|
|
|
|
|
|
by bradleydwyer
1839 days ago
|
|
|
I've never wanted to completely hand over authentication to a third-party. Instead what I'd think I'd like is just the risk assessment to be be performed by a third-party when I'm handling authentication (i.e. a third-party that has a broader view of what's happening across multiple services over time). I just send the pieces of information that I'm willing to share as an API call and they make the best risk assessment they can. Then I can take that risk assessment result and make a final decision if authentication succeeds or not. |
|
|
https://sift.com/ Is one you call out to that gives you a risk score.
https://datadome.co/ can sit within your cdn layer that does risk assessment.