{"componentChunkName":"component---src-templates-blog-list-template-js","path":"/59","result":{"data":{"allMarkdownRemark":{"edges":[{"node":{"excerpt":"The LoginRadius PerfectMind integration is delivering a seamless user experience and helping cities in increasing user conversions allowing…","fields":{"slug":"/identity/loginradius-perfectmind-integration-sso-ux/"},"html":"

The LoginRadius PerfectMind integration is delivering a seamless user experience and helping cities in increasing user conversions allowing their users to register and authenticate flawlessly.

\n

Authentication is one of the most important aspects that should be carried out without any friction since a great consumer experience is a key to business success; LoginRadius understands this and developed an out of the box SSO solution to deliver a seamless user experience between LoginRadius and PerfectMind applications.

\n

Users expect authentication experiences that are quick, delightful, secure, and seamless. Hence, a robust authentication mechanism becomes the need of the hour for enterprises collecting and storing vast amounts of user information and leveraging this across distinct systems and toolsets.

\n

LoginRadius’ cutting-edge single sign-on helps overcome all the challenges related to consumer experience and data integration. Let’s understand how LoginRadius paves the path for a robust user experience by integrating PerfectMind.

\n

What is PerfectMind?

\n

PerfectMind (part of Xplor) is a membership management software that uses cloud-based technology to help organizations of all sizes connect with their communities.

\n

PerfectMind started as a software solution for martial arts schools but has expanded over the years to serve other industries, most notably parks and recreation departments.

\n

Intent Behind the Integration

\n

Canadian municipal and community organizations were looking for a way to connect their native website to PerfectMind so users could log in and enjoy a seamless experience between the sites.

\n

Since, PerfectMind does not support industry-standard federated Single Sign-On methods like SAML, OAuth/OIDC, or JWT, LoginRadius offered its out-of-the-box SSO Connector solutions to create a Single Sign-on user experience between LoginRadius and the PerfectMind applications by leveraging APIs.

\n

\"DS-perfectmind-int\"

\n

Through LoginRadius PerfectMind integration, the PerfectMind consumers are leveraging all the powerful capabilities of the cutting-edge CIAM platform, including social login, passwordless login, single sign-on, reinforced by robust security.

\n

Final Thoughts

\n

With the LoginRadius PerfectMind SSO, businesses can establish a flawless user experience by overcoming the barriers of frictionless authentication and authorization across multiple platforms/ servers.

\n

\"Book-a-demo-loginradius\"

\n","frontmatter":{"date":"December 14, 2021","updated_date":null,"description":"LoginRadius’ cutting-edge single sign-on helps overcome all the challenges related to consumer experience and data integration. Let’s understand how LoginRadius paves the path for a robust user experience by integrating PerfectMind.","title":"LoginRadius Offers PerfectMind Integration for a Seamless UX","tags":["authentication","federated sso","passwordless login"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.8018018018018018,"src":"/static/07f736293e132f8cf0720ca403d55405/58556/perfectmind-cover.webp","srcSet":"/static/07f736293e132f8cf0720ca403d55405/61e93/perfectmind-cover.webp 200w,\n/static/07f736293e132f8cf0720ca403d55405/1f5c5/perfectmind-cover.webp 400w,\n/static/07f736293e132f8cf0720ca403d55405/58556/perfectmind-cover.webp 800w,\n/static/07f736293e132f8cf0720ca403d55405/cc834/perfectmind-cover.webp 1024w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Jitender Agarwal","github":null,"avatar":null}}}},{"node":{"excerpt":"Authentication is an essential part of any web application. But unfortunately, it is not always easy to implement. What is Authentication…","fields":{"slug":"/engineering/guest-post/securing-flask-api-with-jwt/"},"html":"

Authentication is an essential part of any web application. But unfortunately, it is not always easy to implement.

\n

What is Authentication?

\n

Authentication is a process of verifying that an entity is who they claim to be. For example, a user might authenticate by providing a username and password. If the username and password are valid, the system will check if the user can access the resource. After the system checks the user's details against its database and if the details are valid, the user is thus authenticated and can access available resources.

\n

Authentication Factors

\n

The following factors are used to authenticate a user.

\n

Single-factor Authentication

\n

This authentication is used when a user provides a username/email/phone number and a password. This is the most common and weakest authentication factor. The user simply inputs the email and password, and the system checks if the data is valid; if valid, the user gets authenticated and can access the resource. What happens if another person who is not a legitimate user tries to access the resource? The system denies access to the resource.

\n

Multi-factor Authentication

\n

This authentication uses more than one factor to authenticate a user. For example, the user tries to log in with, say, email and password; if the data is correct, a code is sent to the user's phone number, and the user is asked to input the code. If the user enters the code, the user gets logged in; otherwise, the user is not authenticated. Some applications even go a step further by not using two factors but using three factors.

\n

Types of Authentication

\n

There are three types of authentication, as follows:

\n
    \n
  1. Knowledge Authentication: The user is asked something that only they can provide or know -- e.g., password. This is the most common type and also the easiest.
    2. \n
  2. Property Authentication: The user is asked for something they own or possess. For example, they can use a hardware authentication device like YubiKey or an authenticator app on their phone. The idea is that users will be asked to set an authentication factor that verifies the identity more securely. This isn’t always used alone; it’s used alongside another authentication type, say, Knowledge authentication.
    3. \n
  3. Biological Authentication: The user is asked to verify their identity using something biologically unique to them -- e.g., a fingerprint or iris scan.
    4. \n
\n

In most applications, knowledge and property authentication are used as an extra layer of authentication.

\n

Authentication vs. Authorization

\n

The following are the differences between authentication and authorization:

\n
    \n
  1. Authentication verifies identity (usually through credential validation)) while authorization grants or denies permissions to a user.
    2. \n
  2. Authentication is used to verify that users are who they say they are. Authorization is used to verify that a user has permission to do something.
    3. \n
\n

Starter Application

\n

In this tutorial, you'll work on authentication in flask middleware for an existing API built with Flask and PyMongo. The API is a book library API using which users can create books and upload cover images for the books and relevant data. PyMongo is used to connect to the mongo database. You'll use the PyJWT library to generate and verify JWT tokens for auth in flask.

\n
\n

You can learn more about JSON Web Tokens (JWT) here.

\n
\n

To get started, clone the repository and set up the application by running the following commands:

\n
git clone https://github.com/LoginRadius/engineering-blog-samples.git # Clone the repository\ncd /Flask/loginRadius-flask-auth # change directory\npython3 -m venv env # create virtual environment; if you're using Windows, `py -m venv env`\nsource env/bin/activate # activate virtual environment, if you're using windows, env/Scripts/activate\npip install -r requirements.txt # install dependencies\n# https://packaging.python.org/en/latest/guides/installing-using-pip-and-virtual-environments/
\n

The application is now set up and ready to run. You can run the app using the command flask run in the project directory. You can test that all the endpoints are working by testing the app in an API testing tool, like Postman.

\n

Authentication Middleware

\n

As you've noticed, anybody can access the API; you need to restrict access to the API. Create new book data if they have the correct data, then add, delete, and update book data, but you don't want that. To do this, you need to implement an authentication middleware.

\n

When we talk about authentication with flask, middlewares are created in Flask by creating a decorator; a function can have multiple middlewares, and the order matters a lot.

\n

To create your auth middleware, you need to install PyJWT -- the library you'll use to generate tokens. You’ll also use Pillow to alter image data before saving them to disk. Run the following command to install the packages:

\n
pip install pyjwt pillow
\n

You need to add a secret key to your application; this is what you should pass to JWT.

\n

Add the following to your app.py file below the app declaration.

\n
# app = Flask(__name__)\n\nSECRET_KEY = os.environ.get('SECRET_KEY') or 'this is a secret'\nprint(SECRET_KEY)\napp.config['SECRET_KEY'] = SECRET_KEY
\n

Let's create a file called auth_middleware.py in the root of your application and place the following inside this file:

\n
from functools import wraps\nimport jwt\nfrom flask import request, abort\nfrom flask import current_app\nimport models\n\ndef token_required(f):\n    @wraps(f)\n    def decorated(*args, **kwargs):\n        token = None\n        if "Authorization" in request.headers:\n            token = request.headers["Authorization"].split(" ")[1]\n        if not token:\n            return {\n                "message": "Authentication Token is missing!",\n                "data": None,\n                "error": "Unauthorized"\n            }, 401\n        try:\n            data=jwt.decode(token, current_app.config["SECRET_KEY"], algorithms=["HS256"])\n            current_user=models.User().get_by_id(data["user_id"])\n            if current_user is None:\n                return {\n                "message": "Invalid Authentication token!",\n                "data": None,\n                "error": "Unauthorized"\n            }, 401\n            if not current_user["active"]:\n                abort(403)\n        except Exception as e:\n            return {\n                "message": "Something went wrong",\n                "data": None,\n                "error": str(e)\n            }, 500\n\n        return f(current_user, *args, **kwargs)\n\n    return decorated
\n

The function above is simply a decorator function. Inside this function, you check if there is an Authorization field in the headers part of the request; if this is missing, you return an authorization error.

\n

Next, you check if it exists but is not valid; if it is not valid, you also return an authorization error.

\n

If everything goes fine, then the view function is called. As you can see, you return f(current_user, *args, **kwargs), where f is the next decorator or function that's being called after this decorator -- in your case, the view function, which means that the first argument of any view function that uses this decorator must be current_user.

\n

Auth Routes

\n

You currently have a route to creating a new user, but you don't have one to log in. From what you have above, you're checking if the token passed as the header is valid, but now the question is -- how do you get to know the token. Basically, the login route fetches the token and sends it to the client.

\n

Add the following function below the add_user function:

\n
@app.route("/users/login", methods=["POST"])\ndef login():\n    try:\n        data = request.json\n        if not data:\n            return {\n                "message": "Please provide user details",\n                "data": None,\n                "error": "Bad request"\n            }, 400\n        # validate input\n        is_validated = validate_email_and_password(data.get('email'), data.get('password'))\n        if is_validated is not True:\n            return dict(message='Invalid data', data=None, error=is_validated), 400\n        user = User().login(\n            data["email"],\n            data["password"]\n        )\n        if user:\n            try:\n                # token should expire after 24 hrs\n                user["token"] = jwt.encode(\n                    {"user_id": user["_id"]},\n                    app.config["SECRET_KEY"],\n                    algorithm="HS256"\n                )\n                return {\n                    "message": "Successfully fetched auth token",\n                    "data": user\n                }\n            except Exception as e:\n                return {\n                    "error": "Something went wrong",\n                    "message": str(e)\n                }, 500\n        return {\n            "message": "Error fetching auth token!, invalid email or password",\n            "data": None,\n            "error": "Unauthorized"\n        }, 404\n    except Exception as e:\n        return {\n                "message": "Something went wrong!",\n                "error": str(e),\n                "data": None\n        }, 500
\n

Protecting API Routes in Flask

\n

So far, you've been able to create your auth middleware, but you need to use this middleware to protect routes. All you need to do is to pass this middleware immediately after the app.route middleware, then make current_user the first argument of the view function, as follows:

\n
@app.route('/')\n@token_required\ndef user(current_user):\n  return jsonify(current_user)\n\n@app.route('/<pdt_id>')\n@token_required\ndef product(current_user, pdt_id):\n  return jsonify(Product.find({'user_id': pdt_id}))
\n

Add this middleware (@token_required) to every function you only want authenticated users to access. In the end, your whole app.py file should look as follows.

\n
import jwt, os\nfrom dotenv import load_dotenv\nfrom flask import Flask, request, jsonify\nfrom save_image import save_pic\nfrom validate import validate_book, validate_email_and_password, validate_user\n\nload_dotenv()\n\napp = Flask(__name__)\nSECRET_KEY = os.environ.get('SECRET_KEY') or 'this is a secret'\nprint(SECRET_KEY)\napp.config['SECRET_KEY'] = SECRET_KEY\n\nfrom models import Books, User\nfrom auth_middleware import token_required\n\n@app.route("/")\ndef hello():\n    return "Hello World!"\n\n@app.route("/users/", methods=["POST"])\ndef add_user():\n    try:\n        user = request.json\n        if not user:\n            return {\n                "message": "Please provide user details",\n                "data": None,\n                "error": "Bad request"\n            }, 400\n        is_validated = validate_user(**user)\n        if is_validated is not True:\n            return dict(message='Invalid data', data=None, error=is_validated), 400\n        user = User().create(**user)\n        if not user:\n            return {\n                "message": "User already exists",\n                "error": "Conflict",\n                "data": None\n            }, 409\n        return {\n            "message": "Successfully created new user",\n            "data": user\n        }, 201\n    except Exception as e:\n        return {\n            "message": "Something went wrong",\n            "error": str(e),\n            "data": None\n        }, 500\n\n@app.route("/users/login", methods=["POST"])\ndef login():\n    try:\n        data = request.json\n        if not data:\n            return {\n                "message": "Please provide user details",\n                "data": None,\n                "error": "Bad request"\n            }, 400\n        # validate input\n        is_validated = validate_email_and_password(data.get('email'), data.get('password'))\n        if is_validated is not True:\n            return dict(message='Invalid data', data=None, error=is_validated), 400\n        user = User().login(\n            data["email"],\n            data["password"]\n        )\n        if user:\n            try:\n                # token should expire after 24 hrs\n                user["token"] = jwt.encode(\n                    {"user_id": user["_id"]},\n                    app.config["SECRET_KEY"],\n                    algorithm="HS256"\n                )\n                return {\n                    "message": "Successfully fetched auth token",\n                    "data": user\n                }\n            except Exception as e:\n                return {\n                    "error": "Something went wrong",\n                    "message": str(e)\n                }, 500\n        return {\n            "message": "Error fetching auth token!, invalid email or password",\n            "data": None,\n            "error": "Unauthorized"\n        }, 404\n    except Exception as e:\n        return {\n                "message": "Something went wrong!",\n                "error": str(e),\n                "data": None\n        }, 500\n\n\n@app.route("/users/", methods=["GET"])\n@token_required\ndef get_current_user(current_user):\n    return jsonify({\n        "message": "successfully retrieved user profile",\n        "data": current_user\n    })\n\n@app.route("/users/", methods=["PUT"])\n@token_required\ndef update_user(current_user):\n    try:\n        user = request.json\n        if user.get("name"):\n            user = User().update(current_user["_id"], user["name"])\n            return jsonify({\n                "message": "successfully updated account",\n                "data": user\n            }), 201\n        return {\n            "message": "Invalid data, you can only update your account name!",\n            "data": None,\n            "error": "Bad Request"\n        }, 400\n    except Exception as e:\n        return jsonify({\n            "message": "failed to update account",\n            "error": str(e),\n            "data": None\n        }), 400\n\n@app.route("/users/", methods=["DELETE"])\n@token_required\ndef disable_user(current_user):\n    try:\n        User().disable_account(current_user["_id"])\n        return jsonify({\n            "message": "successfully disabled acount",\n            "data": None\n        }), 204\n    except Exception as e:\n        return jsonify({\n            "message": "failed to disable account",\n            "error": str(e),\n            "data": None\n        }), 400\n\n@app.route("/books/", methods=["POST"])\n@token_required\ndef add_book(current_user):\n    try:\n        book = dict(request.form)\n        if not book:\n            return {\n                "message": "Invalid data, you need to give the book title, cover image, author id,",\n                "data": None,\n                "error": "Bad Request"\n            }, 400\n        if not request.files["cover_image"]:\n            return {\n                "message": "cover image is required",\n                "data": None\n            }, 400\n\n        book["image_url"] = request.host_url+"static/books/"+save_pic(request.files["cover_image"])\n        book["user_id"] = current_user["_id"]\n        is_validated = validate_book(**book)\n        if is_validated is not True:\n            return {\n                "message": "Invalid data",\n                "data": None,\n                "error": is_validated\n            }, 400\n        book = Books().create(**book)\n        if not book:\n            return {\n                "message": "The book has been created by user",\n                "data": None,\n                "error": "Conflict"\n            }, 400\n        return jsonify({\n            "message": "successfully created a new book",\n            "data": book\n        }), 201\n    except Exception as e:\n        return jsonify({\n            "message": "failed to create a new book",\n            "error": str(e),\n            "data": None\n        }), 500\n\n@app.route("/books/", methods=["GET"])\n@token_required\ndef get_books(current_user):\n    try:\n        books = Books().get_by_user_id(current_user["_id"])\n        return jsonify({\n            "message": "successfully retrieved all books",\n            "data": books\n        })\n    except Exception as e:\n        return jsonify({\n            "message": "failed to retrieve all books",\n            "error": str(e),\n            "data": None\n        }), 500\n\n@app.route("/books/<book_id>", methods=["GET"])\n@token_required\ndef get_book(current_user, book_id):\n    try:\n        book = Books().get_by_id(book_id)\n        if not book:\n            return {\n                "message": "Book not found",\n                "data": None,\n                "error": "Not Found"\n            }, 404\n        return jsonify({\n            "message": "successfully retrieved a book",\n            "data": book\n        })\n    except Exception as e:\n        return jsonify({\n            "message": "Something went wrong",\n            "error": str(e),\n            "data": None\n        }), 500\n\n@app.route("/books/<book_id>", methods=["PUT"])\n@token_required\ndef update_book(current_user, book_id):\n    try:\n        book = Books().get_by_id(book_id)\n        if not book or book["user_id"] != current_user["_id"]:\n            return {\n                "message": "Book not found for user",\n                "data": None,\n                "error": "Not found"\n            }, 404\n        book = request.form\n        if book.get('cover_image'):\n            book["image_url"] = request.host_url+"static/books/"+save_pic(request.files["cover_image"])\n        book = Books().update(book_id, **book)\n        return jsonify({\n            "message": "successfully updated a book",\n            "data": book\n        }), 201\n    except Exception as e:\n        return jsonify({\n            "message": "failed to update a book",\n            "error": str(e),\n            "data": None\n        }), 400\n\n@app.route("/books/<book_id>", methods=["DELETE"])\n@token_required\ndef delete_book(current_user, book_id):\n    try:\n        book = Books().get_by_id(book_id)\n        if not book or book["user_id"] != current_user["_id"]:\n            return {\n                "message": "Book not found for user",\n                "data": None,\n                "error": "Not found"\n            }, 404\n        Books().delete(book_id)\n        return jsonify({\n            "message": "successfully deleted a book",\n            "data": None\n        }), 204\n    except Exception as e:\n        return jsonify({\n            "message": "failed to delete a book",\n            "error": str(e),\n            "data": None\n        }), 400\n\n@app.errorhandler(403)\ndef forbidden(e):\n    return jsonify({\n        "message": "Forbidden",\n        "error": str(e),\n        "data": None\n    }), 403\n\n@app.errorhandler(404)\ndef forbidden(e):\n    return jsonify({\n        "message": "Endpoint Not Found",\n        "error": str(e),\n        "data": None\n    }), 404\n\n\nif __name__ == "__main__":\n    app.run(debug=True)
\n

Before running the application, let's look at the save_pic function inside the save_image.py file. This is the function responsible for saving uploaded pictures.

\n
from PIL import Image\nimport secrets, os\nfrom flask import current_app as app\n\ndef save_pic(picture):\n    file_name = secrets.token_hex(8) +os.path.splitext(picture.filename)[1]\n    if not os.path.isdir(os.path.join(app.root_path, 'static')):\n        os.mkdir(os.path.join(app.root_path,"static"))\n        os.mkdir(os.path.join(app.root_path,"static/images"))\n        os.mkdir(os.path.join(app.root_path,"static/images/books"))\n    if not os.path.isdir(os.path.join(app.root_path, 'static/images')):\n        os.mkdir(os.path.join(app.root_path,"static/images"))\n        os.mkdir(os.path.join(app.root_path,"static/images/books"))\n    if not os.path.isdir(os.path.join(app.root_path, 'static/images/books')):\n        os.mkdir(os.path.join(app.root_path,"static/images/books"))\n    file_path = os.path.join(app.root_path, "static/images/books", file_name)\n    picture = Image.open(picture)\n    picture.thumbnail((150, 150))\n    picture.save(file_path)\n    return file_name
\n

You should also add the following functions as helper methods of the User model class.

\n
def disable_account(self, user_id):\n    user = db.users.update_one(\n        {"_id": bson.ObjectId(user_id)},\n        {"$set": {"active": False}}\n    )\n    user = self.get_by_id(user_id)\n    return user\n\ndef encrypt_password(self, password):\n    return generate_password_hash(password)\n\ndef login(self, email, password):\n    """Login a user"""\n    user = self.get_by_email(email)\n    if not user or not check_password_hash(user["password"], password):\n        return\n    user.pop("password")\n    return user
\n

Your models.py file should look as follows:

\n
"""Application Models"""\nimport bson, os\nfrom dotenv import load_dotenv\nfrom pymongo import MongoClient\nfrom werkzeug.security import generate_password_hash, check_password_hash\n\nload_dotenv()\n\nDATABASE_URL=os.environ.get('DATABASE_URL') or 'mongodb://localhost:27017/myDatabase'\nprint(DATABASE_URL)\nclient = MongoClient(DATABASE_URL)\ndb = client.myDatabase\n\nclass Books:\n    """Books Model"""\n    def __init__(self):\n        return\n\n    def create(self, title="", description="", image_url="", category="", user_id=""):\n        """Create a new book"""\n        book = self.get_by_user_id_and_title(user_id, title)\n        if book:\n            return\n        new_book = db.books.insert_one(\n            {\n                "title": title,\n                "description": description,\n                "image_url": image_url,\n                "category": category,\n                "user_id": user_id\n            }\n        )\n        return self.get_by_id(new_book.inserted_id)\n\n    def get_all(self):\n        """Get all books"""\n        books = db.books.find()\n        return [{**book, "_id": str(book["_id"])} for book in books]\n\n    def get_by_id(self, book_id):\n        """Get a book by id"""\n        book = db.books.find_one({"_id": bson.ObjectId(book_id)})\n        if not book:\n            return\n        book["_id"] = str(book["_id"])\n        return book\n\n    def get_by_user_id(self, user_id):\n        """Get all books created by a user"""\n        books = db.books.find({"user_id": user_id})\n        return [{**book, "_id": str(book["_id"])} for book in books]\n\n    def get_by_category(self, category):\n        """Get all books by category"""\n        books = db.books.find({"category": category})\n        return [book for book in books]\n\n    def get_by_user_id_and_category(self, user_id, category):\n        """Get all books by category for a particular user"""\n        books = db.books.find({"user_id": user_id, "category": category})\n        return [{**book, "_id": str(book["_id"])} for book in books]\n\n    def get_by_user_id_and_title(self, user_id, title):\n        """Get a book given its title and author"""\n        book = db.books.find_one({"user_id": user_id, "title": title})\n        if not book:\n            return\n        book["_id"] = str(book["_id"])\n        return book\n\n    def update(self, book_id, title="", description="", image_url="", category="", user_id=""):\n        """Update a book"""\n        data={}\n        if title: data["title"]=title\n        if description: data["description"]=description\n        if image_url: data["image_url"]=image_url\n        if category: data["category"]=category\n\n        book = db.books.update_one(\n            {"_id": bson.ObjectId(book_id)},\n            {\n                "$set": data\n            }\n        )\n        book = self.get_by_id(book_id)\n        return book\n\n    def delete(self, book_id):\n        """Delete a book"""\n        book = db.books.delete_one({"_id": bson.ObjectId(book_id)})\n        return book\n\n    def delete_by_user_id(self, user_id):\n        """Delete all books created by a user"""\n        book = db.books.delete_many({"user_id": bson.ObjectId(user_id)})\n        return book\n\n\nclass User:\n    """User Model"""\n    def __init__(self):\n        return\n\n    def create(self, name="", email="", password=""):\n        """Create a new user"""\n        user = self.get_by_email(email)\n        if user:\n            return\n        new_user = db.users.insert_one(\n            {\n                "name": name,\n                "email": email,\n                "password": self.encrypt_password(password),\n                "active": True\n            }\n        )\n        return self.get_by_id(new_user.inserted_id)\n\n    def get_all(self):\n        """Get all users"""\n        users = db.users.find({"active": True})\n        return [{**user, "_id": str(user["_id"])} for user in users]\n\n    def get_by_id(self, user_id):\n        """Get a user by id"""\n        user = db.users.find_one({"_id": bson.ObjectId(user_id), "active": True})\n        if not user:\n            return\n        user["_id"] = str(user["_id"])\n        user.pop("password")\n        return user\n\n    def get_by_email(self, email):\n        """Get a user by email"""\n        user = db.users.find_one({"email": email, "active": True})\n        if not user:\n            return\n        user["_id"] = str(user["_id"])\n        return user\n\n    def update(self, user_id, name=""):\n        """Update a user"""\n        data = {}\n        if name:\n            data["name"] = name\n        user = db.users.update_one(\n            {"_id": bson.ObjectId(user_id)},\n            {\n                "$set": data\n            }\n        )\n        user = self.get_by_id(user_id)\n        return user\n\n    def delete(self, user_id):\n        """Delete a user"""\n        Books().delete_by_user_id(user_id)\n        user = db.users.delete_one({"_id": bson.ObjectId(user_id)})\n        user = self.get_by_id(user_id)\n        return user\n\n    def disable_account(self, user_id):\n        """Disable a user account"""\n        user = db.users.update_one(\n            {"_id": bson.ObjectId(user_id)},\n            {"$set": {"active": False}}\n        )\n        user = self.get_by_id(user_id)\n        return user\n\n    def encrypt_password(self, password):\n        """Encrypt password"""\n        return generate_password_hash(password)\n\n    def login(self, email, password):\n        """Login a user"""\n        user = self.get_by_email(email)\n        if not user or not check_password_hash(user["password"], password):\n            return\n        user.pop("password")\n        return user
\n

Here's an example of the user request:

\n
{\n     "name" : "abc xyz",\n     "email" : "xyz@gmail.com",\n     "password" : "Abc@123"\n}
\n

Here, the name should have two words, and the password should have at least an uppercase later, a lower case letter, a digit, and a special character.

\n

And an example of the book request:

\n
{\n    "title":"name of book",\n    "cover_image": "path to image file locally",\n    "category": "['romance', 'peotry', 'politics', 'picture book', 'science', 'fantasy', 'horror', 'thriller'],\n    "description":"description",\n    "user_id":"user_id"\n}
\n

While passing a book request, pass it via the form-data tab in Postman.

\n

Conclusion

\n

This article has explained flask JWT authentication .

\n

In some cases, handling flask authentication yourself may not be good enough or efficient -- to overcome this, you can simply use third-party authentication providers like LoginRadius. You can check out this tutorial to learn how to add LoginRadius to your Flask application.

\n

You can find the complete code for this article on Github. You can reach out to me on Twitter if you've any questions.

\n","frontmatter":{"date":"December 09, 2021","updated_date":null,"description":"This tutorial helps you build a simple Flask API and demonstrates how to secure it using JWT. In the end, you can test your API authentication using a sample schema.","title":"Using JWT Flask JWT Authentication- A Quick Guide","tags":["Flask","JWT","API"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/1cfc51c7d9ade423f3b1992809ba5b1b/58556/coverImage.webp","srcSet":"/static/1cfc51c7d9ade423f3b1992809ba5b1b/61e93/coverImage.webp 200w,\n/static/1cfc51c7d9ade423f3b1992809ba5b1b/1f5c5/coverImage.webp 400w,\n/static/1cfc51c7d9ade423f3b1992809ba5b1b/58556/coverImage.webp 800w,\n/static/1cfc51c7d9ade423f3b1992809ba5b1b/99238/coverImage.webp 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Babatunde Koiki","github":"Babatunde13","avatar":null}}}},{"node":{"excerpt":"Introduction You must have seen advertisements where a new product bought by a customer causes a stir in the entire neighbourhood. And…","fields":{"slug":"/growth/how-to-protect-consumer-social-identity/"},"html":"

Introduction

\n

You must have seen advertisements where a new product bought by a customer causes a stir in the entire neighbourhood. And suddenly, the product becomes the talk of the town and encourages other people to do the same.

\n

Take another example of an advertisement where a certain product, let's say an automatic washing machine, positions its owner as a woman who is smart, savvy and an environment enthusiast.

\n

All these marketing techniques are very common, and you can find them everywhere, promoting different products and brands. But the one thing that remains the same is the psychology behind this, i.e. social identity.

\n

Every consumer in the market has a social identity that affects their preferences and responses to a certain product. Social identity is influenced greatly by the community to which a person belongs.

\n

Therefore, to market and sell their products to people, organisations must have a proper understanding of the concept of consumer social identity. Organisations may receive favourable responses from their existing and potential consumers by tapping into the right social identity of a group.

\n

This theory holds an important place in the marketing world as it explains consumer behaviour and how organisations can use it. Below, we have mentioned factors that make this concept crucial for business organisations.

\n

Why Does Social Identity Matter

\n

A consumer's identity can affect a business in many ways. Proper identification, the community they belong to, and the context can be the difference between a successful and an unsuccessful marketing campaign.

\n\n

Also Read: Walking the Fine Line Between Consumer Experience and Privacy

\n\n

How Can You Protect a Consumer’s Social Identity

\n

Companies can gain insight into a person's social identity using various tools. This may include keeping information about a consumer's locality, age, social media, occupation, etc. This information collected by the organisations is sensitive and should be confidential.

\n

Consumers are very concerned about their information, where it goes and how it is used. They are willing to give the information to make the experience smoother and more customized, but in return, they want security and anonymity of their data.

\n

Implementing a robust CIAM solution can protect consumer data. These solutions provide authentication features like multi-factor and risk-based authentication to ensure that the consumer identities are always protected. The CIAM also allows customers to use their social identity to access applications.

\n

CIAM enables personalisation and privacy by providing self-care controls that enforce consent and privacy at various stages of operations. It is beneficial for both businesses and customers.

\n

Conclusion

\n

Businesses can benefit from greater customer engagement and loyalty by providing customers with a platform that keeps their shared information safe. Customers, on the other hand, get the assurance of a secure and confidential experience.

\n

Today, data is king. Sensitive information about the social identity of consumers is used by organisations for many reasons, but it's also organisations' responsibility to maintain privacy. This can only be achieved by investing in the best CIAM.

\n

\"book-a-demo-Consultation\"

\n","frontmatter":{"date":"December 07, 2021","updated_date":null,"description":"Consumer is king. Organisations have realized this in modern times. Due to globalization, competition has increased, and customers have many choices. Therefore, the best way to get a customer's attention is by providing a product that suits the consumer's social identity.","title":"Why Consumers’ Social Identities Matter & How You Can Protect It?","tags":null,"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":2.0408163265306123,"src":"/static/d6372dc67eb5b1529e8db22a645a7b1b/58556/social-id.webp","srcSet":"/static/d6372dc67eb5b1529e8db22a645a7b1b/61e93/social-id.webp 200w,\n/static/d6372dc67eb5b1529e8db22a645a7b1b/1f5c5/social-id.webp 400w,\n/static/d6372dc67eb5b1529e8db22a645a7b1b/58556/social-id.webp 800w,\n/static/d6372dc67eb5b1529e8db22a645a7b1b/cc834/social-id.webp 1024w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Navanita Devi","github":null,"avatar":null}}}},{"node":{"excerpt":"Introduction Cloud computing has offered endless opportunities to diverse businesses in the modern, digitally advanced business landscape…","fields":{"slug":"/identity/loginradius-private-cloud-ciam-benefits/"},"html":"

Introduction

\n

Cloud computing has offered endless opportunities to diverse businesses in the modern, digitally advanced business landscape.

\n

Whether we talk about efficiency, agility, or security, enterprises are swiftly inching towards leveraging cloud services that thrive business success.

\n

Like every other industry, the CIAM (consumer identity and access management) offers enterprises and clients new horizons through rich experiences and world-class security.

\n

However, many businesses relying on conventional consumer IAMs aren’t aware that they’re not just putting their consumer information at risk but are also missing endless business opportunities by not considering a cutting-edge cloud-based CIAM solution.

\n

This post will talk about LoginRadius’ CIAM solution offering a private cloud that helps businesses take total control over every aspect of their business in the consumer identity and access management landscape.

\n

What is LoginRadius’ Private Cloud Architecture

\n

LoginRadius’ single-tenant private cloud runs on a dedicated infrastructure. This means that the hardware, storage, and network are dedicated to a single client, and there are no neighbors to share hosted resources with. They may reside in a dedicated offsite data center or managed private cloud provider.

\n

In a single-tenancy architecture, each tenant gets their database. This way, data from each tenant remains separated from the other. Furthermore, the architecture is built to allow only one software instance per SaaS server.

\n

Also Read: Understanding the Difference Between Single-Tenant and Multi-Tenant Cloud

\n

Benefits of LoginRadius' Single-Tenant Private Cloud CIAM

\n

Since enterprises are rapidly adopting cloud computing capabilities, most prefer single tenancy over multi-tenancy for diverse reasons. Here are some reasons why LoginRadius’ single-tenant private cloud could be the ultimate solution for enterprises seeking agility, security, and efficiency in the CIAM landscape.

\n\n

Final Thoughts

\n

Enterprises that aren’t leveraging cutting-edge technology to handle consumer identities must immediately put their best foot forward in adopting cloud-based identity and access management solutions.

\n

LoginRadius’ private cloud helps enterprises deliver a flawless user experience backed with robust security that thrives business success. If you wish to see the future of cloud CIAM in action, reach us for a personalized demo today.

\n

\"book-a-demo-loginradius\"

\n","frontmatter":{"date":"December 07, 2021","updated_date":null,"description":"Businesses relying on conventional consumer IAMs aren’t aware that they’re not just putting their consumer information at risk but are also missing endless business opportunities. This blog explains how LoginRadius’ CIAM solution offers a private cloud that helps businesses take total control over every aspect of their business.","title":"Take Control of Your CIAM Environment with LoginRadius' Private Cloud","tags":["cloud computing","ciam solutions","cx"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.7857142857142858,"src":"/static/f759bb4df3a168777aed79b55a9f7d67/58556/lr-private-cloud.webp","srcSet":"/static/f759bb4df3a168777aed79b55a9f7d67/61e93/lr-private-cloud.webp 200w,\n/static/f759bb4df3a168777aed79b55a9f7d67/1f5c5/lr-private-cloud.webp 400w,\n/static/f759bb4df3a168777aed79b55a9f7d67/58556/lr-private-cloud.webp 800w,\n/static/f759bb4df3a168777aed79b55a9f7d67/cc834/lr-private-cloud.webp 1024w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Manish Tiwari","github":null,"avatar":null}}}},{"node":{"excerpt":"Introduction In any business, it is crucial to keep trade secrets confidential. Companies implement laws for data preservation while…","fields":{"slug":"/growth/prevent-identity-disclosure-spiderman/"},"html":"

Introduction

\n

In any business, it is crucial to keep trade secrets confidential. Companies implement laws for data preservation while handling sensitive information. Along with these laws, employees need to be reassured that the information is retained in an appropriate space. Disclosure of the consumer's identity can be due to any breach of privacy. Such a breach can lead to loss of business, market reputation, and clients. Also, such acts destroy the employees' trust and impact their loyalty towards the company. To avoid such huge losses, you must apply strict data protection rules while dealing with private information.

\n

You can easily relate the loss in this situation with the story of Spiderman. Identity disclosure of Spiderman was a turning point in the story. Before this event, everything was smooth sailing in Spiderman's life; however, things went downhill when his true identity was revealed.

\n

What Happened After the Identity Disclosure of Spiderman

\n

Peter supported the Superhuman Registration Act and worked as a superhero. He unmasked himself in public to reveal his identity and his association with Stark. Initially, revealing the identity brought an abundance of popularity and praise for Spiderman; however, it did not turn out as expected.

\n

With time, Peter understood that he had made a big mistake. After his big identity reveal, Peter Parker faced a bundle of troubles in his personal life. His Aunt May and Mary Jane were at risk all the time. Also, this event destroyed his relationship with Mary Jane and cancelled their marriage. Due to all these controversies, Peter Parker's initial glory went for a toss, and he ended up in a constant state of dread.

\n

What are the Consequences of Identity Disclosure in Business

\n

Just as Spiderman struggles in Spider-Man: No Way Home, for any business too, identity disclosure can be destructive as it can lead to multiple losses. The major consequences of disclosure of identity for an enterprise are:

\n

1. Trust of clients

\n

Once you disclose the identity of a consumer, it will lead to other existing clients losing faith in your company. If clients do not believe in your services, they will not recommend you to others. Thus, the chances of the growth of your business will reduce drastically, which in turn can lead to bankruptcy in extreme conditions.

\n

2. Business reputation

\n

The identity disclosure of a consumer will damage a business' market reputation. Maintaining relationships with clients keeps your business booming, however, one incident of identity theft can hinder your cash flow. Such an incident will also impact employees' payment cycles and influence your reputation before them, affecting their loyalty towards the company.

\n

3. Personal liability

\n

When dealing with personal information in business, it is crucial to be extra careful to prevent identity disclosure. Any criminal breach of your business information will harm your personal liability and can disturb your survival in the market.

\n

4. Late payments

\n

In a business theft, if you lose a significant amount of income, it will cause a delay in the salaries of the employees and other staff members. There might be certain situations where you might need to cut your operating expenses and reduce your budget. In some cases, the thieves can also impact your business credit score. Thus, it will draw your credit reports into negative scores. Such an event can drastically shake the trust of people for your company.

\n

\"EB-GD-to-Mod-Cust-ID\"

\n

How to Recover from Identity Disclosure in Business

\n

If you have been a victim of identity disclosure, you will end up in danger of compromised information. However, there are a few points that will help you in recovering from identity misuses.

\n\n

Tips to Prevent Identity Disclosure in Business

\n

\"1\"

\n

Protecting the identities of users is critical for any business. Mentioned below are a few methods to prevent identity disclosure as a business:

\n\n

LoginRadius provides you with the perfect tools to secure your identity. Being the world's first no-code identity platform, it ensures seamless data security to its customers. The platform supports global regulatory compliance to deliver frictionless customer experience. A few of the common ones are:

\n\n

Conclusion

\n

Your consumer data privacy and security plan should keep up with technological advancements and the rise of cyber-attacks. To future-proof your consumer data protection plan, consider investing in accordance with the most recent regulations. Contact us for more information on how we have been securing billions of identities globally.

\n

\"book-free-demo-loginradius\"

\n","frontmatter":{"date":"December 02, 2021","updated_date":null,"description":"What's most challenging about identity disclosure is that it is not only hard to avoid but also very difficult to repair once it has been disclosed. So, don't wait for a Mysterio to mess up your consumers’ identities! Security is just a click away with LoginRadius.","title":"Not Sure About Spiderman, But You Can Prevent Identity Disclosure","tags":["data security","adaptive authentication","cx"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.7391304347826086,"src":"/static/00cd0c19e343658fe2d9e6676e972fb3/58556/spiderman.webp","srcSet":"/static/00cd0c19e343658fe2d9e6676e972fb3/61e93/spiderman.webp 200w,\n/static/00cd0c19e343658fe2d9e6676e972fb3/1f5c5/spiderman.webp 400w,\n/static/00cd0c19e343658fe2d9e6676e972fb3/58556/spiderman.webp 800w,\n/static/00cd0c19e343658fe2d9e6676e972fb3/cc834/spiderman.webp 1024w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.webp"}}}},{"node":{"excerpt":"Single-tenant and multi-tenant cloud architectures represent two core approaches to managing SaaS environments, each with unique benefits…","fields":{"slug":"/engineering/saas-single-tenancy-vs-multi-tenancy/"},"html":"

Single-tenant and multi-tenant cloud architectures represent two core approaches to managing SaaS environments, each with unique benefits depending on how resources and infrastructure are utilized. In a single-tenant cloud, each customer has their own dedicated environment, offering greater control, data security, and customization. Meanwhile, multi-tenant cloud architecture allows multiple customers to share the same infrastructure, driving down costs and enabling faster, more frequent updates.\nHence, choosing the right cloud architecture is crucial for your business.

\n

This article comprehensively compares SaaS-based multi-tenant and single-tenant cloud architectures along with their benefits and drawbacks. The comprehension also points out which one to choose based on the organization’s requirements and scenario.

\n

Single-Tenant Cloud Architecture

\n

A single-tenant architecture dedicates a single instance of the software, infrastructure, or database to a single customer. The single-tenant system encapsulates all customer data and interactions distinctly from other customers. Moreover, customer information is not shared in any way.

\n

In a single-tenant architecture, the provider helps manage the software instance and dedicated infrastructure while giving a single-tenant nearly complete flexibility over software and infrastructure modification. Single-tenancy models provide control, reliability, security, and backup capability. In addition, each tenant has its independent database and software instance, keeping them separate from one another. Each tenant's data also has a remote backup, allowing tenants to restore their data in case of data loss quickly. In most cases, tenants can choose when they want to install any available updates themselves rather than waiting for the service provider to do so.

\n

Ultimately, potential customers who desire more control and flexibility to meet specific needs in their environment would likely prefer a single-tenant infrastructure over other solutions.

\n

Benefits of Single-Tenancy

\n

Although single-tenancy architecture is uncommon, it caters to easy auditing and maintenance. Here is the list of some other benefits a single-tenant cloud provides:

\n\n

Drawbacks of Single-Tenancy

\n

Despite all of the potential benefits of single-tenancy, it is still the least popular architecture among competing options, which you could attribute to some of its drawbacks. The following are some of the disadvantages of single-tenancy:

\n\n

Single-Tenant or Multi-Tenant SaaS: Which is Better for Your Business

\n

Multi-Tenant Cloud Architecture

\n

Multi-tenancy is another cloud architecture wherein a single instance of a software program serves numerous customers. People usually refer to the real estate analogy to explain Single-tenant vs. Multi-tenant cloud architecture.

\n

Every user in a single-tenant cloud lives alone in a single building with its security system and amenities, entirely secluded from neighboring buildings. Tenants in multi-tenant cloud architecture, on the other hand, live in various apartments within a single apartment complex. They are both protected by the same security system and have access to the same communal facilities. However, each resident has a key to their apartment, ensuring that their privacy is protected. The actions of other tenants, however, are more likely to affect their comfort in the property.

\n

Most startups choose a multi-tenant architecture having a single massive database containing all customer information. Customer data is kept confidential with the necessary security systems in place. While customers cannot view each other's data, they are all stored in the same database, and all of the data gets processed by the same computer.

\n

Benefits of Multi-Tenancy

\n\n

In contrast, the single-tenancy customer does not benefit from such scenarios.

\n

Drawbacks of Multi-Tenancy

\n

While multi-tenant cloud architecture is usually the best option for most SaaS customers, it can have some drawbacks, including:

\n\n

When to Use One Over the Other

\n

A single-tenant setup of SaaS may be appropriate for certain companies or sectors where customer data privacy and security are paramount. The healthcare and finance industries are excellent examples, leveraging single-tenant cloud systems.

\n

For example, when working with patient information, applications in the healthcare industry must comply with HIPAA regulations. To maintain compliance, each hospital may need to establish its own data center on-site. The same is true for certain forms of financial information.

\n

Most consumer-facing applications and start-ups that require comparatively less customizability tend to use a multi-tenant setup of SaaS. Also, multi-tenancy is preferred by organizations that want to opt for a cost-effective solution.

\n

To learn more about Single-Tenant vs Multi-Tenant Cloud, check out the infographic by LoginRadius.

\n

Conclusion

\n

There are a lot of other factors an organization must keep in mind while deciding which SaaS architecture to choose. Some business factors are the purpose of cloud adoption, type of application, budget, scalability, customization, migration, visibility, backup, and recovery. Finally, organizations must brainstorm what they want to achieve and how their company operates to arrive at the best, ideal solution.

\n

FAQs

\n

1. What is the difference between single tenant vs multi tenant?

\n

In single tenant architecture, a dedicated cloud infrastructure serves one client, while in a multi tenant cloud, multiple businesses share the same infrastructure, which optimizes resources.

\n

2. Is AWS a single tenant?

\n

AWS offers primarily multi tenant cloud environments, but single tenant architecture can be achieved through dedicated hosting options like Amazon EC2 Dedicated Instances.

\n

3. What is a multi tenant cloud system?

\n

A multi tenant cloud system allows multiple businesses to share the same infrastructure, with resources and applications managed centrally for efficiency.

\n

4. What are some examples of single tenant and multi tenant systems?

\n

Private clouds or custom SaaS deployments are examples of single tenant architecture, while platforms like Salesforce represent multi tenant cloud systems.

\n

5. Which SaaS architecture is more secure: single tenant or multi tenant?

\n

Single tenant architectures generally offer more security due to isolated data environments, while multi-tenant systems have more shared risks but are often well-protected by cloud providers.

\n

6. What is tenancy in cloud computing?

\n

Tenancy in cloud computing refers to how computing resources are shared—whether through single tenant or multi tenant systems that isolate or combine client resources.

\n

7. What is a tenant in cloud computing?

\n

A tenant in cloud computing is an entity, such as a business, that uses a specific cloud infrastructure, either in a single tenant or multi tenant setup.

\n

LoginRadius provides both single-tenant and multi-tenant SaaS architecture for our CIAM solution.

\n","frontmatter":{"date":"December 01, 2021","updated_date":null,"description":"When choosing a SaaS architecture for your business, the decision between single-tenant and multi-tenant models can significantly impact performance, security, and cost. This blog explores the key differences, advantages, and potential drawbacks of each approach, helping you determine which solution best aligns with your business needs.","title":"Single-Tenant vs. Multi-Tenant: Which SaaS Architecture is better for Your Business? ","tags":["saas","Architecture"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/56b63a15905e7c7aae59c6304095ee86/58556/coverImage.webp","srcSet":"/static/56b63a15905e7c7aae59c6304095ee86/61e93/coverImage.webp 200w,\n/static/56b63a15905e7c7aae59c6304095ee86/1f5c5/coverImage.webp 400w,\n/static/56b63a15905e7c7aae59c6304095ee86/58556/coverImage.webp 800w,\n/static/56b63a15905e7c7aae59c6304095ee86/99238/coverImage.webp 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.webp"}}}}]},"markdownRemark":{"excerpt":"Identity is evolving, and developers are at the forefront of this transformation. Every day brings a new learning—adapting to new standards…","fields":{"slug":"/identity/developer-first-identity-provider-loginradius/"},"html":"

Identity is evolving, and developers are at the forefront of this transformation. Every day brings a new learning—adapting to new standards and refining approaches to building secure, seamless experiences.

\n

We’re here to support developers on that journey. We know how important simplicity, efficiency, and well-structured documentation are when working with identity and access management solutions. That’s why we’ve redesigned the LoginRadius website—to be faster, more intuitive, and developer-first in every way.

\n

The goal? Having them spend less time searching and more time building.

\n

What’s New and Improved on the LoginRadius Website?

\n

LoginRadius’ vision is to give developers a product that simplifies identity management so they can focus on building, deploying, and scaling their applications. To enhance this experience, we’ve spent the last few months redesigning our interface— making navigation more intuitive and reassuring that essential resources are easily accessible.

\n

Here’s a closer look at what’s new and why it’s important:

\n

A Developer-Friendly Dark Theme

\n

\"This

\n

Developers spend long hours working in dark-themed IDEs and terminals, so we’ve designed the LoginRadius experience to be developer-friendly and align with that preference.

\n

The new dark mode reduces eye strain, enhances readability, and provides a seamless transition between a coding environment and our platform. Our new design features a clean, modern aesthetic with a consistent color scheme and Barlow typography, ensuring better readability. High-quality graphics and icons are thoughtfully placed to enhance the content without adding visual clutter.

\n

So, whether you’re navigating our API docs or configuring authentication into your system, our improved interface will make those extended development hours more comfortable and efficient.

\n

Clear Categorization for LoginRadius Capabilities

\n

\"This

\n

We’ve restructured our website to provide a straightforward breakdown of our customer identity and access management platform capabilities, helping you quickly find what you need:

\n\n

This structured layout ensures you can quickly understand each capability and how it integrates into your identity ecosystem.

\n

Developer-First Navigation

\n

\"This

\n

We’ve been analyzing developer workflows to identify how you access key resources. That’s why we redesigned our navigation with one goal in mind: to reduce clicks and make essential resources readily available.

\n

The new LoginRadius structure puts APIs, SDKs, and integration guides right at the menu bar under the Developers dropdown so you can get started faster. Our Products, Solutions, and Customer Services are also clearly categorized, helping development teams quickly find the right tools and make informed decisions.

\n

Quick Understanding of Integration Benefits

\n

\"This

\n

Developers now have a clear view of the tech stack available with LoginRadius, designed to support diverse business needs.

\n

Our platform offers pre-built SDKs for Node.js, Python, Java, and more, making CIAM integration seamless across popular programming languages and frameworks.

\n

Over to You Now!

\n

Check out our revamped LoginRadius website and see how the improved experience makes it easier to build, scale, and secure your applications.

\n

Do not forget to explore the improved navigation and API documentation, and get started with our free trial today. We’re excited to see what you’ll build with LoginRadius!

\n","frontmatter":{"date":"February 21, 2025","updated_date":null,"description":"LoginRadius’ vision is to give developers a product that simplifies identity management so they can focus on building, deploying, and scaling their applications. To enhance this experience, we’ve redesigned our website interface, making navigation more intuitive and reassuring that essential resources are easily accessible.","title":"Revamped & Ready: Introducing the New Developer-First LoginRadius Website","tags":["Developer tools","API","Identity Management","User Authentication"],"pinned":true,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.7857142857142858,"src":"/static/80b4e4fbe176a10a327d273504607f32/58556/hero-section.webp","srcSet":"/static/80b4e4fbe176a10a327d273504607f32/61e93/hero-section.webp 200w,\n/static/80b4e4fbe176a10a327d273504607f32/1f5c5/hero-section.webp 400w,\n/static/80b4e4fbe176a10a327d273504607f32/58556/hero-section.webp 800w,\n/static/80b4e4fbe176a10a327d273504607f32/99238/hero-section.webp 1200w,\n/static/80b4e4fbe176a10a327d273504607f32/7c22d/hero-section.webp 1600w,\n/static/80b4e4fbe176a10a327d273504607f32/1258b/hero-section.webp 2732w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.webp"}}}},"pageContext":{"limit":6,"skip":348,"currentPage":59,"type":"///","numPages":164,"pinned":"ee8a4479-3471-53b1-bf62-d0d8dc3faaeb"}},"staticQueryHashes":["1171199041","1384082988","2100481360","23180105","528864852"]}