Getting Out of the Password Business
Our old authentication system used OAuth's client_credentials grant to log users in, treating users as OAuth clients with email addresses and password hashes. This worked for years but became a load-bearing infrastructure that was costly to maintain. We moved to Google Identity Platform due to security standards, customer requests, and maintenance costs. We now use Google Identity Platform with two forms of verification: Firebase Admin SDK for ID tokens and another method for access tokens. This change improves security and reduces maintenance costs.