Login Pages - Hosted or API
If you’re reading this then you already know about the importance of authentication. What you might not know is whether you want to use FusionAuth’s hosted login pages, or if you’d prefer to use the API options instead. We put a guide together for you to help you make up your mind.
We’re going to explore the differences between hosted login pages and the results that you can get using the API. We will dive into their pros and cons so that you can make an informed decision about what is best for you.
Hosted Login Pages
Hosted login pages are a popular choice for many developers. This is especially true for those who prefer to use a WYSIWYG editor to handle their customization. That said, Hosted Logins do require some tradeoffs such as a browser redirect. Further, since the Hosted Login is designed in our Simple Themes editor or inside of Apache FreeMarker, they do not leverage React or other common design systems.
| Pros | Cons |
|---|---|
| Managed by experts. | Look and feel customization uses Freemarker unless you use Simple Themes. |
| No sensitive credentials seen by your application. | Browser redirect is required. |
| Fully custom look and feel. | Mobile devices use the system browser, not native UX components. See the image below this chart for an example. |
| Handles multiple use cases (account creation, MFA prompting, etc.) | Does not leverage React or other common design systems. Might require additional work from your design team. |
| Includes single sign-on (SSO) between different apps. | Upgrades can be problematic unless you’re using Simple Themes. |
| Localization support. | Limited workflow customization. |
| New workflows added regularly so you gain function without added development work. | |
| Doesn’t exclude API usage. You can add custom logic such as redirects or requiring MFA for certain groups. |
Example Hosted Login Page on Mobile
The image below shows the mobile login experience for Audacy. As discussed in the preceding chart, you can see the address bar and UX components that are from the system browser, rather than the native UX components that your customers will see in your application.
API Login Pages
Some users want full control over absolutely every element of their login UI. But that control comes with some responsibilities. The chart below details what some might consider to be “cons” to using an API Login page.
| Pros | Cons |
|---|---|
| A fully custom login experience, with support for embedded flows such as iframe, modals, overlays, and native application UI elements. | Must build your own UI for auth related cases, often requiring several API calls per use case. |
| Browser not required. | Doesn’t follow OAuth or OIDC standards. |
| No redirection for the user. | Your application will see sensitive user credentials. |
| You are able to build custom workflows to suit your business needs. For example, asking for an email on one screen, a password on another and requesting MFA on a third. | You must handle all session management. |
| You build it, you maintain it. | |
| You are responsible for implementing new FusionAuth functions when they are released. | |
| You must ensure that you handle every Login API status code correctly and securely. | |
| By default, the Login API requires an API key. |
Thanks again for choosing FusionAuth for your customer login solution. Make sure to check out our library of Articles for more helpful information. Not yet a FusionAuth customer? What are you waiting for? Get started for free today!