|
|
|
|
|
|
by Phil-bitplex
2053 days ago
|
|
|
This looks so so appealing!! My biggest mental hurdle with these systems are - how do I easily have local development environments My team and I can use - displaying other users names and email addresses is a really common thing to need in applications I build. What's the way to go about keeping that data in sync between the identity or auth system with the application? What used to be a database join could grow into any number of network requests to the identity server - how does one re-skin the sign up process or user management to match each application so it's less jarring to the user? I'm not really looking for answers - this isn't stack overflow :) They would come with even the smallest amount of investigation into it. I'm more just sharing what I think is an interesting mental block stopping me from immediately adopting it as the default. |
|
|
Disclosure: I work for FusionAuth.
> how do I easily have local development environments My team and I can use
A lot of our users use our docker container + kickstart to set up FusionAuth in a known state: https://fusionauth.io/docs/v1/tech/installation-guide/docker...
> displaying other users names and email addresses is a really common thing to need in applications I build
You can encode some information into the JWT. You don't want to put any super sensitive information, but email and username may be ok depending on your security posture. Then, when a service consumes a JWT (which it will be doing anyway, to ensure the user is authorized) it can extract the email, name and other info.
> how does one re-skin the sign up process or user management
As a sibling comment said, any IdP (identity provider) worth its salt will have the ability to skin login pages. Here's FusionAuth's docs on this: https://fusionauth.io/docs/v1/tech/themes/ but any other IdP should have similar docs
Hope this helps!