In this guide, you will set up a hardened, fully functional OAuth 2.0 (OAuth2) server. It will take you about ~15 minutes. This guide is for you, if you are looking to do something like in the gif on the right, or more specifically:
- You want to use OAuth2 for API security.
- You want to open up your API to third party developers like Dropbox, or GitHub.
- You want to become and identity provider like Google, Facebook, or Twitter.
- You need to federate (delegate) authentication or authorization.
We will use ORY Hydra (open source), a security-first OAuth2 and OpenID Connect server written in Golang.
At first, there was the monolith. The monolith worked well with the bespoke authentication module. Then, the web evolved into an elastic cloud that serves thousands of different user agents in every part of the world.
Hydra is driven by the need for a scalable, low-latency, in memory Access Control, OAuth2, and OpenID Connect layerthat integrates with every identity provider you can imagine.
Hydra is available through Docker and relies on RethinkDB for persistence. Database drivers are extensible, in case you want to use RabbitMQ, MySQL, MongoDB, or some other database instead.
OAuth is a pain. Flask-Dance makes it better. Learn how the Flask-Dance library was created, and why it makes it easier to use OAuth-enabled APIs like Facebook, Twitter, Google, GitHub, and a lot more.