427
427
+ 1
0

What is OAuth2?

It is an authorization framework that enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.
OAuth2 is a tool in the User Management and Authentication category of a tech stack.

Who uses OAuth2?

Companies
60 companies reportedly use OAuth2 in their tech stacks, including Typeform, Ataccama ONE, and Biting Bit.

Developers
354 developers on StackShare have stated that they use OAuth2.

OAuth2 Integrations

OpenID Connect, KrakenD, Aqueduct, Backlog, and Fat Free CRM are some of the popular tools that integrate with OAuth2. Here's a list of all 6 tools that integrate with OAuth2.
Decisions about OAuth2

Here are some stack decisions, common use cases and reviews by companies and developers who chose OAuth2 in their tech stack.

Joshua Dean Küpper
CEO at Scrayos UG (haftungsbeschränkt) · | 4 upvotes · 54.6K views

We use Quarkus with native compilation in GraalVM for our global REST-API "Charon", that can be used by every developer to request user, server and game-data (protected through OAuth2). Quarkus offers a reliable framework, library and stack for high-quality APIs and integrates Vert.x into its core.

GraalVM pushes the performance boundaries even further with the ability to perform ahead-of-time native compilation so we can reach an incredible small memory-footprint and fast bootup-times that we need for our microservices architecture.

See more
Joshua Dean Küpper
CEO at Scrayos UG (haftungsbeschränkt) · | 7 upvotes · 323.6K views

As the access to our global REST-API "Charon" is bound to OAuth2, we use Keycloak inside Quarkus to authenticate and authorize users of our API. It is not possible to perform any un-authenticated requests against this API, so we wanted to make really sure that the authentication/authorization component is absolutely reliable and tested. We found those attributes within Keycloak, so we used it.

See more
Shared insights
on
OAuth2OAuth2

Hello Stackshare, Trying to create an identity management solution that supports standard protocols (OpenID, OAuth2). Any recommendations on which 2 tools can be evaluated? Needs flexibility in terms of working with other identity providers, User federation, etc. Thanks in advance.

See more
Isaac Ogunleye
Backend Developer at Coast research Institute · | 5 upvotes · 58.5K views
Shared insights
on
PassportPassportOAuth2OAuth2

My teammates and I are arguing on which library to use for our local and social authentication in our express app between OAuth2 and Passport. I went for Passport cause I personally like it, and it seems easier to implement with good docs, but some of my teammates think it's less secure than OAuth2. So any advice please would be appreciated. Thanks 🙏🏻

See more

Blog Posts

Sep 29 2020 at 7:36PM

WorkOS

PythonSlackG Suite+17
6
2549

OAuth2 Alternatives & Comparisons

What are some alternatives to OAuth2?
OpenID Connect
It is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.
Auth0
A set of unified APIs and tools that instantly enables Single Sign On and user management to all your applications.
Amazon Cognito
You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests. You can save app data locally on users’ devices allowing your applications to work even when the devices are offline.
Keycloak
It is an Open Source Identity and Access Management For Modern Applications and Services. It adds authentication to applications and secure services with minimum fuss. No need to deal with storing users or authenticating users. It's all available out of the box.
Spring Security
It is a framework that focuses on providing both authentication and authorization to Java applications. The real power of Spring Security is found in how easily it can be extended to meet custom requirements.
See all alternatives

OAuth2's Followers
427 developers follow OAuth2 to keep up with related blogs and decisions.