Authing DocsDocuments
Concept
Guides
Development Integration
Application integration
Concept
Guides
Development Integration
Application integration
Old Version
Guides
  • Quick start

    • Authenticate your first user

      • Use the hosted login page to complete the authentication
      • Use the embedded login component to complete the authentication
      • Use API & SDK to complete authentication
      • Verify user credentials (token)
      • Authority management for users
      • Realize logout
      • Next you may need
    • Access methods for different types of applications

      • Integrate Authing in traditional Web App
      • Integrate in Single Page Application (SPA) Authing
      • Integrate in mobile terminal (iOS, Andriod) Authing
    • Console overview
  • Authenticate the user

    • Use account password authentication
    • Use SMS verification code authentication
    • Use social login authentication
    • Use scan code login authentication

      • Use self-built App to scan the code to log in to the website

        • Complete interface list
        • Custom configuration items
      • Use the mini program to scan the code to log in to the website
    • Certify in Mini Program
    • Implement single sign-on (SSO)
    • Single sign-on on the mobile terminal
    • Multi-factor authentication (MFA)

      • MFA of one-time password (TOTP) based on timestamp algorithm
      • MFA based on SMS verification code
      • MFA based on email verification code
      • Access MFA through SDK
    • Extend the authentication process

      • Add user-defined fields
      • IdToken add custom field
      • Use a custom database to authenticate users
      • Use Pipeline to extend the authentication process
      • Use Webhook to monitor authentication events
    • Personalize the guard
  • Authority management for users

    • Choose the appropriate permission model
    • Integrate RBAC permission model into your application system
    • Integrate ABAC permission model into your application system
    • Use permission group management permission resources
    • Manage resource permissions
  • Authorization

    • Inter-application authorization for user permission
    • M2M authorization
  • Manage user accounts

    • User field interpretation
    • Administrator create account
    • Manage user accounts
    • Binding account
    • Manage user's custom data
    • View user's login history
    • View the user's geographic location
    • Enhance account security
    • Manage user login status
    • Control which applications users can access
    • User groups
  • Manage User Directory

    • User Directory Configuration Item
    • Add custom user field
    • Search users
    • Use LDAP user directory
  • Management Application

    • Create Application
    • Configure login and registration method
    • Add registration agreement
    • Customize login box style
    • Become a source of federal authentication identity
    • Enable multi-factor authentication
    • Sub-account management
    • Implement single sign-on between applications
    • Manage user login status
  • Become a source of federal authentication identity

    • Become an OpenID Connect Identity Source
    • Become OAuth2.0 Identity Source
    • Become a SAML2 identity source
    • Become a CAS Identity Source
  • Connect to an external identity provider (IdP)

    • Social Identity Provider

      • WeChat QR Code on PC
      • Mini Program QR Code on PC
      • WeChat Official Accounts QR Code
      • Mobile App Use WeChat Login
      • Mobile App Use WeChat Mini Program Login
      • WeChat Web Page
      • WeChat Mini Program
      • Tencent QQ
      • Sina Weibo
      • GitHub
      • Facebook
      • Twitter
      • Google
      • Apple Mobile
      • Apple Web
      • Alipay
      • Slack
      • Gitee
      • GitLab
      • Baidu
      • NetEase YIDUN
      • QingCloud
      • Instagram
      • LinkedIn
    • Enterprise Identity Provider

      • WeCom Self-built App QR Code
      • WeCom Self-built App QR Code Login(Delegated Development Mode)
      • WeCom Service Provider App QR Code
      • WeCom Mobile
      • DingTalk H5 Micro Application (Internal Development)
      • Feishu Marketplace App
      • Feishu Custom App
      • Windows AD
      • Azure AD
      • OIDC
      • OAuth 2.0
      • LDAP
      • SAML
      • CAS
      • WeLink
    • Custom database

      • Configure database connection and scripting
      • Lazy migration of users to Authing
      • Fully use a custom database to save user data
      • Best Practice
  • Open up WeChat ecology
  • Migrate users to Authing

    • Use SDK to import users
    • Configure custom password function
    • Import users from corporate WeChat, DingTalk and other third-party identity sources
  • Management organization

    • Create or import an organization
    • Management organization
    • Manage member life cycle
    • Use LDAP protocol to open organization data to the outside world
  • Expandable capabilities

    • Use Webhook to monitor user events
    • Custom authentication process (Pipeline)

      • Create your first Pipeline function
      • Pipeline API Reference
      • Pipeline application scenario
      • Pipeline User Object
      • Pipeline Context Object
      • Use environment variables in Pipeline
      • Available Node Modules
      • How to debug
      • FAQ
      • Private deployment
    • Configure custom password function
  • Audit Log

    • Audit of user behavior
    • Audit of Administrator Behavior
  • Configure security information

    • Configure Web Security Domain
    • Configure password strength
    • Configure registration frequency limit
    • Configure the limit on the number of failed login attempts
  • Configure user pool information

    • Modify user pool basic information
    • Configure mail service and template
    • Configure SMS service and template
    • Add user pool collaboration administrator
    • Developer Configuration
  • Deployment plan

    • Basic deployment mode
    • Docker deployment mode
    • Kubernetes deployment mode
    • Custom Domain Name Configuration Scheme
  • Frequently Asked Questions FAQs

    • How to get user pool ID
    • How to get the application ID
    • How to verify user credentials (token)
    • Join table Authing in the local user and your business data
    • Impact of disabling third-party cookies on Authing
    • How to deploy a transit proxy server
  1. Guides
  2. /
  3. Authenticate the user

¶ Authentication

Update Time: 2022-05-31 20:00:58
Edit

No matter what type of application you are developing - internal employee IT system, toC account system or API exposed to other developers, user authentication is a vital part of it, and Authing will provide you with the most suitable authentication method.

Some browsers have begun to disable third-party cookies by default, which will affect some functions of Authing in certain scenarios. For details, please see: FAQ: How will the browser's disabling of third-party cookies affect the Authing function?

The login experience is one of the most important user experiences that software developers need to consider. It is not easy to provide users with a seamless, convenient and secure authentication experience. Generally speaking, the login logic is also associated with the logic of registration, password reset, and account association. More importantly, enhancing security in the form of robust and adaptive authentication during the login process is often critical to many implementations.

Authing provides a lot of authentication methods for developers to choose and combine. Password policies, frequent login checks, custom authentication procedures, etc. can all be done easily through the management console (basically, these operations can also be done through the Management API)

¶ OIDC / OAuth2.0 / SAML / AD / LDAP / social login

Authing supports access to your application and user data through standard protocols such as OIDC, OAuth2.0, SAML, LDAP, etc. You can safely use Authing as your Identity Provider. If you use Authing as the Identity Provider, you can connect to other third-party Service Providers, such as logging in to AWS, Azure, Jira, etc.

Authing can also be used as a Service Provider to connect to a third-party Identity Provider through standard protocols such as OIDC, OAuth2.0, SAML, LDAP, and AD. For example, you can log in to your application through Azure AD or local Windows AD. Authing can also use a third-party social login to automatically pull the user information of the social login user to your user directory.

You can understand the implementation principles of OIDC & OAuth2.0, SAML, LDAP, and AD here.

¶ Hosted login page authentication

Each application in Authing has an independent second-level domain name and is equipped with an online login page, which can be accessed by visiting https://YOUR_DOMAIN.authing.cn/login. You don't need to write one line of code to maintain the login page, you can do some customized configuration through the application configuration of the console.

¶ Embedded login form authentication

The Authing embedded login component is a lightweight, modern, and highly extensible front-end login component provided by Authing. It supports native JavaScript and the three front-end frameworks of React, Vue, and Angular. This built-in login component is basically the same as the login page hosted by Authing, and has strong customization capabilities. The component has built-in functions such as password reset, MFA, social login, and scan code login, all of which are highly configurable.

For more details, please see use embedded login component.

¶ Auth SDK

Authing provides front-end developers with a lightweight, developer-friendly Auth SDK (supports JavaScript/Node, Java, Python, PHP, C# and other languages), which allows you to implement your authentication logic more flexibly, quickly, and safely. The Auth SDK supports all authentication-related functions of Authing, including basic authentication, password reset, and account binding. You can get the user's id_token through this SDK, as the user's identity credential, and pass it to downstream applications.

Authing also supports SDKs in multiple languages such as Java, JavaScript/Node.js, Python, PHP, C#, Swift, Go, Ruby, etc. You can choose the SDK you are familiar with:

Authing also supports SDKs in various languages ​​such as Java, JavaScript/Node.js, Python, PHP, C#, Swift, Go, Ruby, WeChat applet, etc. You can choose the SDK you are familiar with:

  • Java/Kotlin
  • JavaScript/Node.js
  • Python
  • PHP
  • C#
  • Swift
  • Go
  • Ruby
  • Wechat

¶ Authentication API

The hosted login page mentioned before, embedded login component, and the underlying capabilities of the Auth SDK are all supported by the Authentication API. Authing Authentication API supports two calling methods: RESTful and GraphQL (endpoint is https://core.authing.cn/graphql/v2), you can also directly call Authentication API to implement authentication logic.

¶ Single Sign On

Single Sign On (SSO) is one of the more popular solutions for enterprise business integration. The definition of SSO is that in multiple application systems, users only need to log in once to access all mutually trusted application systems. We provide a dedicated SSO SDK for developers to quickly implement single sign-on between applications.

Prev: Console overview Next: Use account password authentication
  • OIDC / OAuth2.0 / SAML / AD / LDAP / social login
  • Hosted login page authentication
  • Embedded login form authentication
  • Auth SDK
  • Authentication API
  • Single Sign On

User identity management

Integrated third-party login
Mobile phone number flash check (opens new window)
Universal login form component
Custom authentication process

Enterprise internal management

Single Sign On
Multi-factor Authentication
Authority Management

Developers

Development Document
Framework Integration
Blog (opens new window)
GitHub (opens new window)
Community User Center (opens new window)

Company

400 888 2106
sales@authing.cn
16 / F, Block B, NORTH STAR CENTURY CENTER, Beijing(Total)
room 406, 4th floor, zone B, building 1, No. 200, Tianfu Fifth Street, Chengdu(branch)

Beijing ICP No.19051205-1

© Beijing Steamory Technology Co.