Skip to content

Management Node Overview

Purpose

This guide explains how to deploy and run a Management Node within the Integration Architecture (IA). The Management Node is a Spring Boot application that provides APIs accessed by Consumer and Producer Federators. It establishes a secure communication architecture using:

  • Mutual TLS (MTLS) between Federators and the Management Node
  • Zero-trust connectivity with Keycloak for authentication and authorisation
  • Certificate-based service-to-service identity This guide walks through deploying a local instance suitable for development, testing, and validation.

For the source developer documentation, see the Management Node README on Github.

Outcome

By completing this guide, you will have:

  • Cloned and built the Management Node repository
  • Generated and configured MTLS certificates
  • Deployed and configured Keycloak for authentication
  • Configured the Management Node application
  • Started the Spring Boot application
  • Verified secure communication and identity integration

At the end of this process, your Management Node will be running locally with:

  • TLS enabled
  • Truststore and keystore configured
  • Keycloak integration active
  • Secure service-to-service communication ready for Federator integration

How the How-To is structured

Each stage introduces and verifies one capability.
Stages should be completed in numerical order.

The guide is divided into the following sections:

  1. Environment Set Up
  2. Platform and tooling requirements
  3. Clone the repository

  4. Generate MTLS certificates

  5. Identity Set Up

  6. Deploy and configure Keycloak

  7. Prepare identity and authentication integration

  8. Build Components

  9. Build the Management Node application using Maven

  10. Run & Validate

  11. Configure application profiles
  12. Start the Spring Boot application

  13. Validate TLS, identity and connectivity

  14. Reference

  15. Configuration details
  16. Ports and profiles
  17. Common troubleshooting notes

Architectural Context

Within the Integration Architecture:

  • A Management Node is a specialised N1.
  • It governs a discrete trust domain.
  • It issues and validates trust materials.
  • It registers participating IA Nodes (N1s) into a Node Net (N2).

The Management Node sits at the centre of a governed trust domain and enforces policy-driven interoperability between participant nodes.

Unlike a standard IA Node, the Management Node focuses primarily on:

  • Trust establishment
  • Governance enforcement
  • Federator registration
  • Secure cross-organisational communication

Security Model Overview

The Management Node implements a zero-trust security model.

Security is achieved through:

  • Mutual TLS (MTLS) for service-to-service communication
  • Certificate-based trust validation
  • Keycloak-based authentication and authorisation
  • Spring Security integration

All communication between the Management Node and Federators must be cryptographically verified.

No unsecured communication paths are permitted.

Before You Begin

This guide assumes:

  • You are working on Linux or WSL2
  • You are familiar with Docker and Maven
  • You understand basic TLS concepts (certificates, keystore, truststore)

If you are new to the Integration Architecture, please review the following:

Next Steps

Environment Set Up