docs/site/migration/auth/overview.md
{% include tip.html content=" Missing instructions for your LoopBack 3 use case? Please report a Migration docs issue on GitHub to let us know. " %}
LoopBack version 3 provides several options for adding authentication and authorization to secure the applications:
A set of built-in models like User, AccessToken and ACL makes it easy to
store your user credentials locally and define custom access control checks.
The migration path is described in
Migrating built-in authentication and authorization.
loopback-component-passport provides integration between LoopBack 3 and Passport to support third-party login and account linking for LoopBack applications. The migration path is described in Migrating Passport-based authentication.
loopback-component-oauth2 provides full integration between OAuth 2.0 and LoopBack. It enables LoopBack applications to function as an oAuth 2.0 provider to authenticate and authorize client applications and/or resource owners (i.e. users) to access protected API endpoints. The migration path is described in Migrating OAuth2 provider.
loopback-example-access-control demonstrate authentication and authorization mechanisms in LoopBack. The migration guide is described in Migrating access control example.