Multi-factor Authentication (MFA) is the practice of chaining several authentication methods together when determining whether to grant access to a user. Combining several independent authentication factors makes verifying a user’s identity easier and more precise.

Today MFA is considered best practice and helps protect both users and organizations from cybercriminals…

You can harden your SPA security with Token Handler

With the web constantly evolving, Single Page Applications have become a prevalent style of applications used on the frontend. It is explained by higher demands on user experience and infrastructure management, which SPAs are great at. However, handling the security of such apps can be challenging.

SPA Security Problem


The original post was written by Jacob Ideskog and published in the Curity blog. You can read it here.

There’s a lot of activity in the identity community currently. Financial Grade APIs (FAPI), OAuth 2.1, WebAuthn, decentralized identity, and other facets are being actively maintained and updated. In addition, entirely…

10 things you need to know about JWTs in questions and answers

JWTs are JSON web tokens that are widely utilized in OAuth and OpenID Connect. In fact, their application is so popular that the main principles of their use are quite often overlooked. However, the basics should not be forgotten.

So, that is why we decided to brush some dust off…


Curity is the leading supplier of API-driven identity management, providing unified security for digital services. Visit or contact

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store