AI-generated prototypes look production-ready but often skip critical authentication safeguards. Learn why rolling your own auth creates security holes and maintenance debt.
AI-generated prototypes look production-ready but often skip critical authentication safeguards. Learn why rolling your own auth creates security holes and maintenance debt.
How SecureAuth uses device fingerprinting, continuous session binding, and contextual signals to contain passkey clickjacking risks discussed at Black Hat 2025.
Vulnerabilities are inevitable, but enterprise-wide compromises don't have to be. Learn why coupling authentication and authorization creates single points of failure and how layered identity defense provides resilience.
How open finance, FAPI 2.0, and CDR standards provide proven OAuth patterns for securing AI agent interactions in Model Context Protocol, including resource server architecture, client registration, and token binding.
Learn how to build generic Open Finance ecosystems using FAPI standards and external consent storage solutions for enhanced security and compliance.
Learn how canary deployments work at SecureAuth and how organizations with products delivered as Saa...
Learn how to set up SecureAuth as an OAuth/OIDC Identity Provider for Apache Kafka. In this article, we will create an authorization server in SecureAuth, add an M2M client application, set up a Kafka cluster in Confluent Cloud, and create a Kafka client.
Learn how a token-based architecture can align with the principles of Zero Trust, enhancing the secu...
Explore the evolution of Open Banking in Brazil and its impact on transforming the financial landscape.
Learn how organizations benefit from having SecureAuth as the FAPI 2.0 implementation provider for s...
Lukasz Radosz, SecureAuth's Co-Founder and CTO, shares his insights after Identiverse 2023 and explores the future of Identity, Authentication, and Access Management.
Compare mTLS and DPoP approaches for sender-constrained access tokens in OAuth 2.0 implementations.
Discover how SecureAuth's multitenancy model can benefit your organization with improved security and resource efficiency.
Learn about the testing tools SecureAuth uses for Helm Chart development to ensure quality and security, including static analysis, custom frameworks, and best practices.
In this article, we'll discuss the potential drawbacks of the bare authorization code flow and explore the various mechanisms that can be implemented to enha...
Learn how to create a Data Recipient application for Financial Data Exchange. Read about the authent...
Explore Authentication Context Class Reference (ACR) and Authentication Methods References (AMR) claims with practical use cases.
SecureAuth has recently introduced OAuth2c, a command-line tool for OAuth2. OAuth2 is an open standard for authorization that allows users to grant third-par...
FAPI 2.0 is already around the corner! Brace yourself and learn what is to be expected in the FAPI 2.0 Baseline Profile, Attacker Model, and Message Signing ...
Learn best practices for testing authorizers in SaaS production environments to ensure security and reliability.
SITE RELIABILITY ENGINEERING, DEVOPS
This article describes how test automation is applied at SecureAuth to maintain OpenID self-certific...
This article describes the integration of the SecureAuth authorization platform with the Kusk API Gateway
Connecting fintechs to financial institutions in order to exchange data requires sophisticated authorization and consent solutions. SecureAuth fulfills these...
The possibility to configure branding for your partner's end users can be of paramount importance in...
Learn how to implement role-based access control for API protection using SecureAuth identity pools in part 1 of this series.
Learn how to implement role-based access control for API protection using SecureAuth identity pools in part 2 of this series.
Throughout the years, creators of SPA applications have used different approaches to securely store OAuth tokens