¶ What is authentication
No matter what type of application you are developing - internal employee IT system, toC account system or API exposed to other developers, user authentication is a vital part of it, and GenAuth will provide you with appropriate authentication support.
Note: Some browsers have begun to disable third-party cookies by default, which will affect some functions of GenAuth in some scenarios. For detailed description, please see: FAQ: How will browser disabling third-party cookies affect GenAuth functions?
The login experience is one of the most important user experiences that software developers need to consider. It is not an easy task to provide users with a seamless, convenient and secure authentication experience. Generally speaking, the login logic is also associated with registration, password reset, account association and other logic. More importantly, enhancing security in the form of strong and adaptive authentication during the login process is often critical for many implementations.
GenAuth provides a lot of authentication methods for developers to choose and combine. Password policies, frequent login detection, custom authentication processes, etc. can be easily completed through the management console (these operations can basically also be completed through the Management API).
¶ OIDC / OAuth2.0 / SAML / AD / LDAP / Social Login
GenAuth supports accessing your applications and user data through standard protocols such as OIDC, OAuth2.0, SAML, LDAP, etc. You can safely use GenAuth as your Identity Provider. If you use GenAuth as an Identity Provider, you can connect to other third-party Service Providers, such as logging in to Alibaba Cloud, AWS, Azure, Jira, etc.
GenAuth can also be used as a Service Provider to connect to third-party Identity Providers through standard protocols such as OIDC, OAuth2.0, SAML, LDAP, AD, etc. For example, you can log in to your application through Azure AD or local Windows AD. GenAuth can also use third-party social login to automatically pull the user information of social login users to your user directory.
You can learn about the implementation principles of OIDC, OAuth2.0, SAML, LDAP, and AD respectively.
¶ Hosted login page authentication
Each user pool in GenAuth has an independent secondary domain name and an online login page. You can access this login page by visiting https://YOUR_DOMAIN.genauth.ai/login . You don't need to write a line of code to maintain the login page. You can make some customized configurations through the application configuration of the console.
¶ Embedded login form authentication
GenAuth embedded login component is a lightweight, modern, and highly scalable front-end login component provided by GenAuth, which supports native JavaScript and the three major front-end frameworks of React, Vue, and Angular. This embedded login component is basically consistent with the login page hosted by GenAuth, and has strong customization capabilities. This component has built-in functions such as password reset, MFA, social login, and scan code login, all of which are highly configurable.
For details, see Use the embedded login component to complete authentication.
¶ Auth SDK
GenAuth provides a lightweight, developer-friendly Auth SDK for front-end developers (supports JavaScript/Node, Java, Python, PHP, C#, etc.), which allows you to implement your authentication logic more flexibly, quickly, and securely. This Auth SDK supports all authentication-related functions of GenAuth, including basic authentication, password reset, account binding and other functions. You can get the user's id_token through this SDK and pass it to downstream applications as the user's identity credential.
GenAuth supports SDKs in multiple programming languages including Java, JavaScript/Node.js, Python, PHP, C#, Swift, Go, Ruby, WeChat Mini Program, etc. You can choose the SDK you are familiar with:
¶ Authentication API
The hosted login page, embedded login component, and Auth SDK underlying capabilities mentioned above are all supported by the Authentication API. GenAuth Authentication API supports two calling methods: RESTful and GraphQL (endpoint is https://core.genauth.ai/graphql/v2), and you can also directly call the Authentication API to implement authentication logic.
¶ Single Sign-On
Single Sign On, referred to as SSO, is one of the more popular solutions for enterprise business integration. The definition of SSO is that in multiple application systems, users only need to log in once to access all mutually trusted application systems. We provide a dedicated SSO SDK that developers can use to quickly implement single sign-on between applications.