undefined | Better HN

0 pointsIshKebab5y ago0 comments

That's probably like 30% of the uses of OAuth (e.g. granting Azure Pipelines access to your GitHub repos). 70% is just outsourcing identity and authentication (log in with Google / Facebook / etc.) In those cases the only data they access is your email, profile image, etc.

As a website developer I would definitely appreciate something like OpenID but actually usable/popular. Having to implement a ton of "log in with"s sucks, as does implementing email based login.

0 comments

sk5t5y ago

> Having to implement a ton of "log in with"s sucks, as does implementing email based login.

This is kind of auth0's--but also most security token service things--raison d'etre: your app trusts just one authority and supports just one protocol, shunting any unauthenticated users to it, letting it handle the transaction with trusted identity providers.

stopyellingatme5y ago

100% agreed. I would love to find a language or library that makes one or both of them trivial.

j / k navigate · click thread line to collapse