System Design ( Day -16 )

Manoj KumarManoj Kumar
3 min read

OAuth

Can you remember all your passwords in your mobile, some can say Yes, but not all, everybody will save their passwords in the Password manager or the Google passwords, so that they don’t need to remember everything by themselves.

So what we can do? For any tech apps or websites every user needs to be onboarded, so for smoothing the process of onboarding, we’ll go for some of the trusted sources like Google, facebook, Github, LinkedIn and we use their existing infrastructure of their users and get their details and we’ll allow them to sign up or onBoard.

Let’s tackle this with the example, we’ll take a example of tinder, new user like you are signing up in to the tinder.com what they’ll ask either your phone number or any accounts, if you want to create a username and password you can create that but if you don’t want to remember username and password then you can continue with the accounts in the we have google.com, after that the tinder is going to access the google.com is this user is your database if that you are in the google.com then google will reply to you says hey look this Tinder wants to access your google account should i allow it. if you click yes then it’ll give the minimal access to the tinder, it will directly onboard you into their platform. that’s simple right.

So users want to onboard easily and fastly, users don’t need enter their mobile number and otp or like creating the account of first name last name gmail and password, they want those things in single clicks so that’s how OAuth makes it simple to use and implement for small startups to large scale businesses.

The advantage of OAuth is like we don’t need to verify the Users, the users are already verified by google or github or something else. so the hustle of doing verification will be reduced.
and we don’t have to maintain the passwords for that users, those users maintained by those OAuth companies, but by this we may have the account miss match, they can provide different account if they forgotten or something else.

Advantages
1 . Authentication Outsourced → Implementation, testing, debugging and so on.
2 . Easy User onboarding
3 . We can have more access to their data inside those big outsourced companies.
4 . Mobile Onboarding would be much more faster.

Drawbacks
1 . No control → like if google is down then you are also down it’s like that.
2 . Can’t ask for more data from the user while onBoarding.
3 . User data sharing happens in the outsourced companies for business or like Ads.
4 . Loss of User data if you lost that google account. High risk

0
Subscribe to my newsletter

Read articles from Manoj Kumar directly inside your inbox. Subscribe to the newsletter, and don't miss out.

oauthOAuth 2.0systemdesignSystem Design

Written by

Manoj Kumar
Manoj Kumar