re: WTH is OAuth? VIEW POST


Nicely done Sir :)

We are in the process of adding OpenID Connect / OAuth 2.0 support to all our services at work, for a couple of reasons that I wanted to mention, in addition to your first point about not sharing passwords (always good advice!):

  • SSO across multiple services, so our customers have one account with us from both a business and technical viewpoint
  • Federated authentication - this is the real win for customers, as they can use their own authentication system(s) to manage the access for their people and machines to our services - no more helpdesk calls to reset passwords for us (80% of calls!), no more risk of dangling system access after someone leaves for them, plus their choice of multi-factor etc.

Great! the Federated authentication sounds like a great idea.

code of conduct - report abuse