When exposing an application to the outside world, consider a Reverse-Proxy or an API Gateway to protect it from attacks.
Authenticate with OpenID Connect and Apache APISIX
Externalizing your authentication process to a third party may be sensible, but you want to avoid binding your infrastructure to its proprietary process.
Securely Authenticate to Google Cloud from GitHub
Did you know GitHub and Google Cloud have all the infrastructure available to get short-lived tokens securely? Handy for Java devs and more!