Best Practices

• Best Practices
  • Use Authing as an Identity Provider
  • Use single sign-on to implement user authentication and login status check in web applications
  • Use OIDC protocol to authenticate and authorize users
  • Use Guard
  • Verify the legitimacy of the JWT Token on the backend
  • Connect Authing user ID with business data in the backend
  • Use cloud development to execute subsequent business logic

Use Authing as an Identity Provider

1. Store all your users on the Authing platform, whether it is employee data or user data of self-developed applications, or IoT device data;
2. Read/modify user information and role permissions from Authing;
3. Judge the login status of the user/device via Authing;

Reference

Implement Single Sign-On Manage Orgnizations Verify Token

Use single sign-on to implement user authentication and login status check in web applications

Implement Single Sign-On

Use OIDC protocol to authenticate and authorize users

Access OpenID Connect

Use Guard

If you don't want (or don't understand) the OIDC protocol, it is recommended to use Guard to authenticate users.

Guard for Web Guard for Mobile

At the same time, we recommend that you configure social login or small program scan code login to enable end users to have a better login experience:

Web Social Connections Mobile Social Connections Mini Program Scan Code Login

Verify the legitimacy of the JWT Token on the backend

Click [See how to verify the legitimacy of JWT Token](../advanced/verify-jwt-token.md#use-oidc-application key verification-token).

If you use the OIDC process, it is recommended to verify the legitimacy of the JWT Token on the backend (to avoid OIDC key leakage).

Connect Authing user ID with business data in the backend

After using Authing, there is no need to create a separate user table. If you want to expand the user field, it is recommended to connect the Authing user ID with the expanded user field. If there is other business data, please connect the Authing user ID with the business data.

The field name of the user ID of Authing in the returned result is "id".

Use cloud development to execute subsequent business logic

Tencent Cloud Cloud Development (CloudBase) is a cloud-integrated product solution. It adopts a serverless architecture and provides basic resource services such as cloud functions, cloud databases, and cloud storage. It does not require operation and maintenance such as environment construction, and provides static hosting and command-line tools. (CLI), Flutter SDK and other capabilities, greatly reducing the threshold of application development, helping to quickly build small programs, web applications and apps.

After using Authing to complete the authentication, it is very convenient to use the cloud to develop and complete the subsequent business logic. Please refer to the following documents:

Tencent Cloud Cloud Development Product Details (opens new window)