OpenID Connect Logout
The OpenID Connect (OIDC) family of specs supports logout (from a single application) and global (or single) logout (from all[…]
Read more
Latest Posts
SAML2 Use Cases
The following blog posts discuss SAML2 use cases that have been explored in this series: SAML v2.0 vs JWT: SAML2[…]
Read more
Identity Propagation in an API Gateway Architecture
The power of end-to-end user security context with APIs This post was originally published as “Identity Propagation in an API[…]
Read moreWhen To Use Which (OAuth2) Grants and (OIDC) Flows
If you have been following my SAML2 vs JWT series lately, you are no doubt familiar with the OAuth2 and[…]
Read moreAn Alternative to Delegated Access in the Enterprise
Extending OAuth2 and OpenID Connect as the enterprise standard for API security This post was originally published as “An Alternative[…]
Read moreUnderstanding OpenID Connect Series
The following blog posts make up my series on OpenID Connect. This is part of the SAML2 vs JWT series.[…]
Read moreSAML2 vs JWT: Understanding OpenID Connect Part 3
In part 1 and part 2 of Understanding OpenID Connect, core concepts and the first Authentication Flow (Authorization Code Grant[…]
Read moreSAML2 vs JWT: Understanding OpenID Connect Part 2
This post continues our discussion of OpenID Connect (OIDC). We look at one of the three Authentication Flows defined by[…]
Read moreSAML2 vs JWT: Understanding OpenID Connect Part 1
This post builds upon what we learned about OAuth2 and JWT in previous posts. OpenID Connect will give us the[…]
Read moreDesign Principles for Seamless User Authentication
This post was originally published as “Design Principles for Seamless User Authentication” on the Apigee Blog. In a previous post,[…]
Read more