I am building a muli-tenant saas(software as a service) architecture. I have to build the authentication system for the system.

From what I have studied, I think I need to the build the authentication system based on OAuth2.0 and the bearer token with JWT tokens.

After reading a lot about OAuth2.0 of how to build an OAuth2.0 server I still didn't understand the full concept of OAuth and also have confusion about whether I need it or not or I need some other Authentication system.

What my system need is we will provide an SDK to all our customer and each client will have an Application Id and a secret key using the SDK client will connect to his application present in our system.

The application ID will map the customer to his application present in our system and the client secret key will authenticate the client inside the application.Do I still need to build an authentication system based on OAuth2.0 or can I build my own authentication system based on our need?

What are the use cases of OAUTH2.0 and when we won't need it to implement?

2016/05/02 04:15
  • oauth
  • authentication
  • 点赞
  • 收藏
  • 回答