This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

OAuth app for self-hosted

Posted on 05-29-2023 11:11 AM
reddnick
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi, I am developing an analytics platform. There is integration with OAuth for user authorization and subsequent requests via API on backend. Now there is a task for a self-hosted solution. This cannot be done through ouath2, because only one domain is tied to the callback URL, the case is that each user sets up a platform for himself (server) and has his own domains. What can solve this problem, or in which direction to look?

0 1 472
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
Roderick
Staff
Reply posted on --/--/---- --:-- AM

Hi there,

Great question! I am not an expert in this product area, but I do have some thoughts... If you're looking for a self-hosted solution for user authorization and API requests that doesn't rely on OAuth 2.0 with a fixed callback URL, you can consider implementing a custom authentication and authorization system.

Here's a high-level overview of a possible approach:

  1. User Registration: When a user sets up their platform, they would register an account with your analytics platform. During the registration process, you can generate a unique API key or token for that user.

  2. API Key Authentication: Instead of relying on OAuth 2.0, users would authenticate their requests to your analytics platform using the API key or token. They would include this key in the request headers or as a parameter.

  3. Authorization and Permissions: Within your platform, you can set up roles and permissions to control access to different resources and features. Each user can be assigned specific permissions based on their requirements. For example, you might have read-only access, write access, or administrative access levels.

  4. Domain Verification: To ensure that requests are only made from authorized domains, you can implement a domain verification process. During the user registration or setup phase, users would provide their domain(s). To verify ownership, you can ask them to add a specific DNS record or upload a verification file to their domain's root directory. Once verified, you can associate the verified domains with the user's account.

  5. API Endpoint Configuration: Users can configure their platform/server to make API requests to your analytics platform, specifying their API key in the request headers. The requests should include any necessary parameters or data required by your analytics platform.

  6. User Isolation: It's crucial to ensure that each user's data and configurations are isolated from each other. You should have a robust data architecture in place that separates user data and provides secure isolation.

By implementing this custom authentication and authorization system, users can set up their platforms on their own servers and make API requests to your analytics platform using their unique API key. The domain verification process helps ensure that requests are originating from authorized domains.

Remember to implement secure practices, such as using HTTPS for encrypted communication, properly securing and hashing user credentials, and regularly reviewing and updating your security measures to protect user data and the integrity of your analytics platform.

 

0 Likes
Top Labels in this Space