✅ Web APIs: Authentication Providers
I am getting set up with a basic web API that is basically glorified CRUD with a react SPA frontend with some external data providers, and I'm trying to get the dev setup fully integrated. My main problem is around authentication. Previously I have used username + password auth with asp.net identity, but I would like social login providers, SAML SSO, etc, so was planning on going with an alternative. That seemed to be one of:
1. Auth0, Microsoft Entra ID, AWS Cognito, etc managed solutions
2. Duende Identity Server / Keycloak / another local solution
My concern with (1) is a combination of vendor lock-in / cloud lock-in(?) despite the strong security guarantees and flows and UI already configured and that there is no clear way of using these services for development. My concern with (2), however, is that this is overkill, a lot of devops work when it goes live, and introduces a security risk
Anyone have any experience with either of these and can tell me why they chose what they chose? Thanks :)
3 Replies
Unknown User•5w ago
Message Not Public
Sign In & Join Server To View
If you have no further questions, please use /close to mark the forum thread as answered
Thanks - sorry I missed these. Yeah, I determined I will dev with keycloak in docker compose and for deployment I will use aws cognito or similar. Auth0 whilst it provides more SCIM support is prohibitively expensive for now