15. authentication Date: 2023-01-30 Status Accepted Context We need to decide how we will authenticate users. We have a few options: OIDC (OpenID Connect) OAuth 2.0 RFC 6749 - The OAuth 2.0 Authorization Framework RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage RFC 8414 - OAuth 2.0 Authorization Server Metadata RFC 8705 - OAuth 2.0 Token Exchange RFC 8693 - OAuth 2.0 Device Authorization Grant JWT RFC 7515 - JSON Web Signature (JWS) RFC 7516 - JSON Web Encryption (JWE) RFC 7519 - JSON Web Token (JWT) RFC 7523 - JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants 2FA Decision We want use third-party authentication, because it is more secure and we don't support this service. We research next third-party authentication: Keycloak ory/hydra dexidp/dex Consequences Use this scheme: Step 1. Try to use Keycloak Install Keycloak Try to use Keycloak Made decision about use Keycloak and update this ADR
