity (through the service) and regular updates. In case a token is impossible to update, an app has to redirect the user to the authorization front.
Verification processes


When developing the product, our team was closely following the given instructions, app logic, and technical task. The project required a diligent approach to all the subtleties of user authorization, close alteration checks at each stage, and final testing. Complying with the client’s requirements and all the points of the agreement, we managed to accomplish the following goals:

  • Develop an agile authorization process with various stages;
  • Implement different authorization scenarios depending on the user’s access to specific authorization methods and possible restrictions;
  • Fully customized final authorization window that is fully customized for the services requesting user authorization;
  • Build an interface with the use of the specified configuration files for each service and through demonstrating necessary graphical widgets and inscriptions.


We managed to achieve challenging technical goals without any bugs ahead of the deadline. Thanks to the time saved, our team carried out a number of additional product tests. As a result, our client enjoys the following benefits:

  • intelligent interservice authorization functionality;
  • incorporated intuitive logic of user transfers between the bank’s apps;
  • advanced user verification processes at the authorization stage, and, thereby, high-quality data security.
User authorization

Let’s calculate the accurate cost and resources required for your project