Start Building

Choose the integration approach based on application type

Integration Approaches

There are 3 different high-level approaches to integrating Authgear with your applications:

Mobile apps or single-page web applications: The frontend clients integrate with Authgear’s SDKs, which handle full login flow and session management. It’s important to validate the session in your backend server.
Regular Web Applications: Traditional server-side rendered web apps that run on the server can use OIDC protocol to authenticate with Authgear. The application server has full control over the session storage.
Software built by others: Integrate with other OIDC/SAML compatible applications like WordPress, Salesforce for Single Sign-On.

Mobile apps or single-page web applications

Client-side SDKs

Client-side SDKs are designed for developers to quickly implement authentication with Auth UI on your web and mobile applications. After login, it returns the user data for your apps. It can open a hosted pre-built account settings page for the user to manage their own account. The SDKs manage session token storage automatically and have built-in token ownership protection (DPoP) against stolen refresh tokens.

Check out the following guides for your specific framework:

Guides for Frontend JS SDK
Guides for Mobile SDKs

Validate JWT in your backend server

After the frontend integration is complete, every request sent from your application to the backend server should include the Authgear session in its header. JWKS should be used to validate the requests and decode user information from the JWT access token. See Validate JWT in your application server for details and code examples.

Customization

You can customize the look and feel of Authgear prebuilt UI to match your branding. Events and hooks can be used to stay notified and add functionality during the authentication process.

User Management through backend server

The Authgear Admin API enables comprehensive user management via a GraphQL endpoint for your backend server. The server can perform operations including searching for users, updating user details, deleting user accounts, and disabling user access.

For detailed implementation instructions and API capabilities, refer to the Admin API guide.

Custom UI

If you wish to use a custom UI instead of the pre-built UI for signup and login, you need to deploy another server and complete the signup/login process using Authentication Flow API. See Custom UI for in-depth instructions.

Regular Web Applications

If your application is a traditional web app running on a server, you can leverage the OpenID Connect (OIDC) protocol to authenticate users via Authgear. A wide range of plug-and-play libraries can be found that simplify the integration process. These libraries handle crucial tasks such as authentication requests, session management, and redirecting users back to your application seamlessly.

See the following tutorials for your specific application framework:

Customization

You can customize the look and feel of Authgear prebuilt UI to match your branding. Events and hooks can be used to stay notified and add functionality during the authentication process.

User Management

The Authgear Admin API enables comprehensive user management via a GraphQL endpoint for your server. The server can perform operations including searching for users, updating user details, deleting user accounts, and disabling user access.

For detailed implementation instructions and API capabilities, refer to the Admin API guide.

Custom UI

Software built by others

When implementing identity management for your enterprise software, Authgear provides robust single sign-on (SSO) capabilities that seamlessly connect your workforce. Enterprise applications typically support standard authentication protocols like OpenID Connect (OIDC) and Security Assertion Markup Language (SAML)

Last updated 4 months ago

Was this helpful?