What is OpenLogin

  • Torus product, from their website:

OpenLogin is a plug n play auth suite that combines the simplicity of passwordless authentication with the security of non-custodial public key infrastructure (PKI). It brings the ease of passwordless, SSO, biometric authentication to any native mobile or web applications and results in a cryptographic key pair specific to user and application.

What is interesting for us?

Super easy integration. Demo here:

https://openlogin-tezos.vercel.app/

They generate a key for us, it's a tz2 (secp256k1). So wouldn't work with beacon so well.

But, the key provided is specific to the OpenLogin Developer account, so we can't share across different sites and projects

There is another product, CustomAuth, which permits this:

different logins lead to the same key?
_You can choose to connect logins with the
same verifierID. For example if a user uses generic email logins and a gmail login to login on different occasions he/she can still retrieve the same key. This can only be done on logins which share a common unique identifier for a user. Read more about aggregating logins._

https://docs.tor.us/customauth/designing-your-key-management-architecture

Other observations

Their documentation is not good but the support in their telegram channel is stellar (answers in minutes, also on a Sunday).