How-tos

Recipes for working with the Curity Identity Server.

How-tos

Authentication ServiceAuthentication Service

User Authentication APIAuthentication API

Token ServiceToken Service

How do I use OAuth to protect my APIs

How Do I Use OAuth to Protect My APIs?

If you're already familiar with OAuth's basics, test to set up the OAuth code flow or the OpenID Connect Hybrid flow in your Curity installation. If you don't have that much experience of OAuth yet, you may want to check out our getting started with OAuth and OpenID Connect course - a great way to learn more about the protocol.

Learn More
Customize your tokens

Customize Your Tokens

When you have issued your first tokens, learn more about how you can implement access control using claims and scopes. Read more about scopes and claims and how they relate to each other. This guide shows you how to add claim values from the authentication process.

Learn More
Verify your tokens with a gateway

Verify Your Tokens with a Gateway

It's common to combine the Curity Identity Server with an API Gateway to verify your access tokens externally, outside of your service. Curity recommends two alternative patterns when doing so, the Phantom Token pattern and the Split Token pattern. There are several guides available, for instance, for Azure API Management, the AWS API Gateway, and NGINX.

Learn More

User Management ServiceUser Management Service

Deployment and OperationsDeployment and Operations

Other resources

Let’s Stay in Touch!

Get the latest on identity management, API Security and authentication straight to your inbox.

Keep up with our latest articles and how-tos using RSS feeds