Just looking for advice on how to possibly implement authentication for a website/application. We’re using a typical Spring boot & Angular stack. Our current authentication system uses both an internal authentication system (typical user accounts in a database, spring security) and an external authentication implemention with Azure Active Directory & OAuth.

I’m not a fan of how the OAuth is piggy backed onto the system at the moment, where essentially a user hits a single OAuth2 protected endpoint and a token exchange for our internal tokens is done. What is the best way to implement both a custom authentication implementation and an OAuth2/AAD authentication implementation together?

Any references to existing architectures/projects is helpful!


Anonymous Asked question May 14, 2021