The auth bundle contains all modules related to account and access management, user profiles, session management and OAuth (provider and client)
Role Based Access Control (RBAC) with object level permissions.
User/role management, registration, password recovery, email verification, session theft protection, strong cryptographic hashing of passwords, hash migration, session activity tracking and CSRF protection of REST API via JSON Web Tokens.
OAuth 2.0 Provider for REST API authentication via access tokens.
User identity management and support for login via ORCID, GitHub, Google or other OAuth providers.
User profiles for integration into registration forms.
The modules relies heavily on a suite of open source community projects: