Understanding CIBA - What is it and how does it work?
CIBA is an authentication flow that extends OpenID Connect and defines a decoupled flow where authentication can be initiated on one device and carried out at another. It lets people use their mobile devices to authenticate and approve transactions. This webinar will give you an overview of the standard, show you how it works and how you can implement it.
Our identity experts will:
- provide you with an understanding of what CIBA is
- show the difference between front-channel and back-channel authentication
- give advice on how to improve user experience by introducing back-channel authentication
- explain how to achieve strong customer authentication with a separate app or device
- demonstrate how to make it work for regulatory compliance
Curity Identity Server 6.2 Release Webinar
In this webinar, we will go through the new features, fixes and enhancements of our most recent release, Curity Identity Server 6.2.
App2App Login with Authentication Workflows
Join us for the webinar on App2App login with authentication workflows. In this webinar we will:
- Explain how you can use a hypermedia API to drive clients to log in users using any technique stipulated by the OpenID Connect Provider or OAuth Authorization Server;
- Discuss why hypermedia is the ideal architectural pattern for creating such an API;
- Show how you can use hypermedia in a way that conforms to FAPI and local regulations like PSD2 and GDPR to fulfill not only App2App login but other pertinent login scenarios;
- Touch on the security issues raised by such an API; and
- Recommend resources where you can learn more about the API and these workflows.
Using OAuth, OIDC, and OPA for fine-grained authorization
Styra and Curity will host a webinar focused on using OAuth, OpenID Connect, and OPA for fine-grained authorization in microservices and APIs.
In the live webinar, experts from Styra and Curity will show:
- how the Authorization Server (OAuth/OIDC) takes care of authentication and issues access tokens;
- how tokens are passed on and consumed by the authorization engine (OPA);
- how scopes and claims of the access tokens can be used for access control decisions when the authorization policy is evaluated.
Join us if you want to learn how to elevate authorization processes and improve your microservices and APIs’ security.
Securing Open Banking
Open banking is a global phenomenon — and one that must be secured. In this online event, Curity’s Daniel Lindau joins Nordic APIs to explore how to take on Open Banking with a standards-based approach to make it easier to follow your local regulations.
Curity Identity Server 6.0 Release Webinar
The Curity Identity Server reached its sixth major release with several exciting features that we have been working on, including general availability of the Hypermedia Authentication API.
In this webinar, we will go through the new features, fixes and enhancements of the Curity Identity Server 6.0.
Guarding privacy and security using API Gateways
In today’s world, APIs are ubiquitous, either in communication between-backend services or from front ends to back ends. They serve all kinds of purposes, come in different flavors, and return data in various formats. The possibilities are countless. Still, they all share one common trait – an API needs to be secure. Secure access to an API should be paramount for any company exposing them, especially if the APIs are available externally and consumed by third-party clients.
In this session, we will look at how you can enhance privacy and security by implementing the Phantom Token Flow using NGINX and the Curity Identity Server.
We will explore: • the dangers of using a by-value token • possible solutions involving a by-reference token • differences between Phantom and Split Tokens • a demo showing an easy way to set up containerized NGINX and the Curity Identity Server to use the Phantom Token Flow
Native Mobile Login and Application Attestation Webinar
Creating secure, seamless user authentication from mobile apps is a challenge for developers. Curity’s Hypermedia Authentication API, now in RC1, is making this possible. The latest Curity Identity Server release supports not only Web and Android clients, but also iOS clients.
These apps can have their identity verified using iOS hardware-based key attestation. This ensures that the login API is only callable from your app, not a clone of some other app trying to spoof it (like a proxy).
Join this webinar to learn about Curity’s Hypermedia Authentication API, enabling seamless API-based login from any device or browser.
Curity Identity Server 5.4 Release Webinar
The Curity Identity Server has reached its 5.4 version with several exciting features that we have been working on, including the first release candidate of Hypermedia Authentication API, iOS SDK, and Server SDK.
In this webinar, we will go through the new features, fixes and enhancements of the Curity Identity Server 5.4.
Improve DevOpsSec Processes in Production with Zulu Mission Control and JDK Flight Recorder
Zulu Mission Control and JDK Flight Recorder are powerful tools for Java developers, which have been open-sourced by Oracle and are now part of OpenJDK 8, 11, and later versions. This webinar will show how these tools can also be used in production environments, e.g., to improve DevOpsSec processes.
A live demo delivered by Curity will show how these tools are used in combination with the Curity Identity Server, which implements the OAuth and OpenID Connect standards to provide secure login and API access.
Remove bottlenecks and accelerate your team with Curity’s DevOps Dashboard
In this webinar we will take a closer look at the ‘DevOps Dashboard’, introduced in Curity Identity Server 5.3. It is a Web application which allows developers and operators to administrate a subset of the Identity Server capabilities without relying on your busy system administrators.
It allows developers and operators to setup new OAuth clients, change existing ones, manage scopes, and view claims. They can also view alarms that have occurred, allowing operators to see more info without gaining complete access to the server.
We hope you will join us!
- London, UK
API Days Live London
The road to embedded finance, banking, and insurance with APIs. Tune in on October 28th to hear from Curity’s Travis Spencer and other API experts at API Days Live London. Travis will talk about Hypermedia API for secure, seamless user authentication.
Identity and APIs
In recent years, API threats continue to soar. Especially during the COVID pandemic, APIs continue to be abused by hackers in a wide variety of ways. In this online event, Curity’s Jacob Ideskog joins Nordic APIs to explore the modern threats APIs face and the security nuances unique to 2020. We’ll also get an update on how the OAuth and OpenID Connect standards are used to protect APIs and predict where the future of identity-driven API security is heading.
Authentication API: Seamless mobile login and application attestation
Creating secure, seamless authentciation from mobile apps is a challenge for developers. Curity’s hypermedia authentciation API, now in Beta 2, is making this possible. The latest release supports not only Web clients, but also Android clients.
These Android apps can be attested to be signed by a trusted developer key that chains up to Google’s. This ensures that the login API is only callable from your Android app, and not a clone of it or some other app that is trying to spoof it (like a proxy).
Join this webinar to learn all about Curity’s new login API which enables seamless API-based login from any device or browser.
Raising and reacting to alarms with the Curity Identity Server
Join Jacob Ideskog, identity specialist at Curity on August 26th when he will showcase the new alarm and monitor feature and how to best use it. Quickly identifying issues is key to minimize impact. The 5.2 version of the Curity Identity Server includes a powerful system monitor, and alarm function, which helps reduce downtime when the worst happens, and lets you get on with solving the problem.
Browser-less, MFA login API for all devices using the Curity Identity Server
Join this webinar to learn all about Curity’s new login API which enables browser-less API-based login from any device or browser, and is easy to integrate with native biometric functions.
Secure eID Access to Cloud platforms
Join Curity and Signicat to explore how you can achieve secure eID access to Cloud Platforms. With increased digitalization and remote working, the demand for secure integrations and smooth customer experiences is constantly growing. It’s essential for organizations to facilitate secure access and maintaining privacy of everything from emails and calendars, signing of electronic documents to integration of third-party services via APIs. How do you protect important resources whilst facilitating important business processes?
Maturing Platform Security
This LiveCast brings in experts to discuss how to evolve API security architecture with identity. As digital ecosystems mature, so must cybersecurity. Especially for large platforms with externalized resources, data breaches should be expected, and API vulnerabilities must be mitigated.
Financial Grade APIs Using OAuth & OpenID Connect
Financial-grade security is important not only for the financial sector. This level of security is also necessary for other industries, such as healthcare, insurance, energy, government and others. There are various aspects of OAuth and OpenID Connect that can be used to achieve financial-grade APIs as well as to meet regulatory requirements (like HIPAA, PSD2 & Open Banking).
Adaptive Authentication in OAuth Using Geo-location Data
In order to provide a safe login experience, more adaptive login methods are often needed. Applications integrated with the Curity Identity Server using OAuth and OpenID Connect can now accomplish this using geographical data. After attending this Webinar, attendees will have a better understanding of how they can start leveraging geo data to make more intelligent login decisions without the need of code.
- San Jose, California
API World puts API Innovation, API Design, API Strategy, and API Services on center-stage. We cover topics across Internet of Things API’s (connected cars, connected homes, devices), Marketing API’s, Infrastructure-as-a-Service API’s, and Data and Machine Learning API’s to name a few.
- Stockholm, Sweden
2019 Platform Summit
Continuous API strategies for integrated platforms. Join us and a speaker panel of API experts for a 2-and-a-half-day event jam-packed with workshops and keynote sessions offering innovative insights on building success in the API ecosystem.
Scalable Access Control for APIs
API platforms are growing, and the need to provide a scalable access control model is more important than ever. In this webinar, Curity Identity specialist Daniel Lindau, will show you ways to create this model using the tools available in standard OAuth2 and OpenID Connect.
- Seattle, USA
NGINX Conf 2019
NGINX Conf is an event for developers, operators, and architects looking to modernize their application delivery infrastructure, API infrastructure and applications themselves.
Scaling API Security for large enterprises
Join us for this hour-long webinar where we will look at ways to scale API Security for large enterprises. With the right automation and identity control in place, architects have the tools to scale API security throughout the cloud.
Introduction to OAuth & OpenID Connect
APIs are used in virtually any modern digital services today, and OAuth 2 and OpenID Connect are the standards for secure APIs, the Internet’s identity and security protocols.
- Copenhagen, Denmark
Conferences are focused on bringing the best minds in the software community and the most interesting topics.
- Stockholm, Sweden
IDG - Tech World Summit
They’re already on your radar – new technologies such as Artificial Intelligence, Machine Learning, Internet of Things, Blockchain and others.
- Austin, USA
Austin API Summit 2019
Empower your platform model with advanced api strategies. Join industry colleagues and hear 40+ API experts across two tracks sharing critical insights on building success in the API ecosystem. Over 2.5 days we’ll explore the many faculties of developing and sustaining a thriving API-first organization.
- Frankfurt, Germany
IDM Europe Frankfurt 2019
Europe’s leading identity and access management conference for senior managers, security experts and IAM thought leaders across government and the largest Enterprise organisations.