A

AdminTool

Admintool (Admin Tool hoặc AdminTool) là thuật ngữ viết tắt của "administration tool". Trong JFW, Admin Tool là công cụ quản trị được xây dựng trên JFW.

Administrator

Administrator (viết tắt: Admin) có nghĩa là quản trị viên, người chịu trách nhiệm quản lý và giám sát một hệ thống, tổ chức hoặc nền tảng cụ thể.

API

API (Application Programming Interface) is a set of rules and protocols allowing different software applications to communicate. APIs enable data exchange, service requests, and automation between systems without requiring direct access to their internal code

API

🔹 How API Works?

1️⃣ A client (requester) sends a request to an API (e.g., a mobile app requests weather data). 2️⃣ The API processes the request and interacts with the backend system. 3️⃣ The API returns a response with the requested data or action (e.g., weather details in JSON format).

📌 Example of API Request & Response (JSON format)

🔹 Request: A mobile app asks for weather data

httpCopyEditGET /weather?city=NewYork HTTP/1.1
Host: api.weather.com

🔹 Response: The API returns weather details

jsonCopyEdit{
    "city": "New York",
    "temperature": "18°C",
    "condition": "Cloudy"
}

🔹 Types of APIs

1️⃣ Web APIs (Most Common)

✔ Used for communication between web-based services over the internet. ✔ Examples: REST API, SOAP API, GraphQL API.

2️⃣ Library/API Frameworks

✔ APIs within programming libraries (e.g., Pandas API for Python, Java APIs).

3️⃣ Operating System APIs

✔ APIs that allow software to interact with the OS (e.g., Windows API, POSIX API).

4️⃣ Hardware APIs

✔ Allows software to control hardware devices (e.g., Bluetooth API, Camera API).

🔹 Common API Protocols

Protocol

Description

Example

REST API

Uses HTTP methods (GET, POST, PUT, DELETE). Lightweight & widely used.

Twitter API, Google Maps API

SOAP API

Uses XML for data exchange. More secure but complex.

Banking APIs, Payment APIs

GraphQL API

Allows clients to request only needed data. More flexible.

Facebook API, Shopify API

WebSocket API

Enables real-time, two-way communication.

Chat applications, live stock market feeds

🔹 Real-World Examples of APIs

✔ Google Maps API – Used by ride-sharing apps (Uber, Lyft) to get location data. ✔ PayPal API / Stripe API – Used for online payments in e-commerce websites. ✔ Twitter API – Allows developers to pull tweets, post updates, and analyze trends.

🔹 API vs. Web Service

Feature

API

Web Service

Definition

Interface for communication

API designed for web-based communication

Protocols

Can use REST, SOAP, GraphQL, etc.

Mostly uses HTTP/HTTPS

Usage

Broad usage (software, OS, hardware)

Specifically for web applications

🔹 Why Are APIs Important?

✅ Automation – Enables applications to interact without manual input. ✅ Scalability – Allows services to expand by integrating external tools. ✅ Security – Controls access to system functionality using authentication (OAuth, API Keys). ✅ Innovation – Encourages third-party developers to build on top of existing platforms.

API Protocol

An API Protocol is a set of rules and standards that define how APIs send and receive data between systems. It ensures that different applications can communicate smoothly, securely, and efficiently over networks (like the internet).

For example, protocol.jframework.io is an API protocol in JFW. Of course, "[protocol]" must be replaced for SSL and secuirty like https://ajdkhf2323khlasd.jframework.io.

Auth0

Auth0 is an Identity and Access Management (IAM) platform that provides application authentication and authorization services. It helps developers secure user logins, manage user identities, and enforce access control without building authentication from scratch.

🔹 Owned by Okta (since 2021) 🔹 Common Uses: Single Sign-On (SSO), Multi-Factor Authentication (MFA), Role-Based Access Control (RBAC), API security 🔹 Supports: Web apps, mobile apps, APIs, IoT

Auth0

🔹 Key Features of Auth0

Feature

Description

Authentication

Secure login using passwords, social logins (Google, Facebook), or enterprise logins (LDAP, SAML)

Authorization (RBAC)

Assign user roles & permissions (Admin, User, Manager, etc.)

Single Sign-On (SSO)

Users log in once and access multiple applications

Multi-Factor Authentication (MFA)

Adds extra security with OTP, biometrics, or hardware tokens

API Security

Protects APIs using OAuth 2.0, JWT (JSON Web Tokens)

User Management

Store, manage, and analyze user profiles

Passwordless Login

🔹 How Auth0 Works?

1️⃣ User requests login → Enters credentials (username/password, Google login, etc.). 2️⃣ Auth0 verifies identity → Uses database, social login, or enterprise login. 3️⃣ Access token issued → If successful, Auth0 sends a JWT (JSON Web Token). 4️⃣ Application grants access → User can now access protected resources.

📌 Example: JWT (JSON Web Token) issued by Auth0

jsonCopyEdit{
  "sub": "auth0|123456789",
  "name": "John Doe",
  "role": "admin",
  "iat": 1617187200,
  "exp": 1617190800
}

🔹 Common Authentication Methods in Auth0

Auth Method

Description

Username & Password

Traditional login using a database

Social Login

Enterprise Login

Uses LDAP, SAML, or Active Directory

MFA (Multi-Factor Authentication)

Requires extra verification (OTP, push notification, etc.)

Passwordless Login

Users log in using email links or SMS codes

🔹 Auth0 vs. Firebase Authentication vs. AWS Cognito

Feature

Auth0

Firebase Auth

AWS Cognito

Ease of Use

Easy, prebuilt UI

Simple, but tied to Firebase

Complex, AWS-focused

Custom Authentication

Yes

Limited

Yes

Supports Social Login

Yes

Supports Enterprise Login (SAML, LDAP)

Yes

API Security (OAuth2, JWT)

Yes

Free Tier?

Yes (Limited)

Yes

🔹 Why Use Auth0?

✅ Saves Development Time – No need to build authentication from scratch. ✅ Secure & Scalable – Supports MFA, RBAC, OAuth2, JWT. ✅ Works with Any Tech Stack – Supports JavaScript, React, Node.js, Python, etc. ✅ Supports Customization – Custom login pages, rules, hooks, and branding.

Previous09 NextB

Last updated 3 months ago