Blog

Blog

The latest news, product updates, and thoughts on identity and access management, and API security insights from the Curity team.

View all authors

Decentralized Identifiers and Verifiable Credentials: The Building Blocks for Self-Controlled Identities

Decentralized Identifiers and Verifiable Credentials combined provide a promising new way of identity management.

Judith Kahrer

2023-01-18

API Security Trends 2023

Why 2023 will be the year of API security and what are the key API security best practices to focus on.

Michal Trojanowski

2023-01-03

Myths and Truths About Decentralized Identifiers

In this article we straighten up some misconceptions and provide some basic understanding concerning Decentralized Identifiers (DIDs).

Judith Kahrer

2022-12-20

Why APIs Require Zero Trust Security

APIs are critical for modern solutions in most industries. This is why a zero-trust approach is required in API security.

Judith Kahrer

2022-12-07

My Takeaways from IIW 35

Last week, some of us attended the OpenID Foundation’s OpenID Workshop and the Internet Identity Workshop (IIW) in San Francisco, California. Here are some of my key takeaways.

Jacob Ideskog

2022-11-23

Designing Your OAuth Login Workflow

With security becoming more sophisticated in recent years, implementing authentication workflows within applications is no longer viable.

Gary Archer

2022-11-02

How to Start Your IAM Journey Right — In Three Steps

This article offers advice on what to consider when starting your identity and access management (IAM) journey.

Judith Kahrer

2022-10-20

Which Is Best for IAM: Build, Open Source, or Buy?

Deciding the best way to modernize or scale up your Identity and Access Management and API security can be a difficult task. Here are some considerations.

Stefan Nilsson

2022-10-03

Upgrading Your IAM System the Right Way

The OAuth family of specifications provides the best architecture capabilities and many advanced design patterns for managing security-related use cases.

Gary Archer

2022-09-13

5 Practical Questions on EdDSA Answered

Why and when the EdDSA algorithm should be implemented to save you time, money, and resources.

Judith Kahrer

2022-08-29

5 API Security Principles That Are Here to Stay

With APIs becoming the most frequent attack vector of cybercrimes, it's now more important than ever to stay on top of API security trends.

Michal Trojanowski

2022-08-19

Why No Password Is Better than One Password

What is passwordless authentication? Why is it better than using traditional passwords? How can a passwordless approach be implemented?

Jonas Iggbom

2022-07-18

How Should You Serve Your Access Tokens: JWTs, Phantom, or Split?

How should you serve your access tokens: JWTs, phantom, or split?

Michal Trojanowski

2022-07-18

The Future of Open Finance Is Here

Introducing the report on how the financial industry is managing the adoption of Open Banking

Stefan Nilsson

2022-07-12

Using Subject Alternative Names to Authenticate OAuth Clients

Certificates are a hard technology to work with. In this spirit, I recently decided to learn more about Subject Alternative Names (SANs).

Travis Spencer

2022-06-27

The Evolution of Signature Algorithms

Algorithms are essential to avoid security incidents such as private keys being retrieved from signatures or valid signatures being created.

Judith Kahrer

2022-06-14

Smart API Security for Your Smart Car

Cars are smarter and more connected than ever and security breaches are rising. Here we outline the fundamental principles of API security to be aware of.

Jonas Iggbom

2022-05-30

Build Your OAuth Login User Experience

Consistently branded log in that look like the rest of your app is critical for UX. Here are some things to consider when integrating OAuth into your apps.

Gary Archer

2022-05-30

Your APIs Are Only as Secure as Your JWTs

API security has matured over the years, and we have moved from API-keys-based security to token authorization. JWTs are a popular format for access tokens

Michal Trojanowski

2022-05-06

Security Best Practices for SaaS Businesses

Best practices for SaaS companies to ensure the security of their solutions and empower their businesses.

Jonas Iggbom

2022-04-29

Digital Identity and How to Protect It

What is digital identity, and what measures should one take to protect it most efficiently? Read the interview with Curity's CTO Jacob Ideskog.

Jacob Ideskog

2022-04-26

Benefits of IdP Integration With the Curity Identity Server

Integrating an IdP responsible for user authentication with the Curity Identity Server allows organizations to reuse and extend existing solutions.

Travis Spencer

2022-04-12

OAuth Tools: The Free OAuth Laboratory

If you're looking for a place to experiment, learn, and explore the inner workings of OAuth and OpenID Connect, check out our award-winning OAuth Tool.

Daniel Lindau

2022-04-08

Java 17 And Our Commitment to Technology

With the Curity Identity Server 7.0 we upgrade to Java 17. We are eager to see as broad adoption of Java 17 as Java 8 received.

Jacob Ideskog

2022-04-01

Join The Discussion

Follow @curityio on Twitter

Follow @curityio

Overview

Architecture

Learn More

SECURITY SOLUTIONS

INDUSTRY

Customer Use Cases

Resource Library

Tutorials & Guides

Learn More

Decentralized Identifiers and Verifiable Credentials: The Building Blocks for Self-Controlled Identities

API Security Trends 2023

Myths and Truths About Decentralized Identifiers

Why APIs Require Zero Trust Security

My Takeaways from IIW 35

Designing Your OAuth Login Workflow

How to Start Your IAM Journey Right — In Three Steps

Which Is Best for IAM: Build, Open Source, or Buy?

Upgrading Your IAM System the Right Way

5 Practical Questions on EdDSA Answered

5 API Security Principles That Are Here to Stay

Why No Password Is Better than One Password

How Should You Serve Your Access Tokens: JWTs, Phantom, or Split?

The Future of Open Finance Is Here

Using Subject Alternative Names to Authenticate OAuth Clients

The Evolution of Signature Algorithms

Smart API Security for Your Smart Car

Build Your OAuth Login User Experience

Your APIs Are Only as Secure as Your JWTs

Security Best Practices for SaaS Businesses

Digital Identity and How to Protect It

Benefits of IdP Integration With the Curity Identity Server

OAuth Tools: The Free OAuth Laboratory

Java 17 And Our Commitment to Technology

Join The Discussion

Never miss a thing