For the past 12 weeks I have been working on adding a new authentication and authorization mechanism to Bindaas, a data integration middleware. Bindaas provides a common RESTful interface to various data sources like Apache Drill, MySQL and MongoDB. Bindaas exposes APIs to execute CRUD operations on these data sources. Calls to these operations must be accompanied by a token which is used to authenticate the end user. Earlier token generation and management was handled by Bindaas itself. As part of my GSoC project I have decoupled this from Bindaas by using auth0. auth0 is an Authentication as a Service platform with support for multiple identity providers (like Google, Github). The user logins through one of these identity providers and auth0 returns an access token (in the form of a JWT). After getting the access token, the user can use it to call the Bindaas endpoints. This has been
