Client Security

Discover different aspects of client security and learn best practice approaches.

Client security primarily covers web and mobile, to ensure the best security in the browser and on devices

The Nonce Authenticator Pattern

An additional option to ensure your desired Single Sign-On behavior

Token Handler Deployment Patterns

Design patterns for deploying an API-driven backend for front-end Single Page Applications

Token Handler Design Overview

A design overview of the key behavior when using the token handler pattern

Best Practices - OAuth and Same Site Cookies

Best practices for using web cookies and authorization server cookies securely and reliably

Best Practices - OAuth for Mobile Apps

Best practices to harden security when integrating OAuth into mobile applications.

Best Practices - OAuth and XSS Prevention

Mitigate XSS threats in OAuth-secured Browser Based Apps

Best Practices - OAuth for Single Page Applications

Single Page Applications (SPAs) are different from regular web applications, requiring further security measures. Learn how to use OAuth to secure SPAs.

Products

Features and Capabilities

Deployment and Management

Security Solutions

Industry

Identity & Access Management Resources

Developers

Learn More

5 Ways Curity Identity Server Solves Modern Identity Challenges

Join Curity at the API Security Unconference