Getting started with Authress
Authress provides Authentication and Authorization. Or in other words user identity management as well as the complex access controls for those users. These users can be your external users/customers/businesses (CIAM + OpenID + SAML) or internal employees and engineers (IdP + IAM).
1. Signing up
Before you can use Authress API, you need to create an account with us.
During the signup process, we’ll ask you to login with one of our federated login providers. After you sign up you'll be able to configure your company’s SSO (Single Sign On) solution. For sign up, we require one our default providers.
2. Integrating your software with Authress
Integrating with Authress is easy. You can either call our APIs directly, or download an SDK to make things even simpler.
Authress has SDKs for the most common languages. If we don’t have the one you are looking for, let us know and we’ll work on releasing it.
3. Account configuration
Throughout the docs you'll see additional opportunities for configuration. One of these is the configuration of a custom domain. Authress provides a unique DNS host for your account that looks like
acc_001.api.authress.io. Adding a custom domain on top of this provides additional security and reliability. To set up the custom domain, follow the Custom Domain setup guide. Setting up the domain not required however it is highly recommended.
In the knowledge base we'll assume that you've configured your Authress custom domain (often specified as
authressCustomDomain) to be
login.company.com. That means you own the
company.com DNS domain, and gave Authress access to utilize the subdomain
login.company.com. As such you will see
login.company.com used in SDK and code examples.
4. Choose a path
Auth is complex space, and Authress provides many features to support Auth. Part of the challenge is separating Authentication From Authorization.
- Authentication is your user sign up and sign in flows. It is your user identity management. It's integration with external identity providers such as Google and Azure, and provides SAML, OpenID, or OAuth integration.
- Authorization is your access control. This creates and restricts access to your services, grants users permissions, and audits their access. This is roles, permissions, service-to-service, machine clients, and access records.
If you already have an existing system, we recommend starting with Authorization. You can drop Authress in already and start getting the benefit. Extend your platform with the security you need. If you are building something new, such as an plug-able platform or a new software application, we recommend starting with Authentication.
User IdP Management & Login
Access control and permissions setup