Using the Curity Identity Server and features such as JWT assertion grant type and asymmetrically signed JWTs and mutual TLS for client authentication has helped Volvofinans Bank deliver banking-grade security.
With security becoming more sophisticated in recent years, implementing authentication workflows within applications is no longer viable.
Why and when the EdDSA algorithm should be implemented to save you time, money, and resources.
What is passwordless authentication? Why is it better than using traditional passwords? How can a passwordless approach be implemented?
How should you serve your access tokens: JWTs, phantom, or split?
Consistently branded log in that look like the rest of your app is critical for UX. Here are some things to consider when integrating OAuth into your apps.
What is digital identity, and what measures should one take to protect it most efficiently? Read the interview with Curity's CTO Jacob Ideskog.
OAuth and OpenID Connect tokens are vital standards to help maintain a high level of security.
Organizations are moving towards a Zero Trust Architecture where the user identity must be verified frequently, the use of passwords is less than ideal.
How ICA Gruppen consistently manages identities and app security in a very complex IT environment.
FIPS 201-3 is expected to be ratified very soon. To help you make sense of this update and to prepare, we have published and updated a few resources:
What are the benefits of using Opt-In MFA action, a new addition to the Curity Identity Server?
Weak passwords are driving a factor towards a passwordless approach. The WebAuthn standard is one of the leading technologies to achieve this securely.
Follow @curityio on Twitter
Subscribe for more content!