VA.gov

🎒 the background.

During my tenure at Clarity, I am working within the platform team for the Department of Veterans Affairs to help build VA.gov. I serve as a Frontend Engineer on the Identity team, which is an amalgam of Authentication, Authorization, and Identity Access Management (IAM). We act as gatekeepers for what a user is and what they can access every time they sign in at VA.gov. Because our team is so unique we work on a variety of challenges to build different services, applications, and internal tools for other platform teams and VA.gov users alike.
It is hard to encapsulate all of the tasks and tooling I have worked on during my time with the VA but here an outline of things I worked with my team on.

⚙️ the problems.

  • Mock users
    • Have to search in Github for mock users within a huge Markdown file
    • Outdated user information including services and passwords
    • No definitive way to see if the account is being used
    • No way to view accounts without being on VA.gov’s network
  • Signing in
    • Dependent on 2nd-party teams for SAML integration
    • User sign in flow takes too long (27 redirects)
    • The sign in modal user flow causes cognitive overload
  • Integrations
    • No integration with VA’s flagship mobile application
    • Secondary partners like eBenefits and My HealtheVet have different sign in flows

✅ the results.

  • Creation of a dashboard to manage mock user credentials colloquially known as the Test User Dashboard
    • Creation of automated tasks that transform Markdown to SQL (Postgres)
    • Creates the ability to sort, filter, and search for test users credentials across environments domain
    • Setup authentication using OAuth and Github repo groups for access management without requiring them to be on the VA.gov internal network
  • Creation of an in-house Sign in Service micro-services framework
    • Integration of OAuth 2.0 with PKCE on VA.gov with access and refresh tokens
    • Implement secure session management with active refreshes
    • No impact to original SAML’s Single Sign-On capability
  • Increase speed of user flow by decreasing redirects from 27 down to 7 using OAuth
  • Decrease cognitive overload by applying user research data in the redesign of sign in applications (modal and page)
  • Creation of a flexible, configuration-based authentication for secondary partners that allows the usage of SAML or OAuth

the prototypes

VA.gov Sign in Modal (before & after) - View Figma prototype
VA.gov Sign in Modal (before & after) - View Figma prototype
 
RoleSenior Frontend Engineer
PhaseComplete
Live Sitehttps://www.va.gov
TechHTML, Sass/Scss, JavaScript, React, Redux, Postgres, Rails, Github Actions, Figma, VA Design System