Authn / Authz

Authentication and Authorization

1. Just let me log in

Using OAuth 2.0, specifically OpenID Connect is a good way to handle authentication for your app. Having personal identifiable data and having to protect the privacy of the users' data is a liability which is better left to third parties.

OpenID Connect | OpenIDOpenID - The Internet Identity Layer

2. Maybe I need just one more thing

OAuth 2.0 has other capabilities beyond those supported by OpenID Connect.

OAuth.com - OAuth 2.0 SimplifiedOAuth 2.0 Simplified

3. OK, I need some custom third-party info

If developing software for developers and you want specific integrations it is better to use specific capabilities provided by the third party.

Building OAuth Apps - GitHub DocsGitHub Docs

4. In this particular case, I'm going to use a site username/password

JWT.IO

5. Authentication/Authorization provider services can do more

Auth0: Secure access for everyone. But not just anyone.Auth0

Okta - Identity for the InternetOkta

PreviousSoftware Design Patterns NextType-safe SQL with SafeQL

Last updated 4 years ago