[ { "path": "LICENSE", "content": "MIT License\n\nCopyright (c) 2018 Authing\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n" }, { "path": "OLD_README.md", "content": "

\n \"Authing\"\n

\n\n

Authing —— 一个所有人可用的身份管理平台

\n\n----------\n\n### 下一代身份认证和数字资产鉴权平台\n\nAuthing 依托万维网之父 **Tim Berners-Lee** 的去中心化社交网络项目 [SoLiD](https://github.com/solid/solid),是 SoLiD 在中国的第一个服务提供商,我们将推动 SoLiD 在中国落地,并帮助用户夺回数据控制权。我们在中国搭建了 [SoLiD 中文社区](https://learnsolid.cn),以让普通人认识到 SoLiD 的潜在价值,欢迎加入我们的讨论。\n\nAuthing 通过简单易用、可拓展的集成平台提供了复杂身份认证的解决方案,保证了每个月数以百万计的安全登录。\n\nAuthing 是一个 AaaS(Authentication As a Service) 平台,我们想解决日益增长、日渐复杂的身份认证在企业运营和产品开发中遇到的种种问题。\n\n使用 Authing,你将拥有以下服务:\n* 主流第三方 OAuth 配置接入;\n* 基于 OpenID Connect、SAML、LDAP 的单点登录;\n* 基于 Web 的用户管理系统(权限管理、身份管理、基础资料 CRUD);\n* 跨平台多终端集成能力(Android、iOS、HTML5);\n* 多语言 SDK(JavaScript、Node、Java、Python、Swift、PHP);\n* 基于 HTTPS、JWT、MD5、SHA256、Salt 和非对称加密的安全身份认证;\n* 基于消息队列的邮件服务、基于 Web 的邮件模版配置服务以及自定义第三方邮件服务的能力;\n* 基于指纹验证等的生物认证方式;\n* 易集成、易拓展的插件系统和可编程规则接入;\n* 用户登录地点、IP 监控;\n* 使用小程序扫描小程序二维码登录;\n* 使用手机 - 验证码登录;\n* 一行代码生成 Web 登录表单;\n\n### 内容导览\n\n[TOC]\n\n### AaaS(Authentication as a Service) 介绍\n\nAuthentication as a Service(AaaS)是新一代云计算应用,在有些场合也被称作 Identity as a Service(IDaaS)。AaaS 是由第三方提供的用于解决身份认证、用户管理等问题的云端基础设施。\n\nAaaS 提供了安全的准入许可和数据存储。当一名用户或一款应用试图访问受保护资源时,他必须提供认证资料。比如你若想使用 Facebook 必须提供账号密码,再比如在微信一些网页上进行投票时系统会获取你的微信个人资料。认证服务(Authentication Service)在这种场景下作为一个法官,保证合规的用户,拒绝非法的请求。当认证过程结束后,用户可以正常访问他们想要访问的资源或应用控制台。\n\n认证服务一般需要支持多种语言:\n* Java - 用来开发 Andorid 或 Web 应用;\n* Node/Python/PHP - 用来开发后端应用;\n* JavaScript - 用来开发客户端应用;\n* Swift - 用来开发 iOS 应用;\n\n如果您想为 Authing 贡献 SDK,请参考 [SDK Guide](https://docs.authing.cn/#/sdk/sdk)。\n\n除了语言层面的支持外,还应拥有富文本客户端、数据可视化支持来保证用户运营。\n\n----------\n\n### 认证流程\n\n![auth_uml](http://usercontents.authing.cn/white_paper/authing_auth_uml.png)\n\n认证通过后,后端会生成基于 JWT 规范的 Token。客户端将 Token 放到 HTTP 协议中的 ```Authorzation``` 头中并加上标注 ```Bearer``` 即可进行登录验证。\n\n流程如下:\n\n - 用户使用用户名密码来请求服务器\n - 服务器进行验证用户的信息\n - 服务器通过验证发送给用户一个 Token\n - 客户端存储 Token,并在每次请求时附送上这个 Token值\n - 服务端验证 Token 值,并返回数据\n\n#### JWT\n\nJWT 是由三段信息构成的,将这三段信息文本用,链接到一起就构成了 JWT 字符串。就像这样:\n\n```\neyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ\n```\n\n##### JWT 的构成\n第一部分我们称它为头部(header),第二部分我们称其为载荷(payload,类似于飞机上承载的物品),第三部分是签证(signature)。\n\n###### header\njwt 的头部承载两部分信息:\n\n- 声明类型,这里是 jwt\n- 声明加密的算法,通常直接使用 HMAC SHA256\n\n完整的头部就像下面这样的 JSON:\n\n``` javascript\n{\n 'typ': 'JWT',\n 'alg': 'HS256'\n}\n```\n\n然后将头部进行 base64 加密(该加密是可以对称解密的),构成了第一部分:\n```\neyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9\nplayload\n```\n\n载荷就是存放有效信息的地方。这个名字像是特指飞机上承载的货品,这些有效信息包含三个部分:\n\n- 标准中注册的声明\n- 公共的声明\n- 私有的声明\n\n标准中注册的声明 (建议但不强制使用) :\n\n- ```iss```: jwt 签发者;\n- ```sub```: jwt 所面向的用户;\n- ```aud```: 接收 jwt 的一方;\n- ```exp```: jwt 的过期时间,这个过期时间必须要大于签发时间;\n- ```nbf```: 定义在什么时间之前,该 jwt 都是不可用的;\n- ```iat```: jwt 的签发时间;\n- ```jti```: jwt 的唯一身份标识,主要用来作为一次性 Token,从而回避重放攻击。\n\n\n**公共的声明 :**\n\n公共的声明可以添加任何的信息,一般添加用户的相关信息或其他业务需要的必要信息。但不建议添加敏感信息,因为该部分在客户端可解密。\n\n**私有的声明 :**\n\n私有声明是提供者和消费者所共同定义的声明,一般不建议存放敏感信息,因为 base64 是对称解密的,意味着该部分信息可以归类为明文信息。\n\n定义一个 payload:\n\n``` javascript\n{\n \"sub\": \"1234567890\",\n \"name\": \"John Doe\",\n \"admin\": true\n}\n```\n\n然后将其进行 base64 加密,得到 Jwt 的第二部分。\n\n```\neyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9\n```\n\n**signature**\n\njwt 的第三部分是一个签证信息,这个签证信息由三部分组成:\n\n- header (base64 后的)\n- payload (base64 后的)\n- secret\n\n这个部分需要 base64 加密后的 header 和 base64 加密后的 payload 使用.连接组成的字符串,然后通过 header 中声明的加密方式进行加盐 secret 组合加密,然后就构成了 jwt 的第三部分。\n\n``` javascript\nvar encodedString = base64UrlEncode(header) + '.' + base64UrlEncode(payload);\n\nvar signature = HMACSHA256(encodedString, 'secret'); // TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ\n```\n将这三部分用.连接成一个完整的字符串,构成了最终的 jwt:\n\n```\n eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ\n```\n\n注意:secret 是保存在服务器端的,jwt 的签发生成也是在服务器端的,secret 就是用来进行 jwt 的签发和 jwt 的验证,所以,它就是你服务端的私钥,在任何场景都不应该流露出去。一旦客户端得知这个 secret,那就意味着客户端是可以自我签发 jwt 了。\n\n\n### 技术架构\n\nAuthing 拥有 4 个模块,这四个模块支撑了 Authing 的所有流量,分别是:用户服务(Users)、OAuth服务(OAuth)、邮件服务(Emails)和支付服务(Pay)。此四项服务虽然都是分开部署,但有一定的强关联性。同时,为了保证服务的高可用,在互相请求时,会进行错误捕捉,在发生错误时,会使用默认数据。因此在某个服务不可用时,可能会导致某些服务的配置失效。\n\n#### 后端\n\n后端使用 Node.js 开发,结合 RESTful API 和 GraphQL 进行数据交换。在某些场景下(如发送邮件、日志记录)使用 RabbitMQ 实现消息队列。\n整体使用 docker-compose 进行部署,全程无人化。\n\n##### Koa.js\n\nKoa.js 是 Authing 主要使用的后端框架,和他一起配套使用的 koa 生态还包括:koa-bodyparser、koa-convert、koa-cors、koa-router。\n\n##### GraphQL\n\n使用了 GraphQL 官方推荐的客户端 apollo-client 进行 GraphQL 应用的开发。\n\n##### 消息队列\n\n使用由 Docker 构建的 RabbtMQ 和基于 Node 的 rabbit.js。我们内部定义了一套 RabbitMQ 消息通信的规范。 \n\n``` javascript\n{\n action: 'ACTION_NAME', //要执行的动作(函数)\n payload: {} //附带的参数\n}\n```\n\n#### 前端\n\nAuthing 的前端基于现代 Web 技术开发而成,为 SAP 应用。具有响应式、国际化等特性。\n\n前端的基本构件如下:\n\n- **Vue**:Authing 客户端的基石\n- **状态管理**:使用 Vuex\n- **国际化**:使用 vue-i18n\n- **界面**:iView(Ant.design 的 Vue版)\n\n基本上就是 Vue 全家桶。\n\n除了基础的客户端功能外,Authing 还应提供服务端渲染(SSR)的功能,这方面会选择 Next.js 作为主要的开发框架。\n\n#### DevOps\n\nAuthing 的运维指标是无人化、自动化。因此在前期采用以下技术方案(DevOps 会随业务增长而改进):\n\n- Docker\n- 微服务\n- Nginx 负载均衡\n- Git Hook\n- 业务与数据分离\n- 核心业务多节点、多进程运行\n- 跨主机、多节点部署\n- 数据库主 + 从 + 仲裁部署 + 多节点部署\n\nAuthing 关于 DevOps 的最终目标是实现 ChatOps。\n\n##### ChatOps\n\nChatOps 简单来说就是聊天机器人 + RESTful 实现运维自动化的工具,他相当于一个最勤劳,最好沟通,从不休假并且随叫随到的同事。\n\nChatOps 可以让我们在工作中 pair all the time。\n![pair all the time](https://upload-images.jianshu.io/upload_images/5064655-cecdf6d72a2fc425.png?imageMogr2/auto-orient/strip%7CimageView2/2/w/700)\n\nChatOps 这块业务有可能会成为继认证之后 Authing 的下一块拥有巨大增长潜力的业务。\n\n----------\n\n### SDK\n\nSDK 是 Authing 官方及社区提供的方便用户进行多端接入的开源软件包,该开源软件包支持以下语言:\n\n- Java\n- C#\n- PHP\n- Python\n- Node/JavaScript\n- Swift\n\n查看官方文档,[请点击这里](https://docs.authing.cn)。\n\n#### SDK 规范\n\n为了减少开发者在不同平台的学习成本,所以 Authing 必须保证 SDK 接口的一致性,当然在不同语言情境下,会做出少量调整。\n\n##### 初始化\n\n在进行代码初始化时必须是初始化一个类,该类的构造函数接收一个对象作为参数:\n\n``` javascript\n{\n clientId: 'CLIENT_ID',\n secret: 'APP_SECRET'\n}\n```\n\n如(**JavaScript**):\n\n``` shell\nvar auth = new Authing({\n clientId: 'your_client_id',\n secret: 'your_app_secret'\n});\n```\n\n该构造函数在认证通过时应返回一个新的对象,该对象每次发送请求时携带 SDK 经过验证的 Token。\n\n如(**JavaScript**):\n\n``` shell\nauth.then(function(validAuth) {\n\n //验证成功后返回新的 authing-js-sdk 实例(validAuth),可以将此实例挂在全局\n\n}).catch(function(error) {\n //验证失败\n console.log(error);\n});\n```\n\n如果使用 JavaScript 开发 SDK,必须保证兼容 async/await 和 Promise。\n\n##### 对象方法\n\n可参考文档内的[用户接口列表](https://docs.authing.cn/#/user_service/user_service)。\n\n### 未来规划\n\nAuthing 的业务目标不会仅局限于用户认证这一块,云计算、区块链、大数据以及人工智能都有 Authing 的立足之地。\n\nAuthing 的技术探索也一定是无边界的。\n\n#### 云计算\n\nAuthing 的定位是一家 **云计算公司**,提供 **AaaS** 服务。在未来,Authing 会有数十亿的认证事件处理,底层需要稳健的基础设施作支撑。\n\nAuthing 会在大量使用现有云计算平台的基础上,实现函数计算(lambda computing),这是无服务器(serverless)技术的基础设施。\n\n##### 函数计算和无服务器架构\n\n所谓函数计算,就是指将函数直接上传至云计算平台,无需考虑服务器,为计算时长付费。\n\n函数计算和无服务器架构是相辅相成的结果,同时需要大量的 DevOps,最终会发展成为 NoOps,这和 Authing ChatOps 的展望不谋而合。\n\n所以函数计算和无服务器架构也会是 Authing 重点发力的一块业务,也是支撑 Authing 未来过亿身份认证的基础。\n\n#### 区块链\n\n区块链是分布式数据存储、点对点传输、共识机制、加密算法等计算机技术的新型应用模式。\n\n在身份认证这种场景下,用户最大的要求是**安全**。而区块链就使现有身份认证变得安全成为可能。尤其是其中的非对称加密和授权技术,存储在区块链上的信息是公开的,但是账户身份信息是高度加密的,只有在数据拥有者授权的情况下才能访问到,从而保证了数据的安全和个人的隐私(即用户数据属于注册商,可以打消用户对于**Authing 官方**可能会窃取用户信息的疑虑)。\n\n基于分布式、点对点的特性,也可以使 Authing 的数据存储更加可靠。\n\n#### 大数据\n\n基于众多的登录数据,Authing 可以做大量的数据分析和可视化。\n\n以下场景可得到应用(不断拓展):\n\n- 分析人口流通(按行业);\n- 分析人口睡眠及活跃时间(按行业);\n- 分析人口地理、年龄分布;\n\n基于以上数据,Authing 可实现大量的数据可视化。\n\n#### 人工智能\n\n在人工智能方面,Authing 可实现生物认证,如:\n\n- 指纹识别\n- 人脸识别\n- 眼膜识别\n\n从而保证认证过程的安全性更上一层楼。\n" }, { "path": "README.md", "content": "

Authing: Connect Every Person and App on the Planet

\n\n
\n \"Authing\"\n
\n\n
\n \n \n \n \n
\n\n
\n\nAuthing quickly implements authentication and user management for any Web, App, and enterprise software to provide the most complete login solution for your customers and employees.\n\nAuthing does two things for you:\n\n- CIAM (Customer Identity & Access Management)\n\n Create a secure and seamless authentication experience for your customers.\n\n- EIAM (Enterprise Identity & Access Management)\n\n Protect and enable your workforce to use any technology on any device.\n \n Thousands of enterprises & developers trust Authing.\n\n
\n\n## What is Authing?\n\nAuthing serves as an identity infrastructure, or Identity As A Service (IDaaS) for cloud computing.\n\nAuthing focuses on identity and building social infrastructure for identity sharing across all SaaS software and users to help companies build a secure modern IT infrastructure that not only protects their business, but also redefines the user experience.\n\n
\n\n
Infrastructure for identity sharing across all SaaS software and users
\n
\n\nAuthing is the foundation for secure connections between a complex identity ecology and an application ecology in which countless identities access applications and resources in a borderless way.\n\n
\n\n
Key functions: Multi-factor login
\n\n## API First\n\nAuthing taking \"API first\" as the product cornerstone, all commonly used functions in the identity field are modularized and all capabilities are provided to developers through the full scene programming language SDK. At the same time, users can flexibly use Authing's Open Restful APIs for function expansion to meet the identity management needs of different enterprises under different business scenarios.\n\n## Features and Advantages\n\nAuthing makes identity management easy.\n\nAs an excellent provider of identity management solutions, Authing will bring significant competitive advantages to enterprises in B2B, B2C, B2E or IoT scenarios: reducing development costs, improving security, and boosting production efficiency.\n\n### High security\n\nWhen Authing was launched, it was selected by the China Academy of Information and Communications Technology as an \"Innovative Enterprise in the Field of Identity Management and Access Control in China\" and was included in the \"White Paper on Cyber ​​Security Industry 2019\".\n\n- Visual security audits\n- Multi-factor login\n- Password management\n- Encrypted transmission and storage\n\n### Compliance\n\nAuthing adheres to the compliance requirements of different countries and industries and strives to create reliable services for customers. At the same time, it actively participates in the formulation and promotion of industry security standards, adheres to the principle that compliance is service, and builds and operates a safe and reliable cloud ecological environment.\n\n
\n\t\n\t\tClick to see specific protocols Authing adapts to\n\t\n\t
\n \n
\n\nAs an enterprise-level SaaS service and identity service provider that concerns the core secrets of enterprises, Authing always puts security in the first place. Authing has international authoritative security certification and a mature information security management system to secure the whole life cycle of software, with reliable data security protection and round-the-clock security emergency response measures.\n\nISO Quality System Certification\n\n
\n \n
\n\nISO 9001 quality system certification is the foundation of enterprise development and growth. Authing's acquisition of this certification is a full affirmation of our long-term work in the construction of a privacy compliance system. The Authing security team has been committed to protecting user privacy and data security and providing users with transparent, efficient, safe and reliable services.\n\nGDPR General Data Protection Regulation\n\n
\n \n
\n\nThe General Data Protection Regulation, referred to as GDPR, is a regulation of the European Union. The predecessor was the \"Computer Data Protection Law\" formulated by the European Union in 1995. Authing’s data center, management system, R&D, and functional departments have passed this certification, which means that we have been benchmarked with international standards in the field of information security management, have sufficient information security risk identification and control capabilities, and can provide global customers with safe and reliable service.\n\nAuthing was included in White Paper on China Cyber Security Industry.\n\n
\n \n
\n\nWhen Authing was first launched, it was selected as an \"Innovative Enterprise in Domestic Identity Management and Access Control\" by the China Institute of Information and Communications Technology (CIIT) and was included in White Paper on China Cyber Security Industry (2019).\n\nThree levels of protection\n\nMinistry of Public Security Information Security Level 3 Certification GB/T 22239-2008 Information Security Technology Information System. The Basic Requirements for Security Level Protection, referred to as Security Level Protection, is an information security standard issued by the Standardization Administration of China. It is a basic system of information security in China. The level is divided into 1 to 5 levels according to the importance of the information system from low to high, and different security levels implement different protection strategies and requirements. \n\nAuthing uses Level 3 information system protection strategy that has been successfully evaluated by a professional evaluation organization. signifies that we have security protection capabilities recognized by the authority in terms of physical, network, host, application and data. And it reached a high level in the industry.\n\n
\n\n### Cover all Wechat using scenario\n\nAuthing provides a concise and unified SDK for users in the complex login scenes for WeChat ecosystem. The backend could be automatically processed by three parts -- OpenID, UnionID and mobile phone numbers, to identify the same ID and merge the same accounts. Users only need to call the front-end SDK without worrying about various complex identification logic.\n\n### High performance\n\n- Millisecond query record\n- Millisecond write speed\n- Redundant architecture, redundant storage\n- No single point of failure, high reliability\n- One-click replication of architecture to public cloud / private cloud / private cloud\n- One-click expansion\n- Visual management tools\n\n### High productivity\n\n- Millisecond query record.\n- RESTful, GraphQL, SDK.\n- Interactive, User-Centered, Comprehensive documentation.\n- Support OAuth 2.0, OIDC, SAML, AD/LDAP, WS-Fed.\n- User growth, permission control, SQL or code level data query, log, audit.\n- Plugin, pipeline, domain name, unlimited custom login box (style / layout), multi-database compatibility.\n- Volume deployment, automatic update.\n\n### No supplier lock-in\n\nAuthing provides a complete and easy data export feature that allows users to completely migrate their data from the platform at any time. Authing does not retain any of the data of users.\n- Authing supports all major protocols in the market such as OIDC, SAML, OAuth, etc., so customers are free to choose.\n- Authing supports a custom authentication process (Pipeline) . Customers can change the authentication process, plug and unplug the required functions, such as the invitation code\n\n### Support for private deployments\n\nAuthing can provide customized private deployment solutions according to the needs of the enterprise to make identity management easier. Professional technicians are involved throughout the entire process of deploying the solution and providing full customer service after the sale.\n\n### Customer success service\n\nAuthing supports customization and private deployment. Our team will follow up the whole process of customizing business requirements and deploy local servers for enterprise data security and control. The Customer Success team provides 7*24 hours continuous service from interface interfacing, testing and go-live to later system operation and maintenance, and management platform usage.\n\n## Major Functions\n\n
\n\t\n\t\tUniversal login component\n\t\n
\nThe Universal Directory (Guard) is an embeddable login form that can be configured according to your needs and easily add various social login methods, allowing users to log in seamlessly and have a consistent login experience on different platforms.\n\n
\n\n
Universal Directory
\n
\nThe Guard helps developers shield the details of the underlying authentication and tedious UI development. It enables enterprises and developers to quickly launch a secure, customizable UI unified login form.\n\n![image](./imgs/d8b9d825-91ee-4c04-8611-dd1b0c6f489f.png)\n\n
Developers to quickly launch a secure, customizable UI unified login form
\n
\n\n- Account password / phone verification / APP scan code / corporate identity source / social login.\n- Built-in interactive UI for forgetting the password, MFA function, users do not need to write any additional code to complete tasks.\n- Perfectly compatible with mobile and PC, you can easily customize the login box style with CSS.\n- Including login components such as React, Vue, Angular, JavaScript, etc.\n\nGuard can be easily embedded in your apps, customized to enable multiple social providers, and designed according to your brand.\n \n
\n\n
Flexibly define login
\n
\n\nIf you want to be able to make changes to the existing UI, you can customize it with HTML, CSS and JavaScript.\n\n### MFA: Hign security login \n\nMFA is one of the best ways to prevent account theft. If a hacker wants to hack into an account protected by MFA, not only need to steal the credentials, but also need to verify additional factors.\n\nGenerally, we see a tendency to use MFA in industries dealing with sensitive data. There is no additional identity layer in these verticals, so there is an urgent need for MFA.\n \n
\n\n
Authing MFA
\n
\n\nAuthing can centrally configure a variety of authentication factors other than passwords, including dynamic tokens, faces, fingerprints and other biological characteristics. At the same time, it provides a developer API to support other applications to use IDaaS's identity authentication capabilities.\n\n### Custom Database Connections\n\nWhen you want to ensure data security or smoothly migrate users, please use Authing to customize database connections. You can connect to external or local databases maintained by yourself, and you can also migrate existing user data from the old system to Authing.\n \n
\n\n
Custom Database Connections
\n
\n\n### APN: Authing Partner Network\n\nAPN (Authing Partner Network) is an cooperation network provided by Authing.\nAfter joining APN, you will be able to experience the following functions:\n\n- Single sign-on (SSO) capability, which means your customers will be able to log in to your application through a unified entrance and a unified account\n- Make it easier for your customers to find your app, since APN will add your exposure opportunities to your potential partners\n
\n
\n\n## Built-with\n\n1. **TypeScript** - TypeScript is a superset of JavaScript that compiles to clean JavaScript output.\n2. **Nest.js** - A progressive Node.js framework.\n3. **React.js** - A JavaScript library for building user interfaces.\n4. **PostgreSQL** - A powerful, open source object-relational database system.\n5. **Kubernetes** - An open-source container orchestration system.\n6. **Redis** - An open source, in-memory data structure store.\n7. **RocketMQ** - A distributed messaging and streaming platform.\n\n## Start with\n\nTo start with, Chinese users please visit [docs.authing.cn](https://docs.authing.cn)\n\nFor English users, click [https://www.authing.cn/developer](https://www.authing.cn/developer)\n\n## Values\n\nIDaaS is an abbreviation of Identity As a Service. Contains all functions of traditional IAM and can bring more benefits to companies: enhance marketing and operational efficiency; Accelerate new business online; enhance safety to reduce network attack risks; enhance user experience.\n\n### Operation capacity\n\nThe traditional IAM account center has weak operational capabilities, difficult to meet large organizations in business, while IDaaS's multi-tenant operation platform and automation workflow (Workflow) can easily enhance corporate operation efficiency.\n\n### Advocacy and scalability\n\nWhen the number of users continues to rise, the pressure on the user system will continue to increase. The IDaaS of origin cloud can solve this problem, using the Authing IDaaS as an example, with nearly 10 million users per month logging into thousands of systems, with large-scale data processing experience, the digital identity solution built can better support enterprise expansion.\n\n## Articles\n\n### Founders\n\n- [创·问 |Authing谢扬:身份是所有数字化的根本](https://mp.weixin.qq.com/s/-e5nHTi1OrCoHb-L7CJNpg)\n- [Authing 李宇航:国内首款以开发者为中心的全场景身份云](https://mp.weixin.qq.com/s/e3IoHPSvA-rKEN1awJ26vw)\n\n### Business\n\n- [身份云平台 Authing 完成 2300 万美元 A 轮融资](https://mp.weixin.qq.com/s/ywxXUqxHh6c3eY1zlNvx3g)\n- [Authing 入选福布斯亚洲“最值得关注公司”百强](https://forum.authing.cn/t/topic/381)\n\n### Philosophy\n\n- [QCon 演讲实录丨带你了解 Authing 背后的计算哲学](https://mp.weixin.qq.com/s/Cmfh_vrteS56SyThmsaq0g)\n- [Authing 背后的计算哲学](https://mp.weixin.qq.com/s/KABe5cX-3eW1YmZVxSLTFg)\n- [基于语义化思想的全新编程模型](https://gitee.com/authing/android_guard/blob/master/doc/topics/design.md)\n- [让互联网重新互联 —— 从身份开始](https://mp.weixin.qq.com/s/QWw_Ex0I-LgOoKpZnWj16A)\n- [Web 的未来,语义互联已死,请拥抱自由编辑](https://mp.weixin.qq.com/s?__biz=MzU1OTk1NjU4MA==&mid=2247492908&idx=1&sn=69a426b46496bfbeee238bf453545173&source=41#wechat_redirect)\n\n### Insights\n\n- [Authing 云端单点登录技术,助力 SaaS 企业轻松上阵加速业务布局 | 案例](https://forum.authing.cn/t/topic/388)\n- [Authing 社区好文推荐:如何 15 分钟开发一个很棒的登录系统](https://forum.authing.cn/t/topic/387)\n- [万字长文!深度剖析身份验证的工作原理(建议收藏)](https://forum.authing.cn/t/topic/386)\n- [「开发者投稿」使用 Authing 对 SPA 应用进行身份认证实践 (qq.com)](https://mp.weixin.qq.com/s/BjFv34jviPKeUtpkrMbsxg)\n- [使用 Authing 替代 Cognito 结合 API 网关和 Lambda 访问资源](https://mp.weixin.qq.com/s/8oVG7ZWCjooueQEfzVGMXg)\n\n## Who uses Authing ?\n \n
\n\n## Community\n\nChat freely and give us feedback on our forum: [https://forum.authing.cn](https://forum.authing.cn)\n\nEmail us at [sales@authing.cn](sales@authing.cn), or ring us at 400-6197-031 for a thorough talk.\n\nOther ways to contact us:\n\nAuthing Chatbot:\n\n\n\nScan the qrcode to add administrator to join the WeChat group.:\n \n\n\n## Contributors\n
\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
\n
\n\n## License\n\nAuthing is under the MIT license. \n\nMIT is a license agreement as liberal as BSD. You must include the original license agreement in your distribution, regardless of whether you are publishing binary still released in source code.\n" } ]