Integration Guides

Welcome to the Integration Guides for the Agglestone Authentication and User Management Service! These guides provide step-by-step instructions, code examples, and best practices for integrating authentication and user management into your applications.

Getting Started

If you’re new to the Agglestone Authentication and User Management Service, start with the Quick Start Guide. It will help you get OAuth2 and OpenID Connect authentication working in your application in minutes using standard client libraries.

Available Guides

Quick Start Guide

Get up and running quickly with OAuth2 and OpenID Connect authentication. Learn how to use the OpenID Connect Discovery endpoint and integrate with standard client libraries like oidc-client-ts. Perfect for developers who want to add authentication to their application fast.

Login and Logout

Understand how the OAuth2 authorization code flow with PKCE works in practice. Learn how login and logout are handled automatically by client libraries, and how to implement them manually if needed. Covers the complete authentication flow from user login to token storage.

Password Management

Comprehensive guide to password management features, including:

• Forgot password functionality
• Password reset during login
• User-initiated password resets
• Password requirements and configuration
• Password attempt limits and lockout periods

Multi-Factor Authentication (MFA)

Learn how to enable and configure multi-factor authentication using time-based one-time passwords (TOTP). Discover how MFA setup works, how users verify their authenticator apps, and how to manage MFA settings per tenant. Includes code examples for programmatic MFA setup.

Users and Groups Management

Complete guide to managing users and groups through REST APIs. Learn how to:

• Create, read, update, and delete users
• Organize users into groups for access control
• Manage user settings and permissions
• Use groups in JWT tokens for authorization

Using API Keys

Understand when and how to use API keys for server-to-server authentication. Learn about:

• API key generation and management
• Key rotation strategies
• Security best practices
• When to use API keys vs JWT tokens

Validating JWTs in Your Backend

Step-by-step guides for validating Agglestone Authentication and User Management Service issued JWTs in your backend services. Includes implementation examples for:

• ASP.NET Core (C#)
• Node.js / Express
• Python (Flask, FastAPI)
• Java (Spring Boot)
• Go

Learn how to verify token signatures, check expiration, validate audiences, and extract user information and group memberships from JWTs.

Integration Paths

For Frontend Developers

1. Start with the Quick Start Guide to get basic authentication working
2. Review Login and Logout to understand the authentication flow
3. Learn about Password Management if you need password reset functionality
4. Explore MFA if you want to add multi-factor authentication

For Backend Developers

1. Read Validating JWTs in Your Backend to learn how to verify tokens
2. Review Users and Groups Management for user management APIs
3. Check Using API Keys for server-to-server authentication

For Full-Stack Developers

1. Follow the Quick Start Guide for the complete authentication flow
2. Review all guides to understand the full capabilities of the service
3. Use Validating JWTs in Your Backend to secure your APIs
4. Implement Users and Groups Management for user administration

Standards and Protocols

The Agglestone Authentication and User Management Service is built on industry standards:

• OAuth2 (RFC 6749) – Authorization framework
• OpenID Connect – Identity layer on top of OAuth2
• PKCE (RFC 7636) – Enhanced security for public clients
• JWTs (RFC 7519) – Secure, verifiable tokens
• TOTP (RFC 6238) – Time-based one-time passwords for MFA

All guides use standard libraries and follow best practices, ensuring your integration is secure and maintainable.

Need Help?

• API Documentation: Visit the Swagger UI for interactive API documentation
• Portal: Manage your tenant settings at https://portal.agglestone.com
• Overview: Check out the Service Overview for a high-level introduction

—

Ready to get started? Begin with the Quick Start Guide and have authentication working in minutes!