Social login and SSO is generally implemented these days as OIDC (which is based... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

noodlesUK on Dec 27, 2020 | parent | context | favorite | on: Ask HN: Sign Up with Facebook/Apple/Google – API o...

Social login and SSO is generally implemented these days as OIDC (which is based on oauth2). You can read the RFCs for it, and they pretty much explain the whole thing.

Oauth2: https://tools.ietf.org/html/rfc6749

PKCE (replaces the implicit flow): https://tools.ietf.org/html/rfc7636

OIDC: https://openid.net/specs/openid-connect-core-1_0.html

brittpart_ on Dec 27, 2020 [–]

So essentially the UI is called SSO and the authentication happens with Oauth2/OIDC - that's the combo Apple uses.

Do you know what the barrier to entry is for a company to integrate another company's SSO?

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact