Design and Implementation of a Centralized OAuth 2.0 Authentication and Authorization System with SSO Integration for Multi-Platform Applications

Security is always one of the most important concerns in any IT system. An authentication system that guarantees both protection and seamless user experience has become essential for modern applications, where users expect a unified and reliable access experience across web and mobile platforms. In this context, this thesis presents the design and implementation of a centralized authentication and authorization framework together with two dedicated libraries for frontend and backend applications developed by the company UNOX S.p.A. The framework, based on OAuth 2.0 protocol, was designed to ensure security, scalability and interoperability while also enabling authentication through third-party identity providers such as Google and Apple. Special attention was placed on migration strategies, in order to guarantee backward compatibility with the existing authentication system and enabling a smooth and seamless transition for the users. Furthermore, the two libraries (developed with React and React-Native for the frontend and Express and Fastify for the backend) provide developers with a ready-to-use multi-platform solution. In this way, both current and future applications at company UNOX S.p.A can integrate the authentication and authorization system with minimal effort, while relying on a transparent and robust infrastructure. The resulting solution presents a scalable and secure resource and identity management infrastructure, also providing a solid foundation for future enhancements, such as passkey adoption, magic links and advanced security monitoring.