Strategies

Strategies listed on this page can be used by Passport for authentication. If you have implemented a strategy, please add it to the list so the community can find and use it.

Table of Contents

• Forms
• Standards
• Providers
• Enterprise
  • Identity Management
  • Content Management Systems
  • Service Integration
• API
• Multi-Factor
• Other

Forms

• Local — username and password form submission
• Remember Me — remember me cookie
• Easy No Password — passwordless authentication with a code delivered via email or SMS

Standards

• OpenID
• OpenID Connect
• OAuth — implements OAuth 1.0 and OAuth 2.0
• OAuth2 + OpenID Profile - implements OAuth2.0 with OPenID profile parsing.
• BrowserID
• SAML — implements SAML 2.0
• WS-Federation + SAML 2.0 — implements WS-Federation with support for SAML 2.0 tokens
• WebID — implements WebID

Providers

• Gluu — OpenID Connect
• 23andMe
• 37signals
• 500px
• Adobe
• AllPlayers.com
• Amazon
• AngelList
• Animexx
• AOL
• AppFigures
• Apple - OAuth 2 (New 2019)
• Apple
• App.net
• Asana
• Assembla
• AT&T Foundry
• Authing
• Auth0
• Authentiq — OpenID Connect
• Authic
• Autodesk Forge
• AWS SES — password-less authentication with AWS SES email delivery
• Baidu
• Beatport
• Bitbucket
• bitly
• BlueMix - IBM ID - OAuth 2.0
• Box
• Buffer
• Bungie - OAuth 2.0
• Chalkable
• Cisco Spark — OAuth 2.0
• Cloud Foundry — OAuth 2.0
• Cloud Foundry — OpenID Connect
• Coinbase - OAuth 2.0
• Curity
• DailyCred
• Default Dynamics
• Desk.com
• Digg
• Discord
• doctape
• DocuSign
• douban
• Dropbox
• Dropbox - OAuth 2.0
• Dwolla
• easydb
• Edmodo
• Eventbrite
• Evernote
• Everyplay
• EyeEm
• Facebook
• Facebook Canvas Apps
• Facebook Token — authenticates a previously issued access token
• FamilySearch — OAuth, OAuth 2.0
• Fanfou
• Fitbit
• FIWARE — OAuth 2.0
• Flattr
• Flickr
• Force.com — used with Salesforce, Force.com, and Database.com
• Foursquare
• FreeAgent
• FreedomWorks
• FreshBooks
• Geeklist
• Geocaching
• Geoloqi
• GitHub
• Goodreads
• Google — OpenID
• Google — OAuth, OAuth 2.0
• Google — OpenID Connect
• Gowalla
• HackID
• human/api
• imgur
• Indiana University CAS
• Instagram
• Intercom
• Intuit — OpenID
• Intuit — OAuth
• JWTCookieCombo – JSON Web Token
• Justin.tv
• Kreativität trifft Technik
• Kerberos-GSS-Wrapper
• Lichess OAuth2
• LinkedIn OAuth1.a
• LinkedIn OAuth2
• LITauth
• Mail.Ru
• MailChimp
• me2day
• Meetup
• MercadoLibre
• Microsoft (Graph API)
• miiCard
• MixCloud
• mixi
• MojeID
• MyMLH
• MyUSA — OAuth 2.0
• Nate — used with Nate and Cyworld
• Nest
• Netatmo
• Netflix
• Netlify
• NTLM/SPNEGO
• Nylas
• oDesk
• Odnoklassniki
• Ohloh
• OpenStreetMap
• ORCID
• osu!
• Outlook - OAuth 2.0
• PayPal — OpenID
• PayPal — OAuth
• PhantAuth
• Persona — BrowserID fallback IdP operated by Mozilla
• picplz
• Pinterest
• Pocket
• Podio — by @mjpearson
• Podio — by @chilts
• Predix
• Privakey
• QQ
• Rakuten
• Rainbow
• Rdio
• Readability
• reddit
• Renren
• RunKeeper
• Saasform
• Schoology
• Sense
• Sina Weibo
• Singly
• Slack
• Slice
• SmugMug
• SoundCloud
• Spotify
• Stack Exchange — used with Stack Overflow, Server Fault, etc.
• StatusNet
• Steam
• Stitchz
• StockTwits
• Stripe
• Strava
• SUPINFO
• Teambox
• Teamsnap — OAuth 2.0
• Tencent QQ
• Texas School Safety Center
• The City — OAuth 2.0
• Trade Me
• Trello
• TripIt
• Tumblr
• Twitch.tv
• Twitter
• Twitter Token — authenticates a previously issued OAuth token
• Typetalk
• UltraAuth
• University of Cambridge (Raven)
• University of Warwick
• Untappd
• Urlship
• Vimeo
• Vimeo — OAuth 2.0
• VKontakte
• Weibo
• Windows Live
• Withings
• WordPress
• Wunderlist
• XING
• Yahoo! — OpenID
• Yahoo! — OAuth
• Yahoo! JAPAN
• Yammer
• Yandex
• YouTube

Enterprise

Identity Management

• Apache mod_auth_tkt — integration with Apache mod_auth_tkt
• Windows Authentication — integration with IIS and Active Directory
• Windows Azure AD — integration with Windows Azure Active Directory using WS-Federation / SAML-P
• Atlassian Crowd
• LDAP — integration with LDAP directory services
• OpenAM
• OpenSSO
• Osso

Content Management Systems

• Drupal — Drupal-powered sites using OAuth Login Provider module
• SharePoint — for use with SharePoint 2013 on-premise and Office 365 using OAuth 2.0

Service Integration

• Heroku Add-on — for Heroku Add-on Single Sign-on
• Windows Azure — for SSO with Windows Azure Store management portal
• UserApp — for password authentication with UserApp

API

• Basic — HTTP Basic scheme, RFC 2617
• Bearer — HTTP Bearer scheme, RFC 6750
• Digest — HTTP Digest scheme, RFC 2617
• Hash — hash query parameter or X-Auth-Hash header
• Hawk — HTTP Hawk scheme, hueniverse/hawk
• Local API Key — apikey query parameter or request body
• Header API Key — apikey header parameter (eg. "Authorization: Api-Key 12340d913d049...e1c23f4e91d")
• OAuth — HTTP OAuth scheme, RFC 5849
• OAuth 2.0 Client Password — OAuth 2.0 client password, RFC 6749
• OAuth 2.0 JWT Client Assertion — JWT profile of OAuth 2.0 assertions, draft-jones-oauth-jwt-bearer
• OAuth 2.0 Public Client
• ReverseProxy - Reverse HTTP Proxy authentication via custom HTTP Request Headers (e.g, IBM WebSeal, Apache against PAM)

Multi-Factor

• HOTP
• Privakey - Simple Multi-factor authentication built on top of OpenID Connect
• TOTP

Other

• Anonymous
• Dummy
• Url-token
• lnurl-auth