MAS_AuthHub is a comprehensive identity and access management module for CMS Made Simple that acts as a centralized authentication gateway. It supports multiple authentication and federation standards, including OAuth 2.0, OpenID Connect (OIDC), SAML 2.0, WebAuthn (passkeys), and additional pluggable authentication mechanisms.

The module enables applications and users to authenticate through external identity providers or internal CMSMS-managed credentials, while maintaining consistent session handling and access policies across all connected services.

Key capabilities include: Multi-protocol authentication support (OAuth2, OIDC, SAML, WebAuthn) Single Sign-On (SSO) across CMSMS modules and external applications Secure token management (access tokens, refresh tokens, ID tokens) Identity provider configuration and federation management Role and policy-based access control integration with CMSMS permissions Support for modern passwordless authentication (WebAuthn / passkeys) Extensible architecture for adding future authentication standards Audit logging and authentication event tracking for security monitoring MAS_AuthHub is intended to serve as the core identity layer within CMS Made Simple environments, enabling secure, scalable, and future-proof authentication across all connected systems.