STRATO OAuth Capabilities – Simple & Secure Login
Flashback to 2016, and you may recall almost every service you sign up for asks you to make an account with a username and password.
As the number of online tools we use continues to grow, companies and individuals alike may find themselves bogged down with a crazy list of usernames and passwords for the services they use – making it difficult to:
- Keep track of the services they use
- Securely share login information with a team
- Manage and update passwords to various services
Nowadays, users expect to be able to log in using existing account credentials from services like Google, Microsoft, and Facebook.
This awesome feature is made possible by OAuth, an industry-standard protocol for authorization.
What is OAuth?
OAuth – more specifically, OAuth 2 – is an industry-standard protocol for authorization. It enables third-party applications (like STRATO) to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service or by allowing the third-party application to obtain access on its own behalf.
At BlockApps, we love OAuth because it just works and because it’s an open-source protocol – meaning it is free to use and not owned by any one company.
BlockApps STRATO is already OAuth-enabled, meaning any network or application can be configured to allow users to log in with existing service providers. This feature is great for both the security and convenience of STRATO networks and applications.
Signing into STRATO in one click with a Google account – check out our developer guide here.
Simplicity for Users
With OAuth users simply sign in with existing accounts in one click, making their experience seamless. No more annoying username & password login information to keep track of, or even type in!
The benefit is further compounded for users who work with multiple accounts, providing additional simplicity to people who use the service the most!
Using OAuth means fewer passwords to worry about storing, updating, and (in some cases) sharing. OAuth has the security standards of the world’s most-trusted services (e.g., Google) and are updated as such, meaning less security risk for everyone involved.
Convenience for Teams & Enterprises
Automation & RBAC – a team or enterprise account (e.g., google) can also be used as a filter and automation tool. For example, you could use it to:
- Limit access to groups and teams within certain organizations (e.g., [email protected], but not [email protected])
- Configure automatic role-based access control (RBAC) so that new users get out-of-the-box features and access relevant to their role
Integration – If your team uses a specific service for access management overall (e.g., Microsoft AD), then the existing permissions schemes can easily be extended to STRATO as well. This leads to:
- Simpler access management for IT teams and enterprises: changes made in the organization’s system will automatically be reflected in STRATO
- Better integration with other services that use the same OAuth system: STRATO can access documents from shared drives or data from other services (e.g., SAP) on automatically on behalf of the user
- STRATO also accepts custom Discovery URLs so that any custom access rules are automatically matched in STRATO