Blog

Blog

The latest news, product updates, and thoughts on identity and access management, and API security insights from the Curity team.

View all authors

Reflecting on 8 Years of Making The Internet a Safer Place

Looking back at the first 8 years of Curity, the reason we started, and our ongoing mission to make the internet safer.

Travis Spencer

2023-05-25

OAuth 2.1 - OAuth Made Better

OAuth 2.1 - as the name indicates - is going to be an update of OAuth 2.0. The draft incorporates updates, changes and recommendations from best practices from the last few years.

Judith Kahrer

2023-05-03

How to Take Control of Cookies in OAuth-Secured Web Apps

Secured and unsecured browser-based apps require different architectures. This post summarizes some techniques you can use to enable the best browser security while ensuring other important qualities.

Gary Archer

2023-04-18

How to Manage Multi-tenancy in an IAM System

This article explores the management of multi-tenancy in an IAM system by looking into different multi-tenant strategies that can be used to secure identities.

Jonas Iggbom

2023-03-21

International Women’s Day: DigitALL and #PowerOn

Today is International Women's Day. A reminder to reflect on the gender balance and women empowerment in the tech industry and discuss how we can achieve greater equality.

Curity

2023-03-08

Cloud vs. On-Prem: Where to Deploy Your CIAM?

Where to Deploy Your Customer Identity and Access Management

Judith Kahrer

2023-03-07

The State of FAPI 2.0

An overview of the current state of Financial-grade API Security Profile 2.0

Daniel Lindau

2023-02-28

OAuth and OpenID Connect Adoption Funnel 2023

In this blog post, Curity's experts delve into the OAuth and OpenID Connect adoption funnel, providing a micro-level view of the specifications.

Jacob Ideskog

2023-02-14

Decentralized Identifiers and Verifiable Credentials: The Building Blocks for Self-Controlled Identities

Decentralized identifiers and verifiable credentials combined provide a promising new way of identity management.

Judith Kahrer

2023-01-18

API Security Trends 2023

Why 2023 will be the year of API security and what are the key API security best practices to focus on.

Michal Trojanowski

2023-01-03

Myths and Truths About Decentralized Identifiers

In this article we straighten up some misconceptions and provide some basic understanding concerning Decentralized Identifiers (DIDs).

Judith Kahrer

2022-12-20

Why APIs Require Zero Trust Security

APIs are critical for modern solutions in most industries. This is why a zero-trust approach is required in API security.

Judith Kahrer

2022-12-07

My Takeaways from IIW 35

Last week, some of us attended the OpenID Foundation’s OpenID Workshop and the Internet Identity Workshop (IIW) in San Francisco, California. Here are some of my key takeaways.

Jacob Ideskog

2022-11-23

Designing Your OAuth Login Workflow

With security becoming more sophisticated in recent years, implementing authentication workflows within applications is no longer viable.

Gary Archer

2022-11-02

How to Start Your IAM Journey Right — In Three Steps

This article offers advice on what to consider when starting your identity and access management (IAM) journey.

Judith Kahrer

2022-10-20

Which Is Best for IAM: Build, Open Source, or Buy?

Deciding the best way to modernize or scale up your Identity and Access Management and API security can be a difficult task. Here are some considerations.

Stefan Nilsson

2022-10-03

Upgrading Your IAM System the Right Way

The OAuth family of specifications provides the best architecture capabilities and many advanced design patterns for managing security-related use cases.

Gary Archer

2022-09-13