I'm trying to add identity verification to my web-app.
Ideal flow is that a protected page can only be accessed by people having certain email addresses. They can prove their identity using any social login(Google, LinkedIn etc.)
I only need to get user's email address from these platforms. Instead of building it on my own for each provider, I'm looking for a npm package or similar that does this.
I came across auth0, but
- They aren't free
- I don't need a 3rd party server side which creates users in their database. In fact, I wouldn't be creating users at all with this flow, it's only for identity verification.
I'm happy to generate my own client id and secrets for each platform and plug them in in a config file.
It's also not a requirement for me to show my branding for the verification, I'm happy to use 3rd party name coming on auth screen(As long as they're well known).
It is a requirement though, to keep the oauth scopes to be restricted to only read user's profile info and nothing else.
What are my options?
from Auth Library for social logins
No comments:
Post a Comment