|
|
|
|
|
|
by kjuulh
933 days ago
|
|
|
It indeed isn't that hard to get something up and running with oidc or oauth. However, what becomes problematic is handling inherent complexity of whatever the provider you use is. If the OIDC flow is only intended for you or in-house at a company then it is less problematic. But when used by all sorts of people and devices, it will break in all sorts of problematic ways. But that isn't to say that you shouldn't use the technology it is fantastic at what it does. I.e. handle social identities in the case of oidc, and authorization in the case of oauth |
|
|