OAuth 2.0 and Customer Management

I’m still learning the entire Particle ecosystem so sorry for any ignorant questions.

With Particle ending support for Sending Password Reset Emails with Simple auth. Is there a simple turnkey solution (OAuth 2.0 Server) that can be used to manage customer? Here is a scenario:

1. Customer buys a product
2. The account is created with a temp password and shipped with the Particle product. This way we collect the tokens needed to for any future password changes.
3. Customer gets the product, claims the product using the pre-created account.
4. A simple portal that runs the OAuth 2.0 Server is setup for email changes and password resets. This would just be the middle man between customer and the Particle system for account cahnges.

I don’t think this would be a true Two-Legged Authentication system as we are not collecting the device info, we are only handling the account changes. Seems like a hybrid between Simpl Auth and Two-Legged. Right?

Is something like this feasible? Would auth0.com or okta.com work for this?

For someone that is just starting out, a true Two-Legged system seems like a huge investment. Once you scale up I totally see the benefits but at the beginning its just unattainable. Overall love the Particle system!

Hey!
another way of implementing this would be to use Firebase Auth. It looks simple and promising enough for me.
Also, once this is implemented, you can start using their Firestore database which can receive data from devices via the Particle-Google integration and exposes this data to an app or webapp.
The free plan they give allows one to do this for free for around a year.
It looks pretty good for me but I’m just starting to look into it.
Cheers,
Gustavo.