I am working on a small side project that will require users to be logged in for some actions. I am working on a web application and hope to build up to a native mobile app next. Since I will eventually have two clients I am thinking that I should have an identity/authentication solution that is decoupled from both implementations.
I developed a very thin identity service using JWTs that I would host separately from the app’s API as a proof of concept, but I am debating on if I should continue to build/maintain that or if I should just use a managed identity solution like Okta, Auth0 or something from a cloud provider.
Is it considered bad practice to roll-my-own identity service? Am I over complicating the approach by having a separate auth service?
Thanks!
submitted by /u/jlat96
[link] [comments]
from Software Development – methodologies, techniques, and tools. Covering Agile, RUP, Waterfall + more! https://ift.tt/3rKx5lw
Ameer Academy 