Access should never be accidental.
bLock is a modular identity and access management (IAM) system designed to enforce strict control over who can access what โ and why.
It acts as the security layer for your systems, issuing tokens, validating permissions, and keeping a full audit trail of every decision.
What it does
- ๐ Authentication (email/password, social logins, SSO)
- ๐งพ Authorization using roles, access groups, and custom fields
- ๐ Token issuing with short-lived access tokens and long-lived refresh tokens
- ๐ง Custom claims via
CustomClaims(JWT powered by Auth0java-jwt) - ๐ Full audit logs for logins, permission changes, and access decisions
- ๐ Lifecycle management with scheduled cleanup and synchronization
Why it exists
Most authentication systems solve login.
Few solve control.
bLock exists to answer harder questions:
- who has access
- what they can do
- why they were allowed to do it
Itโs built for systems where access needs to be explicit, traceable, and enforceable.
How it works
bLock acts as a central identity provider.
- clients authenticate โ bLock issues tokens
- services validate tokens โ access is granted or denied
- every action is logged โ nothing is invisible
It is designed around a zero-trust model: no implicit permissions, no hidden access paths.
Architecture
Built with:
- Java (Spring Boot)
- JWT-based authentication
- gRPC for internal service communication
- REST/JSON for external clients
The system is modular and designed for horizontal scaling, with clear separation between identity, authorization, and token management.
Status
bLock is currently in development.
Until it is fully integrated, other projects in the ecosystem use local authentication layers.
Ecosystem
bLock is the identity layer of the ecosystem:
- bGate โ manages exposure and routing
- bLink โ manages network connectivity
- bLock โ manages identity and access
Everything passes through the gate.
Everything connects through the link.
Everything is enforced by the lock.