Our articles offer insights on a range of topics such as identity and access management, Financial-grade and API security.
Using External IDPs
Why and when external IDPs may be useful
Integrate Identity with Business Data
Design choices when integrating your business data with an IAM system
Federation Requirements Introduced in FIPS 201-3
This article provides an overview of FIPS 201-3 and SP 800-C3. It lists the requirements and explains how OpenID fits into the picture.
Vectors of Trust
Vectors of Trust is a specification that provides a method for describing an identity transaction to determine a level of trust.
Logging Best Practices
Recommendations for managing logs and troubleshooting the Curity Identity Server.
Encrypted ID Tokens
Using JSON Web Encryption to protect the confidentiality of ID tokens
The Token Handler Pattern for Single Page Applications
Learn how the Token Handler design pattern strengthens the security of your Single Page Applications and improves user experience.
Open Banking Brazil DCR Request Validation
This article describes how to perform advanced validation of a Dynamic Client Registration request to comply with the requirements of Open Banking Brazil specifications.
Pushed Authorization Requests (PAR)
What is PAR, and how does it help improve security for financial-grade APIs?
How to Implement Financial-Grade Security
Overview of the different OAuth 2.0 and OpenID standards and best practices for implementing financial-grade security.
Dynamic User Routing
A design pattern for dynamically routing users to their home region in a global IAM system.
Curity and the Neo-Security Architecture
Learn how the Curity Identity Server relates to Neo-Security Architecture.
Explaining and listing the requests and responses in CIBA
An Overview of WebAuthn
An overview of the WebAuthn specification and its role in creating a passwordless future for the web.
Client Initiated Backchannel Authentication
Learn about the CIBA specification and how to use it to retrieve a token without direct user interaction.
Open Policy Agent: Integration Overview
Learn how the Curity Identity Server and Open Policy Agent (OPA) together can create strong user authentication and policy-based authorization.
How to deploy the Curity Identity Server across multiple datacenters and regions.
Privacy and GDPR Using OAuth
How to incorporate User Privacy Design as part of your organization's architecture to keep data safe and meet privacy-related regulations.
App2App Logins via Hypermedia Authentication API
Tutorial of App2App authentication using the Hypermedia Authentication API
Managing Users With SCIM
An explanation of how to create, read, update and delete (CRUD) users with the help of the System for Cross-domain Identity Management (SCIM).