[du_bing]

A user gateway. I need a product that can help me process user registration, login, session and other user identity logic. Than I can add my own user experiences using programming languages. The present user processing tools are too complicated and makes non sense.

[masonhensley]

Like this? (Open source) https://www.keycloak.org/

[du_bing]

seems great, but how to use it in other programming language? How to add my backend logic?

[pharaohgeek]

Keycloak is an identity/authentication provider. Your app would leverage it using OpenID Connect (OAuth 2). Keycloak would handle the heavy lifting related to identity management, registration, password changes, authentication, etc. Your app would handle everything else.

[peterbozso]

Azure AD B2C https://azure.microsoft.com/en-us/services/active-directory-...

[du_bing]

thanks, I will check.

[tylerrobinson]

Auth0 might be a good fit for you. Not affiliated, just a fan.

[du_bing]

thanks, checked it before, still complicated somehow

[phonon]

https://aws.amazon.com/cognito/ ?

[ian0]

I use Auth0, its been amazing though sometimes the docs are a little difficult.

[e9]

Check out AWS Cognito

[du_bing]

yeah, I checked it. Thanks!

[mister_hn]

why not using WebAuthn? https://webauthn.io/

[throwaway_n]

On GCP, maybe firebase auth: https://firebase.google.com/docs/auth

[latchkey]

Definitely this.

Edit: let me expand on why. You get to take advantage of the power of all of google's security team, with a nice clean simple api, great client libraries and excellent documentation.

There is also some cool features like the ability to tie custom data to a user (claims) and integrate with the realtime datastore for immediate notifications about changes to the user.

There is some great examples on how to implement this in the docs. I implemented this in my own app so that when I enable a 'role' for a user, the app literally updates (in both a Flutter mobile and React webapp) without even a refresh of the window. Pretty epic UX and super painless to implement.

Oh and it is effectively free.

[sergiotapia]

Non-starter. You're giving all your user information to Google. If you're OK with that, go for it. A lot of people are not.

[latchkey]

I hear you. It really depends on your requirements. That said, any site that is currently enabling 'google login' or 'xyz login' other than just a standard email login is already doing this. Never mind the fact that significant numbers of users are already on gmail or google apps.

The trade-off being that you can run the risk of a security hole in your authentication flow.

I still miss Mozilla Persona.

I also looked up the terms... this is the only thing I noticed that was relevant... 'except as necessary' is pretty vague, but I'd take that to mean that they should probably inform you first.

https://cloud.google.com/terms/

5.2 Use of Customer Data. Google will not access or use Customer Data, except as necessary to provide the Services and TSS to Customer.