This profile of OAuth 2.0 provides strong identity assurances using simple auth flows that work with browser, server, and mobile applications. The specification also supports discovery, dynamic registration, session management, and encryption.
Sharing passwords is unsafe. OAuth defines a set of authorization flows that let users securely delegate access to their accounts by third party software. OAuth's access tokens can also be used for client-server authentication where user consent isn't required.
Anvil Connect issues identity and access tokens as digitally signed JWTs. Signatures provide an exceptionally trustworthy mechanism for verifying authenticity. And with their object payload, JWTs can carry everything needed to authorize an API request.
OAuth scopes are a way to define permissions associated with an access token. Anvil Connect allows you to manage different levels of access by grouping permissions into user roles.
It's not enough to develop for just one platform. You can't afford to maintain monsterous monolithic apps. Your secret backend sauce is a polyglot combination of microservices. No matter the reason, Anvil Connect can centrally manage your users' identities and authorization.
We believe critical infrastructure must be 100% open source. Once you’ve committed to such a crucial piece of software, you want to know you’ll always have access and aren’t beholden to the changes endemic to software development.
These are just a few of the OAuth providers Anvil Connect supports for social sign-in.