The definitive
standard of Identity.
A universal authentication & authorization platform
for web and mobile applications.
Users
Able to login across multiple websites (using OAuthgen as an identity provider) and these credentials are never shared with the tenants/organizations.
Organizations
Manage the company’s individual user accounts such as user management. These users are isolated within the brand/tenants user space. The brand admin will be able to reset user passwords of the users but would not be able to do the same for any customer.
Features
Single Sign On
Allowing users to simply log in once and use all applications they have been granted access to.
Universal Login
Authenticate users across all of your applications with your own secure, and standards-based unified login.
User Management
Helping administrators manage user identities including creating, blocking and deleting users.
Ease-of-use
As your company is growing; there maybe newer brands or sub organizations and it could become cumbersome in managing the simplicity of authentication and security as you grow. By using OauthGen. you are taking the burden away from yourself for managing the security of the users and customers while also providing the customers with the ease of user management.
Sefl-hosted White Label
Yes, you could have your own parent tenant implementation by running a self-hosted version of OAuthGen. You can seamlessly control all your customers while allowing multi-tenancy for your brands to manage their organizations user access permissions.
Security.
Unlike other OAuth 2.0 providers, OAuthGen doesn’t allow tenants to delete or change customer passwords or assign permission to customers. This keeps customers secure and decreases the burden of tenants setting up additional solutions for providing customer security.
With Universal login, users are redirected to a central authorization server. Because authentication is taking place on the same domain as the login, credentials are not sent across origins, increasing security and protecting against attacks such as phishing and man-in-the-middle.
Standards
OAuth 2.0 is the industry-standard protocol for authorization. OAuth 2.0 supersedes the work done on the original OAuth protocol created in 2006. OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, desktop applications, mobile phones, and living room devices.
OpenID Connect is an interoperable authentication protocol based on the OAuth 2.0 family of specifications. It uses straightforward REST/JSON message flows with a design goal of “making simple things simple and complicated things possible”. It’s uniquely easy for developers to integrate, compared to any preceding Identity protocol.