exter

exter copied to clipboard

xter is an identity gateway that allows application to authenticate users using various identity sources.

Supported identity sources:

• [x] Facebook
• [x] GitHub
• [x] Google
• [x] Linkedin
• [ ] Twitter

Latest release v0.7.1.

You can deploy Exter on your own infrastructure, on-premises or cloud. Or leverage the pre-hosted Exter.

How Exter works

The authentication (login) flow is as the following:

When the user accesses the application website, the application calls Exter's API verifyLoginToken to check if the user's login-token is valid. Note: if the user curently does not have a login-token, API verifyLoginToken will return invalid login-token result.

• If the login-token is invalid, the application should redirect user to Exter's login page.
  • Then Exter authenticates user with an available identity source (*).
  • Upon successful authentication, Exter generates a login-token and passes it to the application via the callback url.
  • The application, then, should store the login-token for the user and, again, verify if the login-token is valid.
• If the login-token is valid, the application lets user access its content.

(*) Authentication will be done on the identity source site. User will not be asked to enter any credential information on Exter.

Read more

• Setup an Exter instance
• Integrate with Exter