Sagara GunathungainIdentity Beyond BordersSimplify React App LoginImplementing a login feature in a React app involves several key steps to ensure both functionality and security. In this post, we will…Jul 4Jul 4
Sagara GunathungaSecure OAuth2 : Is Authorization Code Grant Type Secure Enough?The authorization code grant type is generally considered as the most secure, widely used and commonly recommended grant type within the…Apr 161Apr 161
Sagara GunathungaOAuth2 Token Exchange in PracticeOver time, OAuth2 has evolved to meet increasingly complex security needs that go beyond the basic capabilities of a Security Token Service…Sep 25, 20231Sep 25, 20231
Sagara GunathungaHow to register and manage OAuth2 clients?In the first post of this blog series about the OAuth2, I provided a comprehensive overview of the OAuth2 core specification and its…Apr 19, 20211Apr 19, 20211
Sagara GunathungaHow do you discover the OAuth2 server configuration?This is the 2nd post of my blog series about the OAuth2; reading the first post may help you to understand this current topic easily.Apr 24, 2020Apr 24, 2020
Sagara GunathungaUnderstanding OAuth2 LandscapeNow it has been nearly 8 years after the formal approval of OAuth2 Core standard by IETF. Obviously, the OAuth2 is not a new technology…Apr 19, 2020Apr 19, 2020
Sagara GunathungaAPI Security: How to avoid Broken Object Level Authorization & Broken Function Level AuthorizationOWASP project recently finalised their API Security Top 10 list into RC level; you can have a look at it from here. When I went through…Oct 2, 20191Oct 2, 20191
Sagara GunathungaReloading SAML: Web Browser SSO ProfileSo far I have discussed key constructs of SAML 2.0 core standard and few supportive standards such as IDP Discovery and SAML Metadata too…Jun 9, 2018Jun 9, 2018
Sagara GunathungaReloading SAML : IdP DiscoveryThis post is somewhat different from other posts of this series, majority of the concepts that we are discussing here are not only specific…May 12, 20181May 12, 20181
Sagara GunathungaLooking for a GDPR compliant IAM product ?WSO2 Identity Server (WSO2 IS) is a leading open source IAM (Identity and Access Management ) product and a member of WSO2 middleware…Apr 8, 2018Apr 8, 2018