Building a secure SaaS application with Amazon API Gateway and Auth0 by Okta

Click for: original source

Most applications require a form of identity service to manage, authenticate, and authorize users. In software-as-a-service (SaaS) applications, multi-tenancy adds specific challenges to this task that are important aspects to consider when designing a multi-tenant identity management service. By Humberto Somensi.

In this post, author will dive deep into the Auth0 identity platform by describing how to leverage Auth0 Organizations to enable multi-tenant identity in SaaS solutions, and how to integrate it with Amazon API Gateway, covering:

  • Auth0 essential building blocks
  • Auth0 Organizations: Your tenants in a nutshell
  • Multi-Tenant setup with Auth0 organizations
  • Onboarding new tenants
  • Login flow
  • Securing your application with Amazon API gateway
  • Using SaaS Identity to harden your tenant isolation posture
  • Exploring More Complex Use Cases

Identity is an important and complex subject in any context. When analyzed from a multi-tenant perspective, some new challenges are imposed. Like with anything we do at Amazon, start by understanding what your customers require. Then, select the appropriate identity provider and design your application to meet your customer needs. Very informative!

[Read More]

Tags apis serverless infosec cloud app-development web-development microservices