Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
FastAPI's tutorial on how to implement a basic OAuth server helped me a lot in understanding the basic concepts.
https://fastapi.tiangolo.com/tutorial/security/
After getting familiar, I self hosted Keycloak and integrated it with my FastAPI server.
https://www.keycloak.org/
Just to be clear, I'm not a security expert in any way, just learned myself while building things.
So here is what I'd refer to:
https://stackoverflow.com/questions/44133536/is-it-safe-to-s...
Regarding the Firebase, I see an open issue on this, so I guess we are not the only ones wondering :)
https://github.com/firebase/quickstart-nodejs/issues/194