Authn / Authz

Authentication and Authorization

1. Just let me log in
Using OAuth 2.0, specifically OpenID Connect is a good way to handle authentication for your app. Having personal identifiable data and having to protect the privacy of the users' data is a liability which is better left to third parties.
OpenID Connect | OpenID
OpenID - The Internet Identity Layer
2. Maybe I need just one more thing
OAuth 2.0 has other capabilities beyond those supported by OpenID Connect.
OAuth.com - OAuth 2.0 Simplified
OAuth 2.0 Simplified
3. OK, I need some custom third-party info
If developing software for developers and you want specific integrations it is better to use specific capabilities provided by the third party.
Building OAuth Apps - GitHub Docs
GitHub Docs
4. In this particular case, I'm going to use a site username/password
JWT.IO
5. Authentication/Authorization provider services can do more
Auth0: Secure access for everyone. But not just anyone.
Auth0
Okta - Identity for the Internet
Okta

Code Patterns - Previous

Software Design Patterns

Next - Data access

Type-safe SQL with SafeQL

Last modified 3yr ago