Pattern / chelmsfordblue Red Hat SSO v7.1 provides support for OAuth2, OpenID Connect, and SAML2. There are numerous other identity[…]
Read moreTag: Security
What is Authorization?
Do not enter / Cory Doctorow In a previous post, I gave a definition of Authentication. In this post, we’re going[…]
Read moreApplication Security Models
I like to start system design (at the application level) with the security model that will be used to protect[…]
Read moreAuthentication vs. Federation vs. SSO
Authentication. Federation. Single Sign On (SSO). I’ve mentioned these concepts many times. I haven’t actually formally defined what each of[…]
Read moreHow To Submit Your Security Tokens to an API Provider, Pt. 2
This post was originally published as “How to Submit Tokens to an API Provider, Pt 2” on the Apigee Blog.[…]
Read moreHow To Submit Your Security Tokens to an API Provider Pt. 1
This post was originally published as “How to Submit Tokens to an API Provider, Pt 1” on the Apigee Blog.[…]
Read moreIdentity Propagation in an API Gateway Architecture
The power of end-to-end user security context with APIs This post was originally published as “Identity Propagation in an API[…]
Read moreSAML2 vs JWT: Understanding OpenID Connect Part 3
In part 1 and part 2 of Understanding OpenID Connect, core concepts and the first Authentication Flow (Authorization Code Grant[…]
Read moreSAML2 vs JWT: Understanding OpenID Connect Part 2
This post continues our discussion of OpenID Connect (OIDC). We look at one of the three Authentication Flows defined by[…]
Read moreSAML2 vs JWT: Understanding OpenID Connect Part 1
This post builds upon what we learned about OAuth2 and JWT in previous posts. OpenID Connect will give us the[…]
Read more