undefined | Better HN

0 pointsjbverschoor3y ago0 comments

There are two problems here

1) let a third party handle authentication (Code)

2) let a third party handle authentication (SSO)

Number 1: don't do that Number 2: Only do that if you are in control of SSO, or if you are very certain you won't have problems contacting the provider. (so not google in this case)

0 comments

viraptor3y ago

> Only do that if you are in control of SSO

In reality: you do this if TCO of doing it internally < TCO of doing it externally + risk. There's quite a few people who estimate the risk is worth it.

j / k navigate · click thread line to collapse