In part 1 and part 2 of Understanding OpenID Connect, core concepts and the first Authentication Flow (Authorization Code Grant[…]
Read moreCategory: Uncategorized
SAML2 vs JWT: Understanding OpenID Connect Part 2
This post continues our discussion of OpenID Connect (OIDC). We look at one of the three Authentication Flows defined by[…]
Read moreSAML2 vs JWT: Understanding OpenID Connect Part 1
This post builds upon what we learned about OAuth2 and JWT in previous posts. OpenID Connect will give us the[…]
Read moreDesign Principles for Seamless User Authentication
This post was originally published as “Design Principles for Seamless User Authentication” on the Apigee Blog. In a previous post,[…]
Read moreKeeping Your APIs Secure for Multiple User Types
This post was originally published as “Keeping Your APIs Secure for Multiple User Types” on the Apigee Blog. In an[…]
Read moreThe Tools of API Management — The Full Stack
In the first three API Management posts I wrote, we discussed “What are APIs?(The Technical Perspective)”, “What is API Management?”,[…]
Read moreSAML2 vs JWT: Understanding OAuth2
This blog post continues the SAML2 vs JWT series. In the last post, we discussed JSON Web Tokens. Now, we[…]
Read moreAzure Active Directory Setup for API Actors
This post outlines how to setup an Azure Active Directory tenant with a Pay-As-You-Go or Free subscription (which only lasts[…]
Read moreSAML2 vs JWT: Apigee & Azure Active Directory Integration — A JWT Story
In our next SAML2 vs JWT post, we are going to use a JWT with a very simple API that[…]
Read moreSAML2 vs JWT: Understanding JSON Web Token (JWT)
In this post, we begin our exploration of the JSON Web Token (JWT) specification as part of the SAML v2.0[…]
Read more