Introduction to AuthPI

Accounts and Members

An Account represents your organization or project within AuthPI. Members are users who have access to manage the account, including developers and administrators. Each member has associated permissions.

Issuers and Clients

Issuers are the identity providers in AuthPI. They handle user authentication, token issuance, and authorization policies. Clients are applications or services that rely on AuthPI for user authentication and management.

Users

Users are individuals who interact with your applications. AuthPI manages their authentication, authorization, and profile data.

Setting Up an Identity Provider

Configurations

1. Create an account with AuthPI.
2. Add a new issuer with a unique identifier.
3. Generate API keys for your issuer.
4. Configure your client application with the issuer’s endpoint and API keys.

{% callout type=“danger” %} Protect the API token as a secret at all times. {% /callout %}

Managing Users

1. Create users by sending a POST request to the /users endpoint.
2. Update user details by sending a PUT request to the /users/{id} endpoint.
3. Delete users by sending a DELETE request to the /users/{id} endpoint.
4. Retrieve user information by sending a GET request to the /users/{id} endpoint.

Security Measures To Implement

1. Use HTTPS to encrypt communication between your application and AuthPI.
2. Implement rate limiting to prevent brute-force attacks.
3. Store API keys securely and rotate them periodically.
4. Enable multi-factor authentication (MFA) for account members and users.

Next steps

1. Integrate AuthPI with your existing applications and services.
2. Explore additional AuthPI features, such as social logins and passwordless authentication.
3. Customize authentication workflows and user interfaces to match your branding.
4. Monitor usage, events, and logs to ensure the security and stability of your identity provider.