AuthN in Minutes: MFA, EULAs, and Social Auth out of the Box

Keith CaseyKeith Casey
3 min read

When we think about Authentication, every developer has one of two reactions:

The first is “I’ve got this'' and they quickly slap together a database and form and call it complete. Then they think about password hashing, account reset flows, and sending email. At this point they realize they need not just multi-factor but multiple multi-factor options and email templating. What started as a 1 point task has turned into a bottomless pit of effort driving them to the second reaction…

The second reaction is a little more thoughtful. We’ve struggled through email templating, session management, social authentication, and a hundred more requirements and then we’ve realized their lives are better spent on more interesting problems and we choose an Identity Provider.

At Pangea, we’ve been there, done that and we are done with it too.

Introducing AuthN

Today I’m happy to announce the general availability of our Authentication service.

At release, we support all the fundamental capabilities for secure and reliable authentication including scenarios like:

You can wire multi-factor authentication options ranging from simple email magic links to SMS to a TOTP provider. Flip a few toggles and we’ll handle the enrollment and prompting for you.

Then to expedite onboarding, you can add social authentication for Google and Github. We start you with a default configuration but you can add your own with just a few clicks.

To give you flexibility in your session management, you can choose between an opaque token or JWT and then include a refresh token to extend the session as you see fit.
And finally, while you can certainly build everything with our AuthN APIs and supporting SDKs, branding the Hosted Login flow - which includes all of these capabilities and more - will make authentication a 1 point task again.

One framework to code secure apps faster

Pangea was founded to be a suite of APIs to help you bake better security into every portion of your app and we’ve approached AuthN the same way. We’ve built our onboarding and authentication flows to support pluggable components to protect your configuration, your application, your authentication, and your users.

At launch, we’ve taken the first step by including our Vault Service to securely store and manage the credentials within your AuthN configuration. You can set your SMTP provider’s password, the client secret for your social auth providers, and even your captcha credentials once and manage them outside that flow going forward.

What’s Next

In our next release, we’ll embed our Threat Intelligence services into your user registration and authentication flows to protect your apps and users every step of the way. Threat Intelligence is a mutli-faceted set of capabilities.

First, we have the Embargo service to block access to your app from certain countries to enforce export and access restrictions. This is the simplest way to comply with legal requirements without changing your app.

The IP Intelligence service gives you the ability to identify VPNs, proxies, and even IPs associated with botnets to block bad actors before they become your users. Once we integrate our User Intelligence service, you can move beyond protecting your app and protect your users when their credentials were compromised elsewhere

All of these capabilities will activate when your users initially sign up and each time they authenticate. The best part is configuration of each embedded Intelligence service will be a few clicks and zero additional code. These features are in development right now and will be available before the end of the year.

We want to help you build secure apps faster and we believe our AuthN service is an important shift. Instead of plugging in our services piecemeal, having a single integrated component like AuthN gives you scalable, configurable security to protect your app, your users, and your organization.

Sign up and get started with MFA, Social Auth, and your first 5,000 monthly active users for free.

0
Subscribe to my newsletter

Read articles from Keith Casey directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Keith Casey
Keith Casey

Keith “Danger” Casey currently serves on the Product Team at Pangea helping teams launch their systems faster and easier than ever before. Previously, he served on the Product Teams at ngrok launching GTM efforts, Okta working on Identity and Authentication APIs, as an early Developer Evangelist at Twilio, and worked to answer the Ultimate Geek Question at the Library of Congress. His underlying goal is to get good technology into the hands of good people to do great things. In his spare time, he writes at CaseySoftware.com, lives in the woods, and has recorded numerous API courses with LinkedIn Learning.