Authentication is the process of verifying the identity of a user or entity. It is a fundamental security measure that is used in a wide variety of applications, including web applications, mobile apps, and APIs. The thing is, as a developer with over 20 years of experience, I just don’t care about figuring it out! I just want it to work!!
There are many different ways to implement authentication, but the most common approach is to use a username and password. Yep, just like back in 1960 when The Everly Brothers had one of the top songs out there, this method is still most popular today. Just as the Everly Brothers’ time at the top of the charts has passed, so has the time for passwords. I don’t want to hear about them anymore!
A more modern approach is to use a single sign-on (SSO) solution. SSO solutions allow users to log in to multiple applications using a single set of credentials. This can be convenient for users, as they do not have to remember multiple usernames and passwords. This method came about around the same time Eminem hit the billboard top 100 for the first time. SSO often has the problem of including the first login requirement of using a username and password to this day. Even Eminem made some changes and remains relevant!
My point is that authentication is an important security measure, but it can also be complex to implement. This is why we have been hanging on to these old methods for so long! When you are creating a new application (unless it is an authentication application), the last thing you care about is user login. There are many different authentication methods to choose from, and each method has its own advantages and disadvantages. Additionally, authentication needs to be implemented in a secure way to prevent attackers from gaining unauthorized access to applications. But, again, all I care about is that my data is secure when creating the next Napster so everyone can share their 1990s music with me again!
The benefits of using an authentication service
There are many benefits to using an authentication service. Authentication services can help you:
- Save time and money: Implementing and maintaining authentication can be time-consuming and expensive. authentication services can save you the hassle of having to implement and maintain your authentication system. s
- Improve security: authentication services can help you to improve the security of your applications by using best practices and the latest security technologies keeping up to date with the latest security patches.
- Reduce the risk of compliance violations: authentication services can help you meet compliance requirements by providing features such as two-factor authentication and user provisioning.
The last thing that I want is a call on Saturday night that someone hacked the password database that we built in-house two years ago and didn’t maintain securely!
Choosing an authentication service
When choosing an authentication service, there are a few factors to consider:
- Features: Consider the features that are important to you, such as two-factor authentication, user provisioning, and support for different authentication methods.
- Pricing: authentication services can vary in price. Compare the pricing of different services to find the best deal for your needs.
- Ease of use: Consider how easy the authentication service is to use. You want a service that is easy to set up and manage.
- Hosting: Do you need flexibility to host your instance of an authentication Provider or have them host?
- Integration support: Often you’ll want to use an authentication service as a central user data store. You’ll want to make sure you can integrate custom applications, off-the-shelf commercial software, and open-source solutions with it.
For Developers Who Just Want It To Work
If you are a developer who just wants authentication to work without implementing it yourself, there are a few things that you can do to make your life easier:
- Use an authentication service. There are many different authentication services available, both free and paid. Authentication services can save you the hassle of having to implement and maintain your authentication system.
- Use a framework or library that provides authentication functionality. There are many different frameworks and libraries available that provide authentication functionality. Using a framework or library can save you the time and effort of having to implement authentication yourself. If you are ready to get started check out our FusionAuth Quickstarts.
- Consider that when Better Napster, wait I mean your app, starts to grow, you will want an authentication provider that can handle different devices and form factors such as mobile, desktop, and web clients.
- Develop a local instance or self-contained environment that you can host yourself to make development easier.
- Look to your favorite framework provider and see what they are using and use an authentication framework built for that.
What You Should Care About
Now that you have authentication figured out you can start to focus on the real requirements of building an application…
Picking the rest of your software components:
- Framework - Remix, Next.js, SvelteKit, Pheonix Framework, Laravel, Flask, Angular
- Database - PlanetScale, AlloyDB for PostgreSQL, AWS Aurora Serverless, CockroachDB Serverless, EdgeDB, Neon, Supabase, Timescale, Upstash, Grafbase, Turso, Fauna, Ably, Convex, Hasura, liveblocks
- Hosting - Vercel, Netlify, Fly.io, Cloudflare
- CMS: Contentful, Quintype, Hygraph, Ghost, Strapi, Sanity, Kontent, Optimizely
There are full backend solutions out there like Firebase, Supabase, and Appwrite. However, if you don’t like some part of these stacks then it becomes very difficult for you to decouple your application(s). In this video our Founder and CEO talks about Authentication as a Microservice and how to use a JWT in your APIs.
Oh yeah and now the actual coding begins!!
If you want authentication to just work start using FusionAuth today for free!
Want to get jump-started using your framework of choice? Check out our Quickstarts.