Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
次世代認証プラットフォーム “Auth0” を使ってみた / Next Geneartion...
Search
Takahiro Tsuchiya
September 27, 2018
Technology
18
7.9k
次世代認証プラットフォーム “Auth0” を使ってみた / Next Geneartion Identity "Auth0"
* 外部認証基盤の話
* Auth0 / Amazon Cognito / Firebase Authentication / Netlify Identity の比較
* Auth0 を選んだ理由
Takahiro Tsuchiya
September 27, 2018
Tweet
Share
More Decks by Takahiro Tsuchiya
See All by Takahiro Tsuchiya
Kaigi on Rails 2024 - Rails APIモードのためのシンプルで効果的なCSRF対策 / kaigionrails-2024-csrf
corocn
10
5.9k
現場のエンジニアから見た採用担当との協働
corocn
7
3k
シリーズAをリファラル採用中心に走り抜ける / leaner-referral-engineer-2024
corocn
3
2.1k
捨てて加速するプロダクト開発 / sutete-speedup-product-development
corocn
3
690
リファラル採用にフルベットしてみた
corocn
3
3.8k
エンジニアとプロダクトマネージャーを兼任した1年間を振り返る / pdm-furikaeri
corocn
17
8k
育休のすゝめ #devsumi 2023
corocn
3
4.9k
GCPでRubyを動かしている話 / ruby on gcp
corocn
0
940
フルリモートワーカーのデスク選定 / how-to-select-remote-work-desk
corocn
1
630
Other Decks in Technology
See All in Technology
20250623 Findy Lunch LT Brown
3150
0
740
Model Mondays S2E02: Model Context Protocol
nitya
0
170
CI/CDとタスク共有で加速するVibe Coding
tnbe21
0
230
_第3回__AIxIoTビジネス共創ラボ紹介資料_20250617.pdf
iotcomjpadmin
0
140
AIエージェント最前線! Amazon Bedrock、Amazon Q、そしてMCPを使いこなそう
minorun365
PRO
10
3.4k
菸酒生在 LINE Taiwan 的後端雙刀流
line_developers_tw
PRO
0
1.1k
2年でここまで成長!AWSで育てたAI Slack botの軌跡
iwamot
PRO
2
130
Кто отправит outbox? Валентин Удальцов, автор канала Пых
lamodatech
0
260
登壇ネタの見つけ方 / How to find talk topics
pinkumohikan
1
140
Snowflake Summit 2025 データエンジニアリング関連新機能紹介 / Snowflake Summit 2025 What's New about Data Engineering
tiltmax3
0
220
Agentic Workflowという選択肢を考える
tkikuchi1002
1
340
第9回情シス転職ミートアップ_テックタッチ株式会社
forester3003
0
110
Featured
See All Featured
A better future with KSS
kneath
239
17k
Product Roadmaps are Hard
iamctodd
PRO
53
11k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
107
19k
Into the Great Unknown - MozCon
thekraken
39
1.8k
Typedesign – Prime Four
hannesfritz
42
2.7k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
16k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
248
1.3M
How to train your dragon (web standard)
notwaldorf
92
6.1k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
130
19k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
10
920
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
161
15k
Transcript
࣍ੈೝূϓϥοτϑΥʔϜ “Auth0” ΛͬͯΈͨ ςΫʮ࠷ۙͷWebٕज़ʹ͍ͭͯϫΠϫΠޠΔձʯ 2018/09/27ʢʣ Takahiro Tsuchiya / @corocn
Agenda • ࣗݾհ • ֎෦ೝূج൫ͷ • αʔϏεͷൺֱ • ೝূج൫αʔϏε “Auth0”
ͷհ
ࣗݾհ • @corocn / Takahiro Tsuchiya / و༟ • Misoca
Inc. • Auth0 Ambassador
ຊΛॻ͖·ͨ͠ ٕज़ॻయ4Ͱ൦ AmazonͰൢചத ·ͨվగ͍ͨ͠ʂ
ࠓͷ͓
ΣϒΞϓϦέʔγϣϯͱ ֎෦ೝূج൫ͷ
WebαʔϏεΛ࡞ΔͳΒೝূ ͷΈඞਢʹͳΔ
ͰຊʹϢʔβʔʹఏڙ͠ ͍ͨͷೝূ͡Όͳ͍
ͬͱαʔϏεͷຊ࣭తͳͱ ͜Ζʹ࣌ؒΛ͍͍ͨ
Ͱೝূͬͯ͘͠ͳ͍ʁ શવΘ͔Γ·ͤΜ ਓྨʹೝূ͍͠
Ͳ͏ͬͯػೳ࣮͢Δʁ
ࣗͰҰ͔Β࣮͢Δ • Βͳ͍΄͏͕͍͍ • ηΩϡϦςΟϗʔϧΛ࡞Δࣗ৴͕͋Δ • ंྠͷ࠶ൃ໌ • ηΩϡϦςΟͷ࣮ϊϋ֎ʹग़ͯ͜ͳ ͍ͷͰ͍͠
Frameworkඪ४ͷϥΠϒϥϦΛ͏ • ͋ΔఔϨʔϧʹΕΔ • ࠷ݶͷػೳ͔͠ͳ͍ • ڽͬͨॲཧͰ్ʹഁ͕ͪ͠ • RailsͷDevise? Sorcery?
ΈΜͳਏ͍ਏ͍ͱ ݴ͍ͬͯͬͯΔΑ͏ͳɾɾɾ
https://qiita.com/cigalecigales/items/73d7bd7ec59a001ccd74
৽͍༷͠ʹैͰ͖·͔͢ʁ • ύεϫʔυೝূ • SSO, Social Login, ύεϫʔυϨε • MFAʢଟཁૉೝূʣ
• FIDO 1.0 ʢU2F, UAFʣ • FIDO 2.0ʢU2F + UAFʣ, WebAuthn API ͙ͦ͢͜·Ͱ ഭ͍ͬͯΔ
ͦ͏ͩ ֎෦ͷೝূج൫ ͓͏
ҙ͍ͨ͜͠ͱ
• ֎෦αʔϏεΛ͑ηΩϡϦςΟϦεΫ͕ ফ͑ΔΘ͚Ͱͳ͍ • ࿈ܞ෦։ൃऀͰ࣮͢Δ • ͪΌΜͱཧղ͔ͯ͠ΒΘͳ͍ͱવࣄނ • ͰͪΌΜͱ͑େ෯ʹ࣮࣌ؒอकί ετΛݮͰ͖Δ
͍Ζ͍Ζࢼͨ͠
ࢼͯ͠ΈͨೝূαʔϏε • Amazon Cognito • Firebase Authentication • Netlify Identity
• Auth0 ← ࠷ऴతʹ͜Εʹམͪண͘
Amazon Cognito • AWSͷਂ͍͕ࣝཁٻ͞ΕΔ • UserPool, ID PoolͳͲ֓೦͕͍͠ • ֶशίετ͕ߴ͍
• αʔϏε͕AWSͬͨΓͳΒݕ౼͍͍ͯ͠ ͚Ͳɺݕ౼͢Δͷʹ͕͔͔࣌ؒΓͦ͏
Firebase Authentication • ແྉʢҰ෦ΦϖϨʔγϣϯʹ੍ݶ༗Γʣ • γϯϓϧɻμογϡϘʔυ͔ͳΓ؆ૉɻ • αʔϏεܧଓੑͳ͠ • GCPଞFirebaseαʔϏεΛ͏લఏͳΒ˕
• ࡉ੍͔͍͕ॻ͚ͳ͍ͷ͕ਏ͍ • υΩϡϝϯτಡΈͮΒ͍
Netlify Identity • ָ࣮ͩͬͨ • ػೳ͕Γͯͳͯ͘ɺϩʔΧϧͰͷσόοά ͕ࠔͩͬͨͷͰΪϒΞοϓ • ݱࡏվળ͍ͯ͠Δ͔͠Εͳ͍
Auth0 • ֶशίετͷ͞ɺ֦ுੑͷߴ͕͞࠷ߴ • ࠷ऴతʹ͜Εʹམͪண͘
None
Auth0ͬͯʁ • Ϋϥυೝূϕϯμʔ • IDaaSʢIdentity as a Serviceʣ • ຊࣾ
Bellevue, Washington • ϑϧϦϞʔτϫʔΫΛ࠾༻ • Company OffsiteʢΧϯΫϯͱ͔ύφϚͱ͔ʣ
IDaaS • اۀID͕ࢥ͍ු͔Ϳ͔ʢOkta, OneLoginͱ͔ʣ • Auth0ͷ߹C͚Ͱ͍͍͢ҹ •
ͱΓ͋͑ͣ৮ͬͯࢼͤΔ • جຊແྉͰ͑Δʢ22ؒEnterprise൛͕ࢼͤΔʣ • 7000Ϣʔβʔɺແ੍ݶϩάΠϯ • ύεϫʔυϨεରԠ • ΈࠐΈϑΥʔϜʢLockʣ← ͋ͱͰ
• ιʔγϟϧϩάΠϯʢ2ݸ·Ͱʣ • ແ੍ݶͷϧʔϧఆٛ ← ͋ͱͰ
๛ͳνϡʔτϦΞϧ
https://auth0.com/docs
Mobile
SPA
Web App 1
Web App 2
Backend API
• νϡʔτϦΞϧ͕Ұ௨Γἧ͍ͬͯΔ • JWT Handbook ೝূܥͷϒϩά • ͘ຊޠ൛Ͱͳ͍͔ͳʙʁʢνϥο • jwt.io
powered by Auth0 • ϒϥβͰ͑ΔJWTͷσόοάπʔϧ
None
Lock
None
Lock • Auth0͕ఏڙ͢ΔࠐΈϩάΠϯϑΥʔϜ • ֤छϓϥοτϑΥʔϜରԠ • ଟݴޠରԠ • ෦Ͱ Auth0
SDKʢauth0.jsͳͲʣΛ͍ͬͯΔ • ࡉ੍͔͍ޚ͕ඞཁͳ߹ͪ͜ΒΛ • νϡʔτϦΞϧ auth0.jsΛ࣮ͬͨ
• Social LoginͳͲɺઃఆLockʹଈ࣌ө • Auth0͕อ༗͢ΔdevΩʔ͕ॳظͰઃఆ͞Εͯ ͍ΔͷͰɺͱΓ͋͑ͣࢼͤΔʢخ͍͠ʣ • ਖ਼ࣜʹ͏߹औಘͯ͠ઃఆ͢Δ͜ͱ
Webtask
Webtask • AWS LambdaϥΠΫͳαʔόϨεڥΛࣗલ Ͱอ༗͍ͯ͠Δ • JavaScriptɺC#Ͱهड़Մ • Node v8ͳͷͰasync
await • WebtaskʹΑͬͯߴ͍֦ுੑΛ࣮ݱ͍ͯ͠Δ
Rule
Rule • ೝূػೳͷ֦ுRuleͰઃఆ • ྫ1ʣυϝΠϯΛ੍ݶ͍ͨ͠ • ྫ2ʣ໊دͤΛ࣮ݱ͍ͨ͠ • ࣮ߦج൫Webtask •
ϢʔεέʔεผʹେྔͷςϯϓϨʔτ͕ఏڙ͞Ε ͍ͯΔͷͰɺগ͠मਖ਼͢Δ͚ͩͰ͍͍ͩͨಈ͘
Rule: Template
Rule: Whitelist
ͦͷଞ • ϢʔβʔμογϡϘʔυ͕ඪ४උ • Auth0 GuardianʢMFAʣ • FIDO2ͷରԠʁ → AddonͰՄೳ
·ͱΊ • αʔϏε։ൃαʔϏεͷຊ࣭ʹྗ͖͢ • ࣮ίετݮͷͨΊʹɺ֎෦ͷೝূج൫Λ ͏ͷ͋Γ • Auth0ଟػೳͰ֦ுੑ͕ߴ͍ͷͰɺબࢶͱ ͯ͠༗ •
ϦεΫΛͪΌΜͱཧղ͔ͯ͠Β͏͠
͋Γ͕ͱ͏͍͟͝·ͨ͠
corocn
3150
nitya
tnbe21
iotcomjpadmin
minorun365
line_developers_tw
iwamot
lamodatech
pinkumohikan
tiltmax3
tkikuchi1002
forester3003
kneath
iamctodd
panda_program
thekraken
hannesfritz
afnizarnur
sugarenia
notwaldorf
morganepeng
keavy
tammyeverts
sstephenson
