ProConnect, l'accès pour les pros, validé par l'État
ProConnect Identité is an "OpenId Connect" identity provider managed by the DINUM.
For professionals who don't have a designated identity provider in the ProConnect federation, the DINUM provides an account in ProConnect Identité. Thus, any person affiliated with an organization registered with INSEE, meaning they have a SIRET number, can use an identity provided by the DINUM within the ProConnect federation.
To integrate with the ProConnect federation, please refer to our online documentation.
⚠️ ProConnect Identité can no longer be used outside of the ProConnect federation.
The codebase employs a monorepo structure using npm workspaces under the @gouvfr-lasuite namespace.
Each package serves distinct architectural responsibilities within the broader identity management ecosystem.
proconnect-identite/
├── 📨 assets/ # CSS & JS files served by the app
├── 🤖 cypress/ # End2end testing
├── ⬆ migrations/ # Migration managed by node-pg-migrate
├── 📁 packages/ # Modular workspace packages
│ ├── 🔧 core/ # Shared utilities & business logic
│ ├── 🎭 identite/ # Main OIDC PCI logic
│ ├── 🏢 entreprise/ # INSEE/SIRENE integration
│ ├── ✉️ email/ # Email templates
│ ├── 💬 crisp/ # Crisp API wrapper
│ ├── ⏱️ debounce/ # DeBounce API wrapper
│ ├── 📊 insee/ # INSEE API wrapper
│ ├── 🧪 testing/ # Test utilities & mocks
│ └── ⚙️ devtools/ # Development toolchain
├── 🗞 public/ # Images served by the app
├── 🚀 src/ # Main Express.js application
│ ├── 📁 config/ # Configuration management
│ ├── 🔌 connectors/ # External service connectors: all external ressources are listed here
│ ├── 🎮 controllers/ # Route handlers: 1 controller = params check + call to manager(s) + HTTP response generation
│ ├── 👔 managers/ # High-level business managers: they contains call to database and services
│ ├── 🛡️ middlewares/ # Express middleware stack
│ ├── 📊 repositories/ # Data access layer
│ ├── 🛣️ routers/ # API route definitions
│ ├── ⚙️ services/ # Core business services: stateless logic
│ ├── 📝 types/ # TypeScript type definitions
│ ├── 🎨 views/ # Template rendering & UI
│ ├── index.ts # Application entry point
│ └── instrument.ts # Monitoring & instrumentation
├── 🧪 test/ # Node unit tests
└── 📋 scripts/ # Database & deployment scripts
This guide provides steps to run the ProConnect Identité Node.js application locally while managing its dependencies in Docker containers.
- Node.js (v22) installed locally (we suggest the usage of nvm)
- Docker (>= v25) and Docker Compose (>= v2.24) installed (doc)
- Clone the ProConnect Identité repository
On MacOS, you may need to enable host networking. Please follow these instructions: https://docs.docker.com/engine/network/drivers/host/#docker-desktop
-
Start Dependencies: Navigate to the root directory of the cloned repository and run:
docker compose up
This will start all required services (e.g., databases) defined in the
docker-compose.yml.
-
Install Node.js Dependencies:
Inside the project’s root directory, run:
npm install
-
Database Initialization: The database will be automatically initialized with data from
scripts/fixtures.sql.npm run fixtures:load
After setting up the application, start the Node.js server with:
npm run devThe application is now available at http://localhost:3000.
To log in, use the email address [email protected] and the password "[email protected]".
Emails are not sent but printed in the console.
By default, the application will run with testing mocks for external apis.
ProConnect Identité is provided with a test client: https://github.com/numerique-gouv/proconnect-test-client
This container is launched within the ProConnect Identité docker-compose.yml.
It's available at http://localhost:3001
In our OIDC provider project, navigating through certain paths can be particularly challenging due to the diverse range of scenarios that may arise.
Recognizing this complexity, we provide comprehensive datasets and associated configurations tailored for executing specific test cases.
You can manually execute a Cypress end-to-end test to thoroughly explore these paths by following this doc.
Docker Compose initializes both a PostgreSQL and a Redis database.
To connect to these databases, use the following commands:
docker compose exec db psql postgres://proconnect-identite:proconnect-identite@db:5432/proconnect-identite
docker compose exec redis redis-cli -h redis -p 6379The default environment variables are defined in the .env file, which applies to all environments. Based on the NODE_ENV variable, the corresponding file is selected: .env.development for the development environment, .env.production for production, or .env.test for testing.
To customize or override these defaults, we recommend using the .env*.local files. The file .env.<NODE_ENV>.local will have higher priority over both .env.local and .env.<NODE_ENV>.
If you prefer not to run end-to-end tests locally and want to avoid downloading the large Cypress binary, you can prevent it during the installation process. To do this, run the following command:
CYPRESS_INSTALL_BINARY=0 npm installThis command ensures that the Cypress binary is not downloaded, saving time and disk space during the installation process.
We use changeset to manage our package changelog. You can read more about it here.
To create a new changeset, run the following command:
npx changesetYou will be prompted to select the type of change you want to make.
As this changelog is intended for French end users, we recommend you write your change in French 🇫🇷.
Commit your changes and push them in your branch.
We will merge a "Version Packages" PR when we are ready to release 😉
Remember to request production API credentials from a colleague.
Use the testing cli to add additional data needed for dev or tests.
$ npx tsx scripts/testing.ts --helpNote that the ./packages/testing/src/api/data/people.ts file contains a list of people that are used to anonymize data.