Sure thing George. So I have experimented with a few credential systems, this includes building one of my own + Google Firebase authentication. But in the end auth0 is proven to be easiest to implement and provide a lot of Identity and Access Management (IAM) across all your webapp.
Basically you let auth0 manage the IAM security for you, they offer social login, Federated Identity, Single Sign On (SSO), Enterprise Federation, biometric for fingerprints and face sign in.
In my use case I want to use auth0 to manage a flow where if a customer sign up on my platform in this case auth0 is handling the sign up/sign in for my webapp. Here, the user signs up if they have on account, they are then redirected to the given dashboard base on the redirect route I set in auth0.
But what the user didn’t see is the machine to machine flow.
Because on that initial sign up I also used the auth0 API to create a stripe customer account using Stripe API and I then call the Stripe API to get the customer ID and save it back to my auth0 database as meta data.
This way, once I am using Stripe as my payment gateways and that user now wants to purchase a product from there dashboard they already have a customer ID and on check out get their info auto populate (email) with their Stripe info that is now in both auth0 and Stripe.
This is all done while using auth0 as a source of truth for my system + auth0 allow migration of user credentials from a database to the auth0 database this way person can use their same credentials from your old sign up systems to the new auth0 system without user having to reset password and do all things that comes with user migration.
Auth0 is basically your one stop shop and buy for a password system, Auth0 do it so you don’t have to worry about all the pain that comes with building your own which we all know be a real issue for clients and us developer if we don’t get it right.