Thanks @sjswami , this duplicate ids issue is now resolved in 1.19.7. Appreciate you letting us know about it: https://github.com/FusionAuth/fusionauth-issues/issues/890

Ah, yes, thanks for explaining.

Yes

You have two options

use the API to integrate with the current login/reg flow with FusionAuth. This lets you keep your existing html pretty much untouched, you're just calling out to FusionAuth instead of the database. remove them and use the FusionAuth provided pages with OIDC. This lets you use the theming and localization capabilities of FusionAuth, including super simple social signon.

It's your choice based on what your needs are, either way will work.

I'd only recommend using SAML if you have an application which only supports SAML, not OIDC.

You'll also want to make sure that when someone registers with one of your applications in FusionAuth, they register with all three. I'd probably use a webhook to ensure that.

We have load tested our medium deployments to roughly 20 logins per second. It can vary quite a bit. We ship with PBKDF2 and a factor of 24,000. That configuration is the primary limiter to how many passwords we hash per second.

Tune it up to bcrypt factor 14, and it may take 3-5 second per hash. You can also tune the factor down from the default scheme to increase logins per second - it is a trade-off between security and performance.

And you can change these settings at the tenant or user levels: https://fusionauth.io/docs/v1/tech/apis/tenants
https://fusionauth.io/docs/v1/tech/apis/users