What Is Authentication? - Intro To Identity Series

Shh, hello, I'm, Daniel, and I'm Alan. And we are here to talk to you about authentication in our last video. We kind of did a high-level video on what is identity, and why does it exist? And today we're now going to get a little more granular so let's start off with authentication Alan. What is authentication, so authentication is basically the problem of taking a real world person, URI, that's, a real world, personal world, person who's sitting in front of a computer and working out who they are in others. Words, working out which particular piece of information that we've got in our Sanity store relates to that person.

So somehow we've got to tie these two things together. So who are you who are you? Yeah? And basically, we talked about in the last video that you don't want to have the developers build that into every single app.

You want to do it once you want to do it. Once you want to share that information is in the are. Okay. So if I want to figure out who that is, how do I do it in the world. Well in the world of identity, you would probably have some kind of login page, right? And these applications would send the user to this login page where they authenticate or type in some information that only they know most of us have used a username and password or something like that to authenticate ourselves.

The identity system takes this information and that's, some magic make sure that it is indeed you and can now tell each one of these applications that yes, Daniel has logged in. So if that's.I and I'm Daniel, trying to have my smartest app when I hit that app it's, not resolving the authentication of the app, but rather bouncing into the identity system. Correct? So the application is just saying tell me who this is, and it gets told, ah, this is Daniel, and so I don't need to build blogging pages for every single app here. Absolutely not. We can share that.

And all the applications can take that same longer. Okay, that's, pretty impressive. That's it. So this seems really simple, but does it get. More complex like what if I want to authenticate in different ways, absolutely so there's, a lot of complexity here, because everybody wants to determine who the user is differently. We've all used banking applications where you've got a username and password and some magic pin or there are other applications where you have to use some kind of secret token that gets emailed to you to each one of these are different ways of determining who that user is okay. So based on the security of the based.

On the importance or how much secure do you want to build into those. Absent patient could be where the user is I'll be based on all sorts of different things. Those are the examples we talked about a token card that banks, you could be one-time password via phone click, each card or some terrible app. Absolutely. It could be a social identification, right?

I could maybe use my LinkedIn. Well, absolutely use a link to log in. But what that means is that behind this it's, not just one single. Authentication, right, we want to have the possibility to use a whole range of different kinds of authentication or different authentication modules. Yeah.

And so it's important that the identity system be able to have those different types of extent that extensibility to support those different levels, absolutely or in fact, for these to be customized because each custom a want to do additional things when they authenticate a user. Interesting, okay. Well, I think that gives a good introduction to.

What authentication is in our next video I think we're going to hit on multifactor often most effective excellently. Okay. Thank you.

Dated : 18-Apr-2022

Leave Your Comment