Authn / Authz

Authentication and Authorization

1. Just let me log in

Using OAuth 2.0, specifically OpenID Connect is a good way to handle authentication for your app. Having personal identifiable data and having to protect the privacy of the users' data is a liability which is better left to third parties.

2. Maybe I need just one more thing

OAuth 2.0 has other capabilities beyond those supported by OpenID Connect.

3. OK, I need some custom third-party info

If developing software for developers and you want specific integrations it is better to use specific capabilities provided by the third party.

4. In this particular case, I'm going to use a site username/password

5. Authentication/Authorization provider services can do more

Last updated