Unanswered Questions

11 votes

1 answer

788 views

I'm working on a multiplatform game in Flash. This game utilizes Photon Server for authoritative physics and user statistics tracking. I'm looking to leverage Facebook authentication as an alternative ...

6 votes

1 answer

353 views

We have a few backend services that our frontend SPAs fetch data from. Right now, the SPAs use JS libraries to authenticate with the Auth server (Azure AD) which returns a JWT which is validated by my ...

4 votes

0 answers

269 views

I'm working on a project that integrates with a third-party service via API, and the third-party uses callbacks to update us on the status of the operations being performed. These callbacks can be hit ...

4 votes

0 answers

165 views

I have a web API that accepts Authorization headers to allow access. It responds with the requested data in addition to setting a session cookie. Subsequent requests can be made with no auth headers ...

4 votes

0 answers

119 views

So this question is specific to implementing auth in our system but I'm looking for high-level (just the architecture) solution or advice on which direction to head towards. Overview (TL;DR) Our ...

4 votes

0 answers

363 views

Our system is fundamentally a multi-tenant setup, where each client maintains a separate database with its own data and users. The authentication system on login issues an authentication token which ...

4 votes

0 answers

842 views

Let's say my Server is both Authorization Server and Resource server My Client (for example mobile app) can authenticate in 2 matters: via Resource Owner Password Credentials Grant via Authorization ...

4 votes

0 answers

98 views

So I've created an API that I want to leverage to add some functionality to an existing web app. My current website authenticates users using SAML. What I'm looking to do is instead of moving the code ...

3 votes

0 answers

254 views

I am trying to make a system where a user can view/download his statements (say salary slips). The user will have ability to download PDF versions of these statements and can also save them to Google ...

3 votes

0 answers

1k views

We're having a bounded context dealing with payments. I'm trying to model case, where Merchant can create another merchant and inherit some of its properties in this case: users that are needed for ...

3 votes

0 answers

1k views

I'm looking into creating a single-sign-on portal built in ASP.NET MVC. This single sign on portal should give users the option to sign in with their individual account (which should be verified ...

3 votes

0 answers

105 views

I need to build a site for a mobile app that allows users to sign in with facebook/twitter or sign up as a new user (traditional username/password). No matter which method the user chooses, they ...

2 votes

0 answers

244 views

I want to know is if we should perform authentication at the API gateway, at the individual service, or both. Let's frame this question and descussion in the context of new development. Specifically, ...

2 votes

0 answers

642 views

I am trying to come up with a design for an application I am working on. Here is a basic picture of what I am looking to do. Everything up to the Data Layer is totally fine but the Data Layer makes ...

2 votes

0 answers

28 views

I'd like to know some best practices on how to build rest API for a backend which shall communicate with a mobile app by anonymous users. This is the scenario with details: I'm building a demo library ...