The Ultimate Guide to Outsourcing Your Auth
The Ultimate Guide to Outsourcing Your Auth
About the Book
Almost every software application has users. In the online world, applications may have one or few users, if internal, or billions of users, if Facebook (hi Zuck!). Most applications customize functionality and the user interface for each user because of business rules or customer expectations.
Users are a fundamental entity. If you are building an application, you'll almost certainly have users. At FusionAuth, we've built a flexible auth system that makes managing users easy and secure. We talk to people about their auth systems every day and have helped plenty of folks migrate to FusionAuth from other systems, whether commercial, open source, or homegrown.
While modern auth systems can be quite complex, three pieces of functionality appear in almost every one: authentication, authorization and user management. When you are implementing an application, you can choose to build this functionality from scratch or use an existing auth system provider to outsource.
Much like you outsource your data management to a relational database system such as Postgresql, you can do the same with auth, with many of the same benefits.
This book will cover how to evaluate an auth system, risks you might encounter and how to mitigate them, and migration and implementation details.
About the Author
Table of Contents
-
What Is an Auth System
- Authentication
- Authorization
- User Management
- Categories of Auth Functionality
- Conclusion
- Evaluation
-
Why Outsource Your Auth System
- Speed To Market
- Consequences Of an Auth Breach
- Consequences Of an Auth Outage
- Maintainability
- Cost of In-House vs Outsourced Auth
- Auth May Be Unrelated to Your Core Competency
-
Getting Buy-In For Outsourcing Auth
- Your Boss
- Your Developers
- Project Management
- Product Management
- Legal
- Quality Assurance
- UX and Design
- Security
- Infrastructure
- Opportunity Cost
-
Performing Due Diligence on Authentication Vendors
- Examining the Authentication Provider’s Security Standards
- Measuring Performance With Benchmarks
- Engineering Effort to Implement Authentication
- Pricing
- Conclusion
-
The Value of Standards-Compliant Authentication
- Why Use a Standardized Authentication Protocol?
- Survey Of Authentication Standards
- Conclusion
-
Open Source Vs Commercial Auth Providers
- Open-Source Authentication Providers
- Commercial Authentication Providers
- The Final Showdown
-
The Value of Trying Your Auth Provider Before You Commit
- Advantages of Trying an Auth Provider Before You Buy
- Running an Effective Trial
- Free Trials Are Important
- Risks
-
Common Authentication Implementation Risks and How to Mitigate Them
- Security and Privacy
- Performance
- Regulatory Compliance
- Cost and Time
- Integration and Features
- Vendor Assessment
- Conclusion
-
Avoiding Authentication System Lock-in
- Look For Open Standards
- Consider Portability
- Limit Your Usage Where You Can
- Insulate Your Application
- Have a Backup Plan
- Wrapping Up
-
What To Do When Your Auth System Vendor Gets Acquired
- Short-Term Concerns
- Short-Term Benefits
- Long-Term Concerns
- Long-Term Benefits
- Mitigating Concerns
- Conclusion
- Implementation
-
Multi-Tenant Vs Single-Tenant IDaaS Solutions
- Multi-Tenant
- Single-Tenant
- Multi-Tenant Within a Single-Tenant Solution
- Private Labeled Identity
- Dev, Stage and Prod
- Conclusion
-
Making Sure Your Auth System Can Scale
- Why Scaling Auth Is Hard
- How Can You Effectively Scale Your Authentication?
- Conclusion
-
When to Self-Host Critical Application Architecture
- Evolution Of Self-Hosting
- The Benefits Of Self-Hosting
- The Downsides Of Self-Hosting
- Legal Considerations
- A Non-Permanent Choice
- Conclusion
-
Migration of Auth Data
- Why Migrate User Data
- Types Of Migration
- Planning and Mapping
- Big Bang Implementation
- Segment By Segment Implementation
- Slow Migration Implementation
- Conclusion
-
Best Practices for Registration Forms
- Is a Registration Form Needed At All?
- Ease the Pain Of Registration
- Multi-Step Registration
- Final Thoughts
The Leanpub 60 Day 100% Happiness Guarantee
Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
Now, this is technically risky for us, since you'll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, that we're happy to offer a full money back guarantee for everything we sell.
You can only find out how good something is by trying it, and because of our 100% money back guarantee there's literally no risk to do so!
So, there's no reason not to click the Add to Cart button, is there?
See full terms...
80% Royalties. Earn $16 on a $20 book.
We pay 80% royalties. That's not a typo: you earn $16 on a $20 sale. If we sell 5000 non-refunded copies of your book or course for $20, you'll earn $80,000.
(Yes, some authors have already earned much more than that on Leanpub.)
In fact, authors have earnedover $13 millionwriting, publishing and selling on Leanpub.
Learn more about writing on Leanpub
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.
Learn more about Leanpub's ebook formats and where to read them
