Use OAuth2 for SSO with OpenID Connect.

If you’re building a web API that will be used by other applications, then you probably want to support single sign on (SSO). That means the user only has to log in once and can access all of their data without having to log in again. This is called federated authentication because it allows your app to delegate authentication responsibilities to another service—in this case, an identity provider like Google or Facebook.

There are two main protocols for implementing SSO: SAML and OAuth2/OpenID Connect (OAuth2/OpenID Connect is also sometimes referred to as “the hybrid flow”)

Back to Main