I'm not totally sure what it would take to build this SSO but the Node ecosystem strikes me as more tuned for this sort of thing. Could your solution be backed by a third party like Auth0? Certainly seems worth checking out.
I also get the feeling that AWS Lambda's authorization might fit.
I haven't used any of these myself but they come to mind based on previous research. Anyway, I'm kind of just feeling around based on my gut about some of the problems you might be facing. If it seems like I'm way off base, I probably am.
Being honest with you, this is the first time I'm developing such a feature, so I'm very new to these concepts as well, I'm doing my research right now.
I'll check out Auth0 and see if it could be a good fit. I've also heard good things about AWS Lambda.
Cool, I usually spend time telling people why not to use Lambda because many want to use it purely for novelty, but depending on your needs it could be a decent route to check out for this project.
I'm a fan of Open Source and have a growing interest in serverless and edge computing. I'm not a big fan of spiders, but they're doing good work eating bugs. I also stream on Twitch.
Roberto, a word of advice. Don't build one. I went through this at a job already. I received a code base from a contractor that was supposedly ready to go to prod (spoiler, it wasn't) for a custom SSO solution (SAML, WSFed...). Eventually, it went to prod, but there was always little tweaks and maintenance. In the end, we convinced our client to buy a commercial solution, which included support and they were great when I had to work on some custom stuff to integrate into it.
Unless your specialty is Identity Access Management, go with an off the shelf solution. If you need OAuth, go with Auth0. I mean, they actually wrote the book on JWT 😉
I'm a fan of Open Source and have a growing interest in serverless and edge computing. I'm not a big fan of spiders, but they're doing good work eating bugs. I also stream on Twitch.
Having said that, it's still good to understand these technologies. As well, to my initial point, the off the shelf solution will have already solved all the edge cases that you'd probably run into. And new ones that crop up will be treated by their support team while you focus on what's important, building your product.
Thanks a lot for the advice, Nick! I'm actually really scared of not knowing enough about this because I don't want to debug things in a live environment with angry people up my neck 😅. And I'm definitely not an IAM specialist XD.
As you said, I'll still try to learn about the underlying technology, but I'll try to pitch the idea of getting an off-the-shelf service instead of building one, and see how that goes.
If I get told to build one still, then well, I'll have to put on my Indiana Jones hat I guess 🤪
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I'm not totally sure what it would take to build this SSO but the Node ecosystem strikes me as more tuned for this sort of thing. Could your solution be backed by a third party like Auth0? Certainly seems worth checking out.
I also get the feeling that AWS Lambda's authorization might fit.
I haven't used any of these myself but they come to mind based on previous research. Anyway, I'm kind of just feeling around based on my gut about some of the problems you might be facing. If it seems like I'm way off base, I probably am.
Good luck either way.
Being honest with you, this is the first time I'm developing such a feature, so I'm very new to these concepts as well, I'm doing my research right now.
I'll check out Auth0 and see if it could be a good fit. I've also heard good things about AWS Lambda.
Thanks!
Cool, I usually spend time telling people why not to use Lambda because many want to use it purely for novelty, but depending on your needs it could be a decent route to check out for this project.
Roberto, a word of advice. Don't build one. I went through this at a job already. I received a code base from a contractor that was supposedly ready to go to prod (spoiler, it wasn't) for a custom SSO solution (SAML, WSFed...). Eventually, it went to prod, but there was always little tweaks and maintenance. In the end, we convinced our client to buy a commercial solution, which included support and they were great when I had to work on some custom stuff to integrate into it.
Unless your specialty is Identity Access Management, go with an off the shelf solution. If you need OAuth, go with Auth0. I mean, they actually wrote the book on JWT 😉
Having said that, it's still good to understand these technologies. As well, to my initial point, the off the shelf solution will have already solved all the edge cases that you'd probably run into. And new ones that crop up will be treated by their support team while you focus on what's important, building your product.
Thanks a lot for the advice, Nick! I'm actually really scared of not knowing enough about this because I don't want to debug things in a live environment with angry people up my neck 😅. And I'm definitely not an IAM specialist XD.
As you said, I'll still try to learn about the underlying technology, but I'll try to pitch the idea of getting an off-the-shelf service instead of building one, and see how that goes.
If I get told to build one still, then well, I'll have to put on my Indiana Jones hat I guess 🤪