Authn / Authz

Authentication and Authorization
1. Just let me log in
Using OAuth 2.0, specifically OpenID Connect is a good way to handle authentication for your app. Having personal identifiable data and having to protect the privacy of the users' data is a liability which is better left to third parties.
OpenID Connect | OpenID
OpenID Connect page
openid.net
2. Maybe I need just one more thing
OAuth 2.0 has other capabilities beyond those supported by OpenID Connect.
OAuth.com - OAuth 2.0 Simplified
OAuth 2.0 is the modern standard for securing access to APIs. OAuth 2.0 Simplified is a guide to building an OAuth 2.0 server. Through high-level
oauth.com
3. OK, I need some custom third-party info
If developing software for developers and you want specific integrations it is better to use specific capabilities provided by the third party.
Building OAuth Apps - GitHub Docs
You can build OAuth Apps for personal or public use. Learn how to register and set up permissions and authorization options for OAuth Apps.
developer.github.com
4. In this particular case, I'm going to use a site username/password
JWT.IO
JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.
jwt.io
5. Authentication/Authorization provider services can do more
Auth0: Secure access for everyone. But not just anyone.
Rapidly integrate authentication and authorization for web, mobile, and legacy applications so you can focus on your core business.
auth0.com
Okta | The Identity Standard
The Okta Identity Cloud provides secure identity management with Single Sign-On, Multi-factor Authentication, Lifecycle Management (Provisioning), and more.
okta.com
Code Patterns - Previous
Software Design Patterns
Next - Data access
Type-safe SQL with SafeQL
Last updated 9 months ago