Skip to content

Instantly share code, notes, and snippets.

Created November 4, 2020 06:40
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?

Ask questions and see you at December, 7th, 8.PM. CET:

Also checkout recent episode:


Please keep the questions Jakarta EE-stic. Means: as short and as concise as only possible. Feel free to ask several, shorter questions. Upcoming events are also going to be announced at

Copy link

As creator of Jwtenizer do you recommend to you clients to implement in-house authentication and authorization workflows? Quarkus JPA Security and JWT Security makes it look like an easy job initially, but I fear things get tough when you realize you need:

  • self-registration
  • login
  • passwordless login
  • profile update
  • forgotten password workflow
  • multi-factor authentication
  • email verification
  • user management UI console

... Or do you recommend external providers such as Okta, Auth0, AWS Cogito?

There is also this up-and-coming German middleware ORY/Kratos, but they are very opinionated, do not recommend JWT tokens and do a lot fo server-side rendering to implement workflows.

What do your clients usually end up doing?

Have you had a look at It probably suites you better?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment