Application Front-Ends Must Not Make Authorization Decisions
First, let’s get the usual introductions out of the way. For an in-depth discussion of what Authorization is, check out[…]
Read moreTag: identity
RFC 9068: A JWT-Based OAuth2 Access Token Format Standard
Tokens / SHYCITYNikon For anyone who has been paying attention, this blog post has been a long-time coming for multiple[…]
Read more
SAML2 Use Cases
The following blog posts discuss SAML2 use cases that have been explored in this series: SAML v2.0 vs JWT: SAML2[…]
Read more
Identity Propagation in an API Gateway Architecture
The power of end-to-end user security context with APIs This post was originally published as “Identity Propagation in an API[…]
Read more