It’s pretty safe to say, that everyone using the web has already made an account for some website. For the broad masses the most common ones would be social media sites like facebook, youtube and twitter. Then there are also online shopping platforms like e-bay and amazon, and more techie orientated pages like stack overflow and all sorts of version control repositories.
(And of course various others for anything and everything else…)
The good thing is, that you don’t need to create a separate account for every single one, but are offered the possibility to just sign in with an account you created for a different service.
The page for which you want to use a different account needs to request data from the original website and use it to authenticate the user (without their input).
In order to give both the requesting website and the user assurance that the data will be safe and reliable some sort of standardisation is required.
Most commonly used is the open standard for authorisation OAuth.
With OAuth it is possible for users to grant access to their information from a certain website without giving away their credentials.
In order for the third party application to obtain specific information about a user, it has to request an access token from the authorisation server, and when the user grants the permission, use that token to access the resources from the website.
In our specific case we want users to be able to log in to Icinga Exchange with their GitHub accounts.
If you now also want to integrate GitHub on your website and/or see how it’s done: they have a detailed tutorial here.
0 Kommentare