If the time comes when the traditional signing in with email dies out, I don't know how long I'm gonna last to the Internet anymore. I never liked the idea of having my accounts associated with these giants especially with Facebook.

Yet another Hacktoberfest tshirt

From Auth0

Received by improving documentation and the product itself

(The tshirt is darker than the image)

Auth0 and Okta merge.... Is Cognito the only other major player here? This merge now makes an Auth monopoly!

Got the Auth0 authentication flow working after 2 days. Time to celebrate!!

Do you think Auth0 is a good solution for smaller projects? Is it easy to replace in the future? Know any good (and preferably cheap) alternatives?

Am currently developing an app which uses an IaaS named Auth0. Great experience so far, reasonable docs, unlimited users, social login, sso and support for about $29/m.

After an inquiry from a customer to provide MFA, I contacted Auth0 to see what​ it would take to use this feature.

"We only offer this in our Enterprise plan which starts at $18k/yr."

Well, fuck me with a pitchfork and call me Bridget the midget. I'll code it my goddamn self.

i have a question for you. You work for an industry, a factory, in house. You have only one developer to help you.

They ask you for an app to store production and get reports. Ok
Then before a year passed, they want you to start making apps for: project managment, hr 360 evaluation, implementation of SSO without paying a third party service (like auth0 or okta)

Would you feel comfortable, even if the proper time was given, to get involved with so many different domains without anyone above you having any idea about software lifecycle and development?

I hate the company (agency) I moved to...I've negotiated good pay and the project for cutting edge medical product which will change the world (cancer diagnose and it actually works).

Now the dark side I've got shit tier laptop which I don't want, overtime is payed 30% less, all the people in the agency from development team don't know shit and are mostly I would call them juniors (of course who would with enough seniority work with shit hardware and almost not payed overtime), only tap water and since this is the old part of town you instantly get sick, they treat people like shit.

The product dark side. We are actually working on crm for doctors to input patient data, we cannot have any real data because we are the agency people, product is being led by the guy who has 0 production experience (they choose the database basically with coin toss and emulated the mongodb in postgress with jsnob, they don't know how to build their own auth system hence my previous rant about b2c, they are using cognito and now moving to auth0 which probably won't fit their need because a lot of stuff needs to be custom), they are choosing every hipe tech out there without any prior experience. It's chaos...

I'm trying to guide them but i think this will be a huge expensive failure and that i need to leave asap.

There I feel better now, moral of the story, choose startups wisely.

So, need to secure some requests.
I decided on going passwordless on the website but I want to have an API too.

I am reviewing auth0.
I am also not sure if I can secure the same endpoints as private and public differently, so the private is used by the backend with no auth and the public with auth.

Wold you guys help me with some reading material?

Guys I need to deploy a very simple authentication API service.

You register with a username (actually an ID with a determined format), a password and uuid. You login with your username and password and if credentials are correct you get back the uuid as a response (JSON or whatever the fuck).

If you forget your password, you can use your uuid (which is confidential, very long string) in some POST request to set a new password. If you forget your username, you use the uuid again in a GET request to get back your username.

I've been looking at a bunch of solutions online and I don't think they suit my purpose exactly and all require emails (Like Firebase, AUth0, etc.) So, let me get this straight: NO FUCKING EMAILS INVOLVED PLEASE.

The above are the EXACT requirements I need for my work (for a good cause too). I fucking hate 0-requirement exploratory research tasks and I'm plagued with those. Those requirements are the only way it should work. So again, NO EMAILS INVOLVED PLEASE.

Also, please note that I have never developed an API in my life. I feel like StackOverflow will be assholes about this so I am asking this here.

I know it is very easy to do and there are probably dozens of ways to do this. I just do not know how, documentations are vague and overwhelming (or I'm just a little stupid lately). Another thing is that I am not sure of how can I do this in the most secure way. Bonus if this can be dockerized.

I know I sound a little rude,so I am sorry. It is just my frustration and depressing times I am going through that's preventing from thinking straight.

What are your personal goto identity management providers?
I am currently looking at Firebase and Auth0

Anybody know Google admin SSO with Auth0

I need to refresh my Access Token from Flutter app. Should I use token expiry field from Access Token or attempt a request and if get 401 and some error from auth0, refresh token and try again?

So our teacher is telling us to join some kind of competition thing that the government creates, and uhh, when I went to the website, sign up with a separate account that I will probably never use once again in my whole life, and then I notice that when you click to the TOS link in the "I agree with the TOS", it does... nothing, yes, it doesn't lead you to an actual TOS page or anything, it just teleports you up, what?????, did you just create a fking TOS link and it doesn't actually lead to anywhere else? Then why do it anyway? Also, you can literally find a TOS template with some English keyword and then plastered it on some obscure page and then use the TOS link to lead to that one instead of blatantly do nothing. Also, I noticed that they use a authentication service called Eids Authentication. Who the fk is this guy? Why don't you just use something already popular like Auth0? They have way better UI/UX than whatever that is and supports way more platform logins like Google and Faxbook which are more familiar to us.