A React and Nx based web application with codebase for Global Trusted Data Commons portal.
It's build using the shared libraries of StatGPT portals frontend.
- β¨ Main Features
- ποΈ Architecture Overview
- π Quick Start
- π» Development
- π¨ Build
- π§ͺ Test
- π§βπ» Environment Variables
- π€ Contributing
- π Security
- π License
- π Related Projects
- Chat interface & history: based on DIAL Api
- Real-time Messaging: Stream responses from LLM models using Server-Sent Events
- Effortless SDMX data exploration: powered by the SDMX API
- Advanced view: filtering across datasets
- Charting: view data in chart format
- Sharing: share conversations via link or QH-code
- Authentication Support: NextAuth.js integration for secure user authentication (optional)
This project uses:
- Next.js with App Router for the frontend framework
- Nx Monorepo for project organization and tooling
- TypeScript for type safety
- Tailwind CSS for styling
- DIAL API for LLM backend integration
- React for building UI components
- NextAuth.js for authentication (optional)
- Node.js >= 22.19.0
- npm >= 11.0.0
npm install
mpn run start- Node.js >= 22.19.0
- npm >= 11.0.0
- DIAL API access (for backend integration)
-
Clone the repository
git clone https://github.com/epam/statgpt-global-trusted-data-commons.git cd statgpt-portal-frontend -
Install Dependencies
npm install
-
Set up env variables
Create
.envfile in the root of project directory and add the required variables with appropriate values. These are the only required environment variables. Refer to Environment Variables to learn more.# DIAL API Configuration DIAL_API_URL="ADD_VALUE_HERE" DIAL_API_KEY="ADD_VALUE_HERE" DEFAULT_MODEL="ADD_VALUE_HERE" # SDMX API Configuration SDMX_API_URL="ADD_VALUE_HERE" CONSTRAINS_SDMX_API_URL="ADD_VALUE_HERE"
-
Start Development Environment
npm run start
Once the server is up and running, open
http://localhost:4200in your browser to view the Global Trusted Data Commons application.
npm run buildAfter running the command, you will see a dist folder created in your project directory with the optimized output.
To run the unit tests suite for your application, execute the following command:
npm run nx testGlobal Trusted Data Commons uses environment variables for configuration. All environment variables that can be used to configure settings and behavior of the application are included in the .env file.
Selected variables were predefined for the development purposes in the
.env.developmentfile.
| Variable | Required | Description | Available Values | Default values |
|---|---|---|---|---|
DIAL_API_URL |
Yes | AI DIAL Core API Url. Refer to AI DIAL Core. |
Any string | |
DIAL_API_KEY |
No | AI DIAL Core API Key. Define this variable if authorization using JWT is not configured. Refer to AI DIAL Core to learn how to set up AI DIAL Core and define API keys. |
Any string | |
DIAL_API_VERSION |
No | AI DIAL API Version | Any string | 2024-02-01 |
DEFAULT_MODEL |
No | A model that will be used for the new conversation. Reference or ID of the agent. |
Any string | First available model from AI DIAL Core config listing |
SDMX_API_URL |
Yes | SDMX+ api url | Any string | |
CONSTRAINS_SDMX_API_URL |
No | SDMX+ Constrains api url | Any string |
There env variables controls CSP
| Variable | Required | Description | Available Values | Default values |
|---|---|---|---|---|
ALLOWED_FRAME_ANCESTORS |
No | Where app can be inserted as iframe | Any valid url list | 'none' |
General auth variables:
| Variable | Required | Description | Available Values | Default values |
|---|---|---|---|---|
NEXTAUTH_URL |
Optional. Required for production deployments. |
NextAuth URL | Any string | |
NEXTAUTH_SECRET |
Optional | NextAuth Secret (generate by openssl rand -base64 32 for example) |
Any string |
The table below presents a list of environment variables you can use to configure a specific IDP provider.
| Variable | Required | Description | Available Values | Default values |
|---|---|---|---|---|
AUTH_AUTH0_AUDIENCE |
No | Auth0 Audience | Any string | |
AUTH_AUTH0_CLIENT_ID |
No | Auth0 Client ID | Any string | |
AUTH_AUTH0_HOST |
No | Auth0 Host | Any string | |
AUTH_AUTH0_NAME |
No | Auth0 Name | Any string | |
AUTH_AUTH0_SECRET |
No | Auth0 Secret | Any string | |
AUTH_AUTH0_SCOPE |
No | Auth0 Scope | Any string | openid email profile offline_access |
AUTH_AUTH0_ADMIN_ROLE_NAMES |
No | Defines the administrator names | Any string. Values must be separated by a comma. | |
AUTH_AUTH0_DIAL_ROLES_FIELD |
No | Defines the path of the roles field in JWT token | refer to DIAL_ROLES_FIELD for details |
|
AUTH_AZURE_B2C_ISSUER |
No | Azure AD B2C Issuer, used to create well-known as ${issuer}/.well-known/openid-configuration or pass tenantId and primaryUserFlow instead of issuer to be used as https://${tenantId}.b2clogin.com/${tenantId}.onmicrosoft.com/${primaryUserFlow}/v2.0 |
Any string | |
AUTH_AZURE_B2C_TENANT_ID |
No | Azure AD B2C Tenant ID. A globally unique identifier (GUID) representing your Azure AD B2C tenant. Used to identify and authenticate the tenant for the client application. | Any string | |
AUTH_AZURE_B2C_CLIENT_ID |
No | Azure AD B2C Client ID. The unique identifier for the client application registered in Azure AD B2C. Used to authenticate the client application when accessing B2C resources. | Any string | |
AUTH_AZURE_B2C_CLIENT_SECRET |
No | Azure AD B2C Client Secret. A confidential string that authenticates and authorizes the client application to access Azure AD B2C resources. Serves as a password for the client application. | Any string | |
AUTH_AZURE_B2C_USER_FLOW |
No | Azure AD B2C User Flow. The name of the user flow (policy) configured in Azure AD B2C for authentication (e.g., B2C_1_signupsignin). |
Any string | |
AUTH_AZURE_B2C_NAME |
No | Azure AD B2C Name. A display name for the Azure AD B2C provider configuration. | Any string | |
AUTH_AZURE_B2C_SCOPE |
No | Azure AD B2C Scope. Specifies the permissions and resources the client application requests when authenticating with Azure AD B2C. | Any string | openid profile email offline_access |
AUTH_AZURE_B2C_AUD |
No | Azure AD B2C Audience. The expected audience claim value in the issued tokens. | Any string | |
AUTH_AZURE_B2C_ADMIN_ROLE_NAMES |
No | Defines the administrator role names for Azure AD B2C. Values must be separated by a comma. | Any string. Values must be separated by a comma. | |
AUTH_AZURE_B2C_DIAL_ROLES_FIELD |
No | Defines the path of the roles field in JWT token for Azure AD B2C. Refer to DIAL_ROLES_FIELD for details. |
Any string. Value can be dot-separated. | |
AUTH_AZURE_AD_CLIENT_ID |
No | A unique identifier for the client application registered in Azure Active Directory (AD). It is used to authenticate the client application when accessing Azure AD resources. | Any string | |
AUTH_AZURE_AD_NAME |
No | A name of the Azure AD tenant. It is used to specify the specific Azure AD instance to authenticate against. | Any string | |
AUTH_AZURE_AD_SECRET |
No | Also known as the client secret or application secret, this parameter is a confidential string that authenticates and authorizes the client application to access Azure AD resources. It serves as a password for the client application. | Any string | |
AUTH_AZURE_AD_TENANT_ID |
No | Tenant ID refers to a globally unique identifier (GUID) that represents a specific Azure AD tenant. It is used to identify and authenticate the Azure AD tenant that the client application belongs to. | Any string | |
AUTH_AZURE_AD_SCOPE |
No | This parameter specifies the level of access and permissions that the client application requests when making a request to Azure AD resources. It defines the resources and actions that the application can access on behalf of a user or itself. | Any string | openid profile user.Read email offline_access |
AUTH_AZURE_AD_ADMIN_ROLE_NAMES |
No | Defines the administrator names | Any string. Values must be separated by a comma. | |
AUTH_AZURE_AD_DIAL_ROLES_FIELD |
No | Defines the path of the roles field in JWT token | refer to DIAL_ROLES_FIELD for details |
|
AUTH_GITLAB_CLIENT_ID |
No | GitLab Client ID | Any string | |
AUTH_GITLAB_HOST |
No | GitLab Host | Any string | |
AUTH_GITLAB_NAME |
No | GitLab Name | Any string | |
AUTH_GITLAB_SECRET |
No | GitLab Secret | Any string | |
AUTH_GITLAB_SCOPE |
No | GitLab Scope | Any string | read_user |
AUTH_GITLAB_ADMIN_ROLE_NAMES |
No | Defines the administrator names | Any string. Values must be separated by a comma. | |
AUTH_GITLAB_DIAL_ROLES_FIELD |
No | Defines the path of the roles field in JWT token | refer to DIAL_ROLES_FIELD for details |
|
AUTH_GOOGLE_CLIENT_ID |
No | Google Client ID | Any string | |
AUTH_GOOGLE_NAME |
No | Google Name | Any string | |
AUTH_GOOGLE_SECRET |
No | Google Secret | Any string | |
AUTH_GOOGLE_SCOPE |
No | Google Scope | Any string | openid email profile offline_access |
AUTH_KEYCLOAK_CLIENT_ID |
No | Keycloak Client ID | Any string | |
AUTH_KEYCLOAK_HOST |
No | Keycloak Host | Any string | |
AUTH_KEYCLOAK_NAME |
No | Keycloak Name | Any string | |
AUTH_KEYCLOAK_SECRET |
No | Keycloak Secret | Any string | |
AUTH_KEYCLOAK_SCOPE |
No | Keycloak Scope | Any string | openid email profile offline_access |
AUTH_KEYCLOAK_ADMIN_ROLE_NAMES |
No | Defines the administrator names | Any string. Values must be separated by a comma. | |
AUTH_KEYCLOAK_DIAL_ROLES_FIELD |
No | Defines the path of the roles field in JWT token | refer to DIAL_ROLES_FIELD for details |
|
AUTH_PING_ID_CLIENT_ID |
No | PingID Client ID | Any string | |
AUTH_PING_ID_HOST |
No | PingID Host | Any string | |
AUTH_PING_ID_NAME |
No | PingID Name | Any string | |
AUTH_PING_ID_SECRET |
No | PingID Secret | Any string | |
AUTH_PING_ID_SCOPE |
No | PingID Scope | Any string | offline_access |
AUTH_PING_ID_ADMIN_ROLE_NAMES |
No | Defines the administrator names | Any string. Values must be separated by a comma. | |
AUTH_PING_ID_DIAL_ROLES_FIELD |
No | Defines the path of the roles field in JWT token | refer to DIAL_ROLES_FIELD for details |
|
AUTH_COGNITO_CLIENT_ID |
No | Cognito Client ID | Any string | |
AUTH_COGNITO_HOST |
No | Cognito Host | Any string | |
AUTH_COGNITO_NAME |
No | Cognito Name | Any string | |
AUTH_COGNITO_SECRET |
No | Cognito Secret | Any string | |
AUTH_COGNITO_SCOPE |
No | Cognito Scope | Any string | openid email profile |
AUTH_COGNITO_ADMIN_ROLE_NAMES |
No | Defines the administrator names | Any string. Values must be separated by a comma. | |
AUTH_COGNITO_DIAL_ROLES_FIELD |
No | Defines the path of the roles field in JWT token | refer to DIAL_ROLES_FIELD for details |
|
AUTH_OKTA_CLIENT_ID |
No | Okta Client ID | Any string | |
AUTH_OKTA_CLIENT_SECRET |
No | Okta Client Secret | Any string | |
AUTH_OKTA_ISSUER |
No | Okta domain issuer | Any string | |
AUTH_OKTA_SCOPE |
No | Okta Scope | Any string | openid email profile |
AUTH_OKTA_ADMIN_ROLE_NAMES |
No | Defines the administrator names | Any string. Values must be separated by a comma. | |
AUTH_OKTA_DIAL_ROLES_FIELD |
No | Defines the path of the roles field in JWT token | refer to DIAL_ROLES_FIELD for details |
We welcome contributions! Please see our Contributing Guide for details on:
- Code style guidelines
- Testing requirements
- Pull request process
If you discover a security vulnerability, please refer to our Security Policy.
MIT - see the LICENSE file for details.
- StatGPT Frontend - Frontend codebase for StatGPT portals.
- StatGPT Backend- StatGPT backend, which implements APIs and main logic of the StatGPT application.
- AI-DIAL - Entrypoint for all AI Dial projects
Made by EPAM Systems
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}