Published inIdentity Beyond BordersSimplify React App LoginImplementing a login feature in a React app involves several key steps to ensure both functionality and security. In this post, we will…Jul 4, 2024Jul 4, 2024
Secure OAuth2 : Is Authorization Code Grant Type Secure Enough?The authorization code grant type is generally considered as the most secure, widely used and commonly recommended grant type within the…Apr 16, 20241Apr 16, 20241
OAuth2 Token Exchange in PracticeOver time, OAuth2 has evolved to meet increasingly complex security needs that go beyond the basic capabilities of a Security Token Service…Sep 25, 20232Sep 25, 20232
How to register and manage OAuth2 clients?In the first post of this blog series about the OAuth2, I provided a comprehensive overview of the OAuth2 core specification and its…Apr 19, 20211Apr 19, 20211
How do you discover the OAuth2 server configuration?This is the 2nd post of my blog series about the OAuth2; reading the first post may help you to understand this current topic easily.Apr 24, 2020Apr 24, 2020
Understanding OAuth2 LandscapeNow it has been nearly 8 years after the formal approval of OAuth2 Core standard by IETF. Obviously, the OAuth2 is not a new technology…Apr 19, 2020Apr 19, 2020
API Security: How to avoid Broken Object Level Authorization & Broken Function Level AuthorizationOWASP project recently finalised their API Security Top 10 list into RC level; you can have a look at it from here. When I went through…Oct 2, 20191Oct 2, 20191
Reloading SAML: Web Browser SSO ProfileSo far I have discussed key constructs of SAML 2.0 core standard and few supportive standards such as IDP Discovery and SAML Metadata too…Jun 9, 2018Jun 9, 2018
Reloading SAML : IdP DiscoveryThis post is somewhat different from other posts of this series, majority of the concepts that we are discussing here are not only specific…May 12, 20181May 12, 20181
Looking for a GDPR compliant IAM product ?WSO2 Identity Server (WSO2 IS) is a leading open source IAM (Identity and Access Management ) product and a member of WSO2 middleware…Apr 8, 2018Apr 8, 2018
Reloading SAML: Why do you need SAML Metadata?As we previously discussed, SAML is a structured format to define security information (assertions) about a subject (usually about an…Apr 1, 20182Apr 1, 20182
Reloading SAML : SAML BasicsDuring the last post, I discussed some of the practical use cases of SAML, within this post I will try to discuss a few basic concepts…Mar 26, 20183Mar 26, 20183
Reloading SAML: Do you really need SAML?Recently I have been working closely and directly on Identity and Access Management (IAM) domain, which also raised a necessity to revisit…Mar 24, 20181Mar 24, 20181
How to design GDPR compliant consentAs we already discussed in the previous posts of this series consent is one of the five lawful processing means defined in the GDPR, but in…Sep 16, 20173Sep 16, 20173
Cross-border data transfers under GDPRIn today’s globalized world it’s unavoidable to transfer personal data belong to an individual with a company established in another…Sep 15, 2017Sep 15, 2017
All you need to know about GDPR Controllers and ProcessorsUnderstanding what GDPR meant as Controller, Processors and their responsibilities.Sep 13, 2017Sep 13, 2017
Privacy Principles of GDPRIntroduction to seven privacy principles of the GDPRSep 11, 2017Sep 11, 2017