Skip to content
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Humanitarian ID

Build Status

Humanitarian ID is built with:

  • mongoDB as its database backend
  • node.js + hapi as the server

HID acts as an OAuth 2.0 and OpenID Connect server.

The API is documented here:


  • User: the main and most important model of the API: it stores all the information related to a user
  • Client: an OAuth client application
  • JwtToken: a blacklisted JSON Web Token stored in the database
  • OauthToken: an OAuth token


  • AdminController: handles UI for HID Admins.
  • AuthController: handles the creation of JSON Web Tokens and the OpenID Connect process
  • ClientController: CRUD for OAuth clients
  • UserController: CRUD and multiple user related endpoints
  • ViewController: handles UI for HID Auth functions (OAuth + OpenID Connect) and general account management (profile + settings).


Routes map API endpoints to their respective controller methods. Routes are defined in the config/routes.js file.


Policies provide access control for the controller methods.

  • AuthPolicy: defines policies to determine if a user is authenticated and if a user is an administrator or not
  • UserPolicy: determines if a user can access controller methods of UserController


Services are helper methods provided to the controllers.

  • EmailService: service to send emails
  • HelperService: various helper functions for controllers
  • JwtService: issues and verifies JSON Web tokens

Configuration files

Configuration files are stored in /config.

  • log.js: configure logging
  • main.js: configure trailpacks and paths
  • routes.js: configure routes
  • session.js: configure sessions when authenticating with OpenId Connect
  • web.js: used to configure the web server (hapi)