Authentication refers to the process of confirming identity. While often used interchangeably with authorization, authentication represents a fundamentally different function.
In authentication, a user or application proves they are who they say they are by providing valid credentials for verification. Authentication is often proved through a username and password, sometimes combined with other elements called factors, which fall into three categories: what you know, what you have, or what you are.
Single-Factor Authentication relies on a password. Example: a school website that only requires validating a password against a username.
Two-Factor Authentication relies on a piece of confidential information in addition to a username and password. Example: a banking website that validates a password against a username and then requires the user to enter a PIN known to only the user.
Multi-Factor Authentication (MFA) uses two or more security factors from independent categories. Example: a hospital system that requires a username and password, a security code received on the user's smartphone, and fingerprint.
|Login||About the various ways of implementing login authentication for your applications.|
|Single Sign-On||What Single Sign-On (SS0) is and how to implement it with Auth0.|
|Passwordless||How to allow users to log in without needing to remember a password. Users enter their mobile phone number or email address, and receive a one-time code or link, which they can use to log in.|
|Identity Providers||About the external social, enterprise, and legal Identity Providers supported by Auth0.|
|Database Connections||How to create your own user store, which allows you to authenticate users with an email address or username and a password. The credentials can be stored securely in either the Auth0 user store or your own database.|
|Protocols||About the set of open specifications and protocols that specify how to design an authentication and authorization system.|