Your actual front-end application could be a fetch and a JQuery library. But you need probably want to choose a framework to handle user logins -- more work than it sounds like -- login, forget password, login with google, login with twitter/facebook, email setup... etc. etc. I was going to look into userfront for most of this work for my thing -- https://userfront.com/. Source: over 1 year ago

I researched and tried several hosted auth solutions. I ended up choosing https://userfront.com/ I think it has the best DX. - Source: Hacker News / almost 2 years ago

Would something like https://userfront.com/ fit you? Source: almost 3 years ago

In this article, I describe a simple approach we use at Userfront to make our tests easier to write and less prone to error. - Source: dev.to / almost 3 years ago

Adding authentication and access control to your React application doesn't have to be a hassle. Both the setup step and, more importantly, the maintenance over time, are handled with modern platforms like Userfront. - Source: dev.to / about 3 years ago

Warrant — Hosted enterprise-grade authorization and access control service for your apps. The free tier includes 1 million monthly API requests and 1,000 authz rules. - Source: dev.to / 4 months ago

The specific challenge with authz in the app layer is that different apps can have different access models with varying complexity, especially the more granular you get (e.g. Implementing fine grained access to specific objects/resources - like Google Docs). Personally, I think a rebac (relationship/graph based) approach works best for apps because permissions in applications are mostly relational and/or... - Source: Hacker News / 6 months ago

Let's use warrant.dev as an example. The system provides a set of REST APIs for you to define object types and access policies (called warrants). The general process is first to create object types using HTTP POST:. - Source: dev.to / 6 months ago

Https://warrant.dev/ (Provider) Relatively new authZ provider, they have a dashboard where you can manage your rules in a central location and then use them from multiple languages via their SDKs, even on the client to perform UI checks. Rules can also be managed programmatically via SDK. - Source: dev.to / 8 months ago

Hey HN, I recently shared my thoughts on why Google Zanzibar is a great solution for implementing authorization[1] and why we decided to build Warrant’s core authz service using key concepts from the Zanzibar paper. As I mentioned in the post, we recently open sourced the authz service powering our managed cloud service, Warrant Cloud[2], so I thought I’d share it with everyone here. Cheers! [1]... - Source: Hacker News / 12 months ago