You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Client-side -> pass by ref? pass by val? if by-val then how to revoke/refresh?
Server-side -> easy, just send "ok"
Pools, should allow plugin infrastructure
Database
There should be some type of password policy
Password history (remember last X passwords)
Password dictionary
Personal data (disallow data from metadata, username, etc)
Check with troyhunt's password database
Password Strength (minimum length, complexity)
Social
We probably need to enrich the profile data, this could be done with a trigger. Alternatively we could have default implementation / default enrichment strategies here.
How do we deal with the redirect URL? how do we transmit the auth data on the back channel?
Enterprise (LDAP, ...)
Passwordless < requires transactional api
API to list all of the auth methods to show the proper buttons etc
MFA
Using push notifications (requires app)
Using duo security
Using Google AuthN
Using SMS
Notifications
Add an ory:// provider that works together with sparkpost
Add support for smtp:// providers
Templates with i18n are required for this - or maybe just a trigger?
Callbacks/Triggers/Event Manager (should be implementable with HTTP, NATS, ...)
Triggers when registering a user (pre/post) - for example enriching data from SSO providers?
Triggers when authenticating a user - for example block authentication?
User Management
Ban/Block
We could have two types of metadata, app (not writeable by user) and user (writeable by user)
Multi-tenant, realms
Searching users
... could be a remote api maybe?
The text was updated successfully, but these errors were encountered:
these are just random notes, for now
ory://provider that works together with sparkpostsmtp://providersThe text was updated successfully, but these errors were encountered: