Aidbox is coming with built-in auth module with out of the box:

  • OAuth 2.0 and OpenID Connect Auth server implementation

  • Sign Up/Sign In workflows with email or phone number

  • Sign In using user password or external Auth Providers (like Google, Facebook, Auth0 etc)

  • SCIM User and Group management module

  • Access by JWT for Aidbox as a resource server

How to choose your flow?

API Consumer

If you have backend service or periodical job, which wants to interact with Aidbox API - you can use session-less Basic Auth, Client Credentials Grant (OAuth) or Access by JWT.

Web Application

If you want to work with Aidbox from web application or implement Single Sign On using Aidbox as Identity Server consider Authorization Code Grant or Access by JWT

Single Page Application

For SPA you can use Implicit Grant, Authorization Code Grant without secret or Access by JWT.

Mobile and Desktop Application

For mobile and desktop application simplest option is Resource Owner Credentials

Auth Sandbox

Aidbox is coming with Auth Sandbox - small app, which helps you configure and test all features of Auth module in Aidbox. Click link Auth Sandbox in Aidbox UI navigation menu: