I have been working on a B2D service. Right now my only login method is GitHub. I thought it made sense, since most seem to be using GitHub for their projects. It will use GitHub as a way to help add services to your development projects.<p>I wanted to know if this a bad way to go? Should I allow a native login? Various login types?<p>Thank you for your time and feedback on this issue.
I don't have too much specific feedback, but I know one thing that has irked me in the past (and irked users of services I've worked on) is when the OAuth permissions requested are very broad. For example, why request "write" access to a resource if you don't need it? In other words, ask for the bare minimum permissions from the user that your app may require to function.<p>What stack are you developing in? Maybe there's a solution like <a href="https://github.com/intridea/omniauth" rel="nofollow">https://github.com/intridea/omniauth</a> available that you could utilize if applicable.<p>Hope that's helpful and good luck :)