DEV Community

Discussion on: OAuth Tips for the Uninitiated

Collapse
 
mortoray profile image
edA‑qa mort‑ora‑y

Yes, the article is about social login. I have yet to see a situation where an OAuth is not some other website however -- do people use internal company OAuth providers?

Thread Thread
 
antonfrattaroli profile image
Anton Frattaroli

Yeah, using them is a monotonous task of configuring identity providers and service providers, and the SSO protocols become abstracted away and lines get blurred.

I feel like there are a lot more on-premises offerings than there had been in just the last few years. Maybe the OpenID Connect specification helped?

One solution is to validate tokens at the load balancer, to offload validation from the applications. In mid-2017 F5 added an OAuth provider to their application launcher software and I wonder if it was to address that specifically.