
Ask HN: What is best 3rd party authentication for developers - prats226
I need to integrate 3rd party authentication to our API product where developers can sign up. Should I use google or github or own Oauth. Issue with google is developers from china can&#x27;t sign up. For github, I don&#x27;t know if I can always get email to reach out to developer later. With our own Oauth, we will need to manage passwords etc. What are your thoughts?
======
stephenr
Managing passwords isn't like handling nuclear waste.

I'd suggest that researching best practices and either implementing them or
finding a library to do it for you is a worthwhile exercise, which you will be
glad of next time <3rd party> is down, changes their services, etc.

~~~
prats226
I think big 3rd party services like google can be used reliably? Just that in
the beginning, adding own authentication with password management, email
verification, password reset would be too slow to implement and maybe less
secure than 3rd party? And in the moment of crisis like a hack, it does feel
like handling nuclear waste!!

~~~
stephenr
Google is the poster boy for "fuck you we don't support this any more"

Also, you're then forcing users to sign up for an account with the provider
you choose. Some people choose not to have a Google/etc account.

~~~
prats226
Doubt it will happen with authenticator since many of their other services
would be dependent on it unlike some of the services they have shut down?

~~~
stephenr
Honestly I wouldn't rely on their own internal services using it being a great
reason they'll keep it going.

Deviating from Open Standards in favour of their own google-specific services
is pretty much step one in their playbook now.

------
danjoc
Auth0 seems really nice. Saw their pitch. Haven't had a chance to integrate it
in anything yet. Plan to do that soon in an app I will write on my own time.

~~~
prats226
I tried Auth0 and its really bad. Documentation is very inconsistant and
really regret choosing it. Going to use some 3rd party library.

------
johnnycarcin
I feel like a salesman because I always am bringing up azure but... You might
take a look at the azure active directory b2c service. You can use stand alone
azure ad or integrate with other various providers (Google, Facebook,etc).
Their posted child is the real Madrid website which uses it.

------
giaour
If you want to avoid handling passwords but still have a traditional login
form, you could try a managed directory like Auth0, Stormpath, or Amazon
Cognito User Pools

