Life of Apps

A Cursory Look at Auth0

Auth0 provides an identity infrastructure for applications helping them authenticate users. Auth0 supports authentication using OAuth using social media providers, username/password and other means. Auth0 offers a free trial and supports signup using social media. I signed up using my github account. It offers good tutorials to setup the central dashboard that has a host of features, I only tried two basic features: setting up clients and APIs.

Setting up clients that would use Auth0 for authentication: I used single page webapps as they pointed to a node implementation. Native iOS apps and non-interactive apps are supported.

APIs can be protected using JWT and other means. These can be defined in the dashboard.

Users that want to use your app can signup using the Auth0 endpoint shared. The signing up as mentioned earlier would be primarily through social media accounts and username/password. The users signed up are displayed in the dashboard.

Auth0 supports both SAML and OAuth. It also supports OAuth using JWT. JWT or JSON Web Tokens offer a compact way to authenticate users and the flow is as follows:

  • User authenticates using username/password
  • Receives a JWT token 
  • Uses the JWT token until it expires for further server interaction by passing it in the header


JWT is more compact than SAML as SAML is more lengthy due it being XML based. I had initially thought of writing a post on JWT authentication but found that this post by Jonathan  explains it well.

Danesh

Visit Pleb.in for apps developed by Danesh

No comments :

Post a Comment

Leave a Comment...