Public | Automated Build

Last pushed: a year ago
Short Description
Full Description


Anonymonkey is an attempt at creating an anonymous survey mechanism.
Surveyors hosts their questions on a web service which allows users belonging
to a panel to answer anonymously.

This system relies on an external survey authority where members of the panel
can exchange a mail-transmitted JWT token with another token containing no
identity information. JWT are used to make a public-key based assertion
of the grant of the survey authority to answer the survey.

Survey edition uses the react-surveys
library UI and survey format.


Survey service API documentation is available at

Survey authority API documentation can be found at


  • Survey creation, with a reactive edition UI
  • Survey sharing via email
  • Anonymity based on the JWT payload disclosure
  • Survey answers reporting
  • REST APIs for survey edition, answering and reporting
  • Dynamic discovery of survey authorities
  • OpenID Connect authentication


Anonymonkey uses MongoDB as a datastore for survey, answers and token blacklist.
Redis is used for temporary data storage and discovery data caching.

Since Anonymonkey authenticates users through OpenID Connect and JWTs, an OpenID
Connect compliant authentication server is needed for it to run properly.

Anonymonkey is tested to authenticate through Yoshimi,
but it should work with others third-party OpenID Connect providers (Google
accounts, Keycloak...).

A survey authority web service needs to be hosted in order for Anonymonkey
to work. Setup instructions can be found on

Email sending is handled by Mailgun. Mailgun allows to send emails reliably without the use of a SMTP server.

Configuration and setup

Quick start

Anonymonkey is hosted on,
alongside with the authority service on

A docker-compose.yml file is present in the repository, allowing the
whole service to be started on a local machine using

docker-compose up

Anonymonkey service is exposed to the Docker host on port 8000, and
authority service on port 8080.

If you're running Docker Toolbox
on OSX or Windows instead of running Docker on Linux directly, you should
change BASE_URL in docker/ to

Configuration files for the two services are to be found in the docker/

Configuration reference

Anonymonkey service configuration is stored in the file.

Before going into production, you must change the sample settings by
providing values for the variables below.

Parameter name Description
DEBUG Should the application be in debug mode. Set this to False in production
SECRET_KEY Random characters string used to cryptographically sign important information such as cookies and JWTs
MONGODB_DB MongoDB database name
MONGODB_HOST MongoDB server hostname
MONGODB_PORT MongoDB server port
REDIS_HOST Redis server hostname
REDIS_PORT Redis server port
OPENID_CLIENT OpenID Connect OAuth client ID
OPENID_SECRET OpenID Connect OAuth secret
OPENID_REDIRECT OpenID Connect redirect_uri. Must point to /login_return
OPENID_TOKEN_ENDPOINT OpenID Connect token endpoint
OPENID_USERINFO_ENDPOINT OpenID Connect UserInfo endpoint
OPENID_ISSUER_KEY OpenID server public key used to sign JWT assertions
OPENID_ISSUER_CLAIM JWT issuer claim of OpenID Connect server
BASE_URL JWT issuer used in survey registration tokens
PRIVATE_KEY Private RSA key used to sign JWTs
PUBLIC_KEY Public RSA key used to sign JWTs

Manual setup

Python and Gunicorn are used to host the backend service. Node.js and Gulp are
required to compile static assets.

These commands assume you have active MongoDB and Redis server listening on
local host.

git clone
cd anonymonkey
virtualenv env
source env/bin/activate
pip install -r requirements.txt
pip install gunicorn
npm install -g gulp
npm install
gunicorn anonymonkey:app


© 2016 Hugo Caille & Aymeric Masse.

Anonymonkey is released upon the terms of the Apache 2.0 License.

Docker Pull Command
Source Repository

Comments (0)