🎴
Software and Systems—Keith Kim
  • What I'm Making and What I Use
  • Code Patterns
    • Fun with flat_map (in Ruby)
    • Enumerating Union Types in Elm
    • Software Design Patterns
    • Authn / Authz
  • Data access
    • Type-safe SQL with SafeQL
    • JDBI
    • Jooq
  • OpenSource
    • Keyboard Layouts
      • Qwickly: Keyboard Layout
      • Colemak + Niro + Soul + MTGAP
    • Libraries
      • SafeQL
      • Moja
      • Monadts
    • Apps
      • Database Diagram
      • Unfurlist
  • Products / Services
    • Hackerer.news
    • Gitgrep.com
    • Quicklog.io
      • Client libraries
    • QuickX.app
      • Vultrdata (opensource)
        • Vultr instance metadata
    • Statuspages.me
    • Coming soon...
      • CheatsheetsDB.com
      • iSpecsDB.com
      • Slackflows.com
  • Frameworks
    • About Frameworks
    • A Replacement for Spring Boot
    • Back-end
      • Node.js
      • Spring Boot/Java
      • Javalin/Java(Kotlin)
    • Full-stack
      • Phoenix/Elixir
      • Rails/Ruby
      • Yii/Php
    • Front-end
      • Vue.js/TypeScript
      • React
      • Elm
    • Mobile/Client
      • Flutter
      • JavaFX
  • Databases / Datastores
    • SQL / NewSQL
      • MySQL
      • PostgreSQL
      • CockroachDB
    • Stream / Queue
      • RabbitMQ
      • Apache Kafka
    • Cache / Search
      • Redis
      • Elasticsearch / Solr / Lucene
    • Cloud
      • RDS / Cloud SQL
      • Spanner
      • Firebase
    • Datomic
  • Languages
    • About Languages
    • On the JVM
      • Kotlin
      • Java
      • Clojure
      • Scala
    • Client/Fullstack
      • TypeScript
      • Dart
      • Elixir
      • Ruby
      • PHP
    • Go / 2.0
    • F# / OCaml
    • Crystal
    • Pony
  • Third-party Services
    • About Services
    • Domains / DNS / CDN
      • Cloudflare
      • Namecheap
      • NameSilo
    • GitHub, GitLab, Bitbucket
    • Deployment & Monitoring
      • Netlify
      • Cloud VM
        • Vultr
      • Concourse CI on AWS EC2
      • DataDog
      • Loggly
  • Other Software
    • GitBook
    • Hugo
    • Servers
      • Nginx
      • Letsencrypt
      • Systemd
      • Server Operating Systems
    • Windows/WSL(2)
    • Software Licences
Powered by GitBook
On this page
  • 1. Just let me log in
  • 2. Maybe I need just one more thing
  • 3. OK, I need some custom third-party info
  • 4. In this particular case, I'm going to use a site username/password
  • 5. Authentication/Authorization provider services can do more

Was this helpful?

  1. Code Patterns

Authn / Authz

Authentication and Authorization

PreviousSoftware Design PatternsNextType-safe SQL with SafeQL

Last updated 5 years ago

Was this helpful?

1. Just let me log in

Using OAuth 2.0, specifically OpenID Connect is a good way to handle authentication for your app. Having personal identifiable data and having to protect the privacy of the users' data is a liability which is better left to third parties.

2. Maybe I need just one more thing

OAuth 2.0 has other capabilities beyond those supported by OpenID Connect.

3. OK, I need some custom third-party info

If developing software for developers and you want specific integrations it is better to use specific capabilities provided by the third party.

4. In this particular case, I'm going to use a site username/password

5. Authentication/Authorization provider services can do more

OpenID Connect | OpenIDOpenID - The Internet Identity Layer
Logo
OAuth.com - OAuth 2.0 SimplifiedOAuth 2.0 Simplified
Logo
Building OAuth Apps - GitHub DocsGitHub Docs
JWT.IO
Auth0: Secure access for everyone. But not just anyone.Auth0
Logo
Okta - Identity for the InternetOkta
Logo
Logo
Logo