Building Generic Open Finance Ecosystems with FAPI and External Consent Storage
Learn how to build generic Open Finance ecosystems using FAPI standards and external consent storage solutions for enhanced security and compliance.
open finance
How SaaS Platforms Can Benefit From Canary Deployments with Smoke Tests
Learn how canary deployments work at SecureAuth and how organizations with products delivered as Saa...
miscellaneous
Setting Up OAuth/OIDC Identity Provider for Confluent Cloud -- Kafka as a Service
Learn how to set up SecureAuth as an OAuth/OIDC Identity Provider for Apache Kafka. In this article, we will create an authorization server in SecureAuth, add an M2M client application, set up a Kafka cluster in Confluent Cloud, and create a Kafka client.
oauth
Zero Trust in Token Based Architectures
Learn how a token-based architecture can align with the principles of Zero Trust, enhancing the secu...
oauth
Open Banking Evolution in Brazil: Transforming the Financial Landscape
Explore the evolution of Open Banking in Brazil and its impact on transforming the financial landscape.
open bankingbrazil
Why SecureAuth for FAPI 2.0
Learn how organizations benefit from having SecureAuth as the FAPI 2.0 implementation provider for s...
oauth
Exploring the Future of Identity, Authentication & Access Management
Lukasz Radosz, SecureAuth's Co-Founder and CTO, shares his insights after Identiverse 2023 and explores the future of Identity, Authentication, and Access Management.
identity
Sender Constrained Access Tokens: mTLS vs DPoP
Compare mTLS and DPoP approaches for sender-constrained access tokens in OAuth 2.0 implementations.
oauth
Reap Benefits of Multitenancy Model in SecureAuth for Your Organization
Discover how SecureAuth's multitenancy model can benefit your organization with improved security and resource efficiency.
ciam
Exploring the OAuth Authorization Code Flow: A Comprehensive Guide To Improved Security of Data Sharing
In this article, we'll discuss the potential drawbacks of the bare authorization code flow and explore the various mechanisms that can be implemented to enha...
oauth
How to create an Open Banking client app in Node.js for FDX
Learn how to create a Data Recipient application for Financial Data Exchange. Read about the authent...
apps
Understanding ACR and AMR Claims in Authentication: Practical Use Cases
Explore Authentication Context Class Reference (ACR) and Authentication Methods References (AMR) claims with practical use cases.
authenticationclaims
Introducing OAuth2c: A Powerful Command-Line Tool for OAuth2
SecureAuth has recently introduced OAuth2c, a command-line tool for OAuth2. OAuth2 is an open standard for authorization that allows users to grant third-par...
miscellaneous
Exploring Financial Grade API (FAPI) 2.0
FAPI 2.0 is already around the corner! Brace yourself and learn what is to be expected in the FAPI 2.0 Baseline Profile, Attacker Model, and Message Signing ...
oauth
Testing Authorizers in SaaS Production Environment
Learn best practices for testing authorizers in SaaS production environments to ensure security and reliability.
qaauthorizers
Using Service Level Objectives to improve Site Reliability at SecureAuth
SITE RELIABILITY ENGINEERING, DEVOPS
sredevops
Test Automation for Maintaining OpenID Self-certification
This article describes how test automation is applied at SecureAuth to maintain OpenID self-certific...
openid
Integration with the Kusk API Gateway
This article describes the integration of the SecureAuth authorization platform with the Kusk API Gateway
kusk
Authorization and Security for Financial Data Aggregators
Connecting fintechs to financial institutions in order to exchange data requires sophisticated authorization and consent solutions. SecureAuth fulfills these...
iamciam
Apply Branding for your Business Partners
The possibility to configure branding for your partner's end users can be of paramount importance in...
branding
Protect API Using Role-Based Access Control (RBAC) with Identity Pools Part 1
Learn how to implement role-based access control for API protection using SecureAuth identity pools in part 1 of this series.
rbacidentity
Protect API Using Role-Based Access Control (RBAC) with Identity Pools Part 2
Learn how to implement role-based access control for API protection using SecureAuth identity pools in part 2 of this series.
rbacidentity
Improve Single Page Application Token Security with Lightweight OAuth Proxy
Throughout the years, creators of SPA applications have used different approaches to securely store OAuth tokens
miscellaneous
Authorization for Apps Easier to Apply and More Transparent than Ever Before
Securing applications is not easy, we get it. Is it, however, possible to enable the developers to d...
apps
Authenticate Client Application Using OAuth 2.0 Token Exchange On-Behalf-Of (Delegation) Flow
OAuth 2.0 Token Exchange on-behalf-of (delegation) flow enables client applications to act on behalf of a different entity
oauth
Build a GraphQL Client Application to Consumer Protected GraphQL API Resources Part 3
This article is the third part of a series to explore usage of the SecureAuth authorization platform for externalized GraphQL runtime authorization along with policy based access controls.
graphql
Securing Partner API Integrations with OAuth mTLS
Learn how to secure partner API integrations using OAuth with mutual TLS authentication.
oauth
Build a GraphQL Client Application to Consumer Protected GraphQL API Resources Part 1
This article is the first part of a series to explore usage of the SecureAuth authorization platform for externalized GraphQL runtime authorization along with policy based access controls.
graphql