sc4224
JWT vs Session Based Authentication for HIPAA
Hi, asking for the opinion of elixir devs with experience in HIPAA compliancy.
As far as authentication goes. Is there a preference of token-based vs session-based authentication to ensure HIPAA compliancy? Would devs implementing authentication be predisposed to use one method over the other? Does HIPAA compliancy even prioritize one method over the other?
Most Liked
tangui
Hi,
No HIPAA experience but as stated here you have to support logout.
To manage logout with JWTs, you’ll need… to manage states! Also some links on JWTs for authentication sessions that have already been posted here:
danschultzer
Pow uses sessions by default: GitHub - pow-auth/pow: Robust, modular, and extendable user authentication system · GitHub
PowAssent provides multi-provider support (ueberauth alternative): GitHub - pow-auth/pow_assent: Multi-provider authentication for your Pow enabled app · GitHub
OvermindDL1
I deal with HIPAA at work, and I use session based to our SSO and it is time based logout, and if an early logout is performed it logs out of everything else that uses the SSO as well (and vice-versa). I just verify with the SSO on-access if the account is still logged in or not.
So… I put the onus on the people that manage the SSO (other contractors). ^.^
Popular in Discussions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #javascript
- #code-sync
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance








