With the web constantly evolving, Single Page Applications have become a prevalent style of applications used on the frontend. It is explained by higher demands on user experience and infrastructure management, which SPAs are great at. However, handling the security of such apps can be challenging.
SPA Security Problem
In…
The original post was written by Jacob Ideskog and published in the Curity blog. You can read it here.
There’s a lot of activity in the identity community currently. Financial Grade APIs (FAPI), OAuth 2.1, WebAuthn, decentralized identity, and other facets are being actively maintained and updated. In addition, entirely…
- What is it?
The Hypermedia Authentication API lets you make another step in increasing User Experience and security of your applications. …
Mobile apps might be the most popular type of applications, having reached the number of almost 9 million, according to a new report from RiskIQ. However, when it comes to the security of users, they are not so highly favored.
The security vulnerability of mobile apps is closely connected to…
The world is different, time for something new?
Jacob Ideskog, CTO @ Curity (curity.io)
The Past
For centuries, proving identity and allowing access to certain information, crossing borders, or gaining permission for a certain activity was a matter of official certifications, identity cards, passports, and special seals that proved who…
JWTs are JSON web tokens that are widely utilized in OAuth and OpenID Connect. In fact, their application is so popular that the main principles of their use are quite often overlooked. However, the basics should not be forgotten.
So, that is why we decided to brush some dust off…
We’ve outlined some key things to keep in mind when designing and building APIs.
Today we are witnessing the rise of the API economy, where APIs play an essential role in business success. However, this development raises new challenges. In 2017, Gartner predicted that by 2022, API abuses will be…
And why should it be a consideration when mapping out your security architecture?
Neo-Security Architecture is a modular and open-standard-based security architecture that aims to secure and assert legitimate access to APIs and services as well as web and mobile applications.
The Neo Security architecture is intended to be used as a roadmap, to be ready when new needs arise. It provides a…
Jacob Ideskog — CTO @ Curity.io
Ever since the OAuth 2.0 specification was finalized, we have dealt with the limitations of the Resource Owner Password Flow (ROPC). It was intended as a flow to support legacy applications that did not have a browser available, or to be used as a…
Computer systems built today have very little in common with what we built only a few years ago. Systems have evolved from classic client-server solutions, into distributed systems that span over many data centers and geolocations. DevOps teams are now able to build applications that scale up and down effortlessly…
Curity
Curity is the leading supplier of API-driven identity management, providing unified security for digital services. Visit curity.io or contact info@curity.io
