Articles
Our articles offer insights on a range of topics such as identity and access management, Financial-grade and API security.
Dynamic Trust for AI Agents
AI agents need to be able to establish trust at runtime to securely integrate with other services on demand. Read up on how to dynamically establish trust for AI agents.
Design AI for Enterprises
A thought process for enterprises to plan ahead on AI initiatives and meet cross-team requirements.
API Access Across Trust Domains
Secure API access from AI agents that cross trust boundaries: requirements, examples and advices. Secure your AI agents by federating identity and authorization across trust domains.
SSO for AI Agents with OpenID Connect
Implementing Single Sign-On for AI Agents with OpenID Connect: options and examples. Secure your AI agents using a Single Sign-On Service.
OpenID Authorization Exchange (AuthZEN)
This article gives an overview of the AuthZEN Authorization API and how it relates to authentication and authorization.
An Introduction to Authorization
Learn about the common concepts, terms and patterns in authorization.
API Security Best Practices for AI Agents
Secure APIs with OAuth, scopes, and claims. Learn API security best practices for safe, fine-grained authorization in AI integrations.
Design MCP Authorization for APIs
Learn how organizations can extend the reach of APIs and restrict access to sensitive data.
MCP Authorization Lifecycle
Learn about the security standards and endpoints to enable MCP clients to safely access sensitive data.
OAuth With Unsolicited SAML Responses
Struggling with IdP-initiated SAML in OAuth? Learn solutions to handle unsolicited SAML responses, fix PKCE challenges, and secure OAuth 2.0 apps.
An Overview of WebAuthn
WebAuthn is a specification of a JavaScript API that allows applications to perform secure authentication for both multi-factor and single-factor scenarios.
Client Initiated Backchannel Authentication (CIBA) Flow
This article describes the messages in the poll mode as specified by CIBA and aims to help developers understand and implement the specification.
What is an Entitlement Management System?
What is an Entitlement Management System, what are the functions and what components does it include?
User Provisioning With SCIM
Overview of System for Cross-domain Identity Management (SCIM). What is SCIM, and what problems does it solve?
What is PSD2, and How Does it Work?
A brief summary of PSD2 and the security requirements and goals to comply with its regulations.
Authentication vs. Authorization, What's the Difference?
Authentication and authorization are two security processes used to protect systems and information. This article outlines what they mean and their differences.
What Is OpenID Connect, and How Does It Work?
OpenID Connect explained: what it is and what benefits does it offer. How does it compare with OAuth2 and SAML?
What is Partner Identity and Access Management (PIAM), and How Does it Relate to B2B?
Understand the main principles and benefits of Partner Identity and Access Management, and find out how it can solve various business-to-business use cases.
Best Practices - OAuth and XSS Prevention
Mitigate XSS threats in OAuth-secured Browser Based Apps
Mutual TLS Sender Constrained Access Tokens
Use mutual TLS to harden the use of access tokens, so that an attacker cannot use stolen tokens to gain API access.
Topics
Join our Newsletter
Get the latest on identity management, API Security and authentication straight to your inbox.
Start Free Trial
Try the Curity Identity Server for Free. Get up and running in 10 minutes.
Start Free Trial
