Comments (3)
This sounds very interesting at a high level. The client would still need to know how to manage the user. For example, Firebase Authentication works in a similar way. Once the login is completed, Firebase sends an access token, which then needs to be verified on your server to ensure it was generated by Firebase. This verification is necessary because the authentication flow is initiated in the front end.
In the case of Nango, it seems that the front-end client will call Nango for authorization, providing only the desired provider for SSO. Nango will handle the authorization process and retrieve user information from the selected provider. Afterwards, Nango will generate a JWT token containing the user's sub, audience, email, and name, based on the user info. This JWT token can be added to a redirect URL provided by the client.
When the client logs a user in, they will need to call back to Nango to verify that the token was indeed created by Nango. During token verification, Nango will return the user's email and a connection ID (generated by Nango). In this case, Nango can use the email as the connection ID. All this will only be possible for providers that have user info endpoint.
I would like to know if this solution would be useful for the users, and I am happy to proceed with it. If needed, I can also provide a rough flow diagram for better visualization.
from nango.
I've seen several tickets regarding fragmented support for the OAuth2 spec, what are the current ones supported, and there are other flows that might be considered?
For now, it seems:
- implicit-flow seems to be missed
- OIDC (seems the case for calendly)
- any other?
from nango.
Moved to internal issue tracker
from nango.
Related Issues (20)
- Add support for ServiceNow REST API HOT 1
- [Roadmap] Local Runtime
- Add support for Freshdesk API HOT 1
- Need subdomain textbox for BASIC auth
- Hosted Nango went down HOT 1
- New packages cleanup HOT 1
- Models ending with the character "s" are created without it HOT 2
- Add support for Outreach API HOT 2
- [Dolfin] Extra Config Params Error HOT 1
- [Roadmap] Redesign Webapp HOT 2
- [Community] `last_action` property of records is incorrectly typed in Node SDK HOT 1
- Strava and Garmin Connect HOT 3
- Facebook access tokens are not updating HOT 3
- Add AWS integration HOT 4
- [Roadmap] Revamp error reporting HOT 1
- Facebook Oauth window is the wrong size HOT 1
- connectionCreatedHook run twice when using api to create connection HOT 4
- Add support for Tiktok API (Accounts and Marketing) HOT 1
- should be able to edit all params on "Add New Connection" page HOT 1
- [node-client] nango.listRecords does not work woth modifiedAfter HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nango.