|
|
|
|
|
|
by p2hari
1667 days ago
|
|
|
I think the part on DB adapters is right in the sense that NextAuth allows us to use whichever db persistence we need.
But if that is handled by Ory. what Db does Ory use? Should we set up our own.? Also, authentication and authorization are core for an app. If we do authentication here, how does authorization work? Can I bring my own authorization like oso etc. |
|
|
1. What do you do when a user with email "foo@example.org" has already signed up, and now is trying to sign up using Google with "foo@example.org"?
2. How do you ensure that a user can update sensitive information (e.g. their recovery email address, or linking additional "Sign in with" providers) while keeping a balance between security and user experience?
3. What if you now want to add biometric auth for native mobile apps, or 2FA?
The complexity in building your own is not starting with the first 10%. As your app and business grows, teams are faced with ever increasing requirements. Leaning on an established open source provider built by experts in the area just saves you so much time, headaches, and potential security oversights!
> What Db does Ory use? Should we set up our own.?
We support all prominent SQL systems - so PostgreSQL, MySQL, CockroachDB, SQLite, ... - and of course all cloud SQL vendors. You can also choose to run Ory in Ory Cloud, then we take care of all of this for you!
> Also, authentication and authorization are core for an app. If we do authentication here, how does authorization work? Can I bring my own authorization like oso etc.
Absolutely! We have a project for this also: https://github.com/ory/keto
Hope this clarifies your questions!