Industry Standards
The following (industry) standards are supported.
OAuth 2.0
Including the modern CORS enabled authorization code grant for single-page applications, and advanced functionalities like Proof Key for Code Exchange
(PKCE) for mobile app logins.
OpenID Connect
Including the possibility to request authentication controls using the lesser known but powerful acr_values
attribute. Not only login but also logout has been implemented.
SCIM 2.0
The standard for identity management. We not only support creating and updating users, but also groups. This allows organizing users and assigning access rights.
SAML 2.0
A farily old specification for single-sign on, but still widely used in enterprise applications. The most common features are supported. SAML single logout has also been implemented.