User, Identity and Authenticator
To fully configure and use Authgear, you need to understand 3 important concepts in Authgear's flexible yet powerful authentication system:
    User
    Identity
    Authenticator
Combining identity and authenticators, Authgear can support a lot of different authentication needs such as, but not included to:
    Simple email / username / phone sign in, with or without 2FA
    Email or SMS Passwordless login
    SSO login such as Google / Facebook etc
    Phone sign in with Password as the 2nd factor like telegram or whatsapp
    A lot more.

User

A user represents an entity who use your app, usually a person. Each user can have multiple identities.

Identity

Identities are the way users can identify themselves, such as username, email and phone. Identities could also came from an OAuth Provider such as Google/Facebook SSO, or Sign in with Apple.
Currently, Authgear support the following identity:
    Email
    Phone
    Username
    OAuth Provider:
      Google
      Facebook
      Azure Active Directory
      Linkedin
      Sign in with Apple
    Anonymous
Each identities have its configuration. For example email could be configured to block "+" or not, or if a username is case sensitive or not.
Email, Phone and Username identities automatically create the email, phone_number and preferred_username claims. OAuth Provider might create a email claim depends on if the user's email is provided.

Authenticator

Authenticators are the way a user with an identity can authenticate themselves, each user can multiple primary and secondary authenticators. If secondary are configured or required, a user need to authenticate itself against both to be signed in.
Currently Authgear support the following authenticators:
    Primary Authenticators:
      Password
      One Time Passcode via Email or SMS (oob_otp)
    Secondary Authenticators:
      Password
      TOTP (2FA token)
      One Time Passcode via Email or SMS (oob_otp)
Secondary authentication could be optional (only if the user configured it) or required for all users.
Last modified 4mo ago
Copy link