More specifically, I mean being able to provide an OAuth2 service.
I’ve seen multiple websites used “Sign in with Twitter” “Sign in with Google” etc.. on their websites. I’m wondering if there’s a certain process you need to go through in order to allow other websites to use your websites to authenticate.
Let’s say I’ve got a website called “SomeRandomSite”, and people can sign up/sign into this site as they normally would, but then if you go to some other website you’d see a “Sign in using SomeRandomSite”.
When looking into it, I came across this article here:
http://scottksmith.com/blog/2014/07/02/beer-locker-building-a-restful-api-with-node-oauth2-server/
I have yet to finish reading all of it, but so far it seems like it’s only allowing your application to incorporate other OAuth services such as Google, rather than building your own.
I hope I explained this well enough haha.
2
Answers
It basically means you want to act as an IdentityProvider, take a look at ThinkTecture.
https://identityserver.github.io/Documentation/
It’s cetainly possible, but an Identity provider is usually a well known(trusted) party, between the IdentityProvider and the target site the user want’s to log into there should be a trusted relationship, in other words the target site should register with you the IdentityProvider
Getting started example
https://identityserver.github.io/Documentation/docsv2/overview/simplestOAuth.html
Implement OpenID Connect if you want to make your server behave as an Identity Provider (IdP). You can find a list of implementations of OpenID Connect in “Libraries, Products and Tools” page.