> > If you do get to revisit Auth0, as you probably discovered it has the > ability to authenticate against multiple sources including existing > databases and AAD (see screenshot http://screencast-o-matic.com/ > screenshots/u/xj9/1498029629044-30138.png). It was one of the reasons we > switched to it, in addition to authenticating API calls. >
Despite what the boss says, I'm not letting my suggestion for Auth0 get rejected. It was really easy to get working with little code, and it works as advertised as a unified front-end to lots of other systems, including legacy databases like ours. The recent problem we had with Auth0 is that users of our product need 3 bits of information to authenticate: *username*, *password* and "*agency*" (which is a very high level grouping of customers). So the Auth0 traditional model doesn't fit for us. I'll continue pondering over it. *GK*