Articles Getting Started How-tos Guides Code Examples Documentation What's new RSS

Articles

Our articles offer insights on a range of topics such as identity and access management, Financial-grade and API security.

Articles

Using External IDPs

Using External IDPs

January 17, 2022

Why and when external IDPs may be useful

Integrate Identity with Business Data
December 9, 2021
Design choices when integrating your business data with an IAM system
Federation Requirements Introduced in FIPS 201-3
November 30, 2021
This article provides an overview of FIPS 201-3 and SP 800-C3. It lists the requirements and explains how OpenID fits into the picture.
Vectors of Trust
November 19, 2021
Vectors of Trust is a specification that provides a method for describing an identity transaction to determine a level of trust.
Logging Best Practices
November 9, 2021
Recommendations for managing logs and troubleshooting the Curity Identity Server.
Encrypted ID Tokens
September 29, 2021
Using JSON Web Encryption to protect the confidentiality of ID tokens
The Token Handler Pattern for Single Page Applications
August 10, 2021
Learn how the Token Handler design pattern strengthens the security of your Single Page Applications and improves user experience.
Open Banking Brazil DCR Request Validation
July 2, 2021
This article describes how to perform advanced validation of a Dynamic Client Registration request to comply with the requirements of Open Banking Brazil specifications.
Pushed Authorization Requests (PAR)
June 23, 2021
What is PAR, and how does it help improve security for financial-grade APIs?
How to Implement Financial-Grade Security
June 11, 2021
Overview of the different OAuth 2.0 and OpenID standards and best practices for implementing financial-grade security.
Dynamic User Routing
June 7, 2021
A design pattern for dynamically routing users to their home region in a global IAM system.
Curity and the Neo-Security Architecture
June 1, 2021
Learn how the Curity Identity Server relates to Neo-Security Architecture.
CIBA Flow
April 30, 2021
Explaining and listing the requests and responses in CIBA
An Overview of WebAuthn
April 29, 2021
An overview of the WebAuthn specification and its role in creating a passwordless future for the web.
Client Initiated Backchannel Authentication
April 25, 2021
Learn about the CIBA specification and how to use it to retrieve a token without direct user interaction.
Open Policy Agent: Integration Overview
April 12, 2021
Learn how the Curity Identity Server and Open Policy Agent (OPA) together can create strong user authentication and policy-based authorization.
Multi-Region Deployment
March 11, 2021
How to deploy the Curity Identity Server across multiple datacenters and regions.
Privacy and GDPR Using OAuth
March 4, 2021
How to incorporate User Privacy Design as part of your organization's architecture to keep data safe and meet privacy-related regulations.
App2App Logins via Hypermedia Authentication API
February 16, 2021
Tutorial of App2App authentication using the Hypermedia Authentication API
Managing Users With SCIM
February 16, 2021
An explanation of how to create, read, update and delete (CRUD) users with the help of the System for Cross-domain Identity Management (SCIM).

Topics

API Security Claims & Scopes Deployment and Operation Financial Grade Hypermedia Authentication API Multi-Factor Authentication OAuth 2.0 OpenID Connect Security Architecture Single Sign-On User Management