Starter implementation of a Meshery Remote Provider for Tata Consulting.
This repository provides the documented Meshery remote-provider entrypoints:
GET /capabilitiesGET /{version}/capabilitiesGET /loginGET /logout
It also includes a small authenticated surface for the capabilities it advertises:
GET /api/identity/users/profileGET /api/usersGET /api/identity/orgsGET /api/credentialsPOST /api/credentialsGET /api/environmentsGET /api/workspacesGET /api/connectionsPOST /api/connectionsGET /api/connections/{id}PUT /api/connections/{id}DELETE /api/connections/{id}
This is a starter provider, not a full production identity platform. The login flow is intentionally lightweight so the repository starts with a working Meshery-facing contract:
- Meshery redirects the browser to
/login?source=<base64-meshery-callback-base-url>. - The provider issues a development token and provider session cookie.
- The provider redirects back to Meshery at
/api/user/tokenwithtokenandsession_cookiequery parameters.
The starter provider now exposes an authenticated in-memory Connections API for local development and remote-provider contract testing.
GET /api/connectionsreturns paginated connection data and supportspage,pageSize,pagesize,search, andqquery parameters.POST /api/connectionscreates a connection from JSON input.GET,PUT, andDELETE /api/connections/{id}fetch, update, and remove individual connections.
Connection payloads accept both Meshery-style snake_case fields like sub_type and credential_id and camelCase variants like subType and credentialId.
go run ./cmd/providerThe server listens on :8080 by default.
| Variable | Default | Purpose |
|---|---|---|
PORT |
8080 |
HTTP listen port |
PUBLIC_BASE_URL |
empty | Public URL reported in the capabilities payload |
PROVIDER_NAME |
Tata Consulting |
Provider display name |
PACKAGE_VERSION |
v0.1.0 |
Provider package version surfaced to Meshery |
JWT_SECRET |
change-me-for-real-deployments |
HMAC secret for the development token flow |
DEFAULT_USER_ID |
0f6f66c7-68f4-4b11-8d9a-d5f27f95ad8e |
Default Meshery user UUID |
DEFAULT_USER_HANDLE |
hamza-mohd |
Default external user handle |
DEFAULT_USER_EMAIL |
hamza.mohd@tata-consulting.example |
Default user email |
DEFAULT_USER_FIRST_NAME |
Mohd |
Default user first name |
DEFAULT_USER_LAST_NAME |
Hamza Shaikh |
Default user last name |
For a production remote provider, replace the development login flow with your real identity system and expand the advertised capabilities only after their backing APIs exist. In practice that usually means:
- Replacing the development token minting with OIDC or your upstream IdP.
- Returning real organizations, workspaces, environments, and user data.
- Serving extension packages if you want provider-backed Meshery UI extensions.
- Adding token refresh and introspection endpoints if your deployment requires them.
Note: the canonical base_url is just that - an example, but it can be overridden at deploy time.