×

Articles

Proof Key for Code Exchange

Proof Key for Code Exchange

An overview of how the Proof Key for Code Exchange should be used.

Mutual TLS Client Authentication

Mutual TLS Client Authentication

Authenticating a client using certificates.

Mutual TLS Sender Constrained Access Tokens

Mutual TLS Sender Constrained Access Tokens

Add another security layer by requiring proof of possession.

Best Practices - OAuth for SPAs

Best Practices - OAuth for SPAs

Secure Single Page Applications using OAuth

Best Practices - OAuth for Mobile Apps

Best Practices - OAuth for Mobile Apps

This article demos best practices for using the OAuth for mobile applications.

Supported OAuth 2.0 RFCs

Supported OAuth 2.0 RFCs

OAuth related standards supported by the Curity Identity Server.

OAuth Code Flow

OAuth Code Flow

The OAuth Code Flow Explained.

OAuth Implicit Flow

OAuth Implicit Flow

The OAuth Implicit Flow Explained.

OAuth Client Credentials Flow

OAuth Client Credentials Flow

The OAuth Client Credentials Flow Explained.

OAuth Resource Owner Password Credentials Flow

OAuth Resource Owner Password Credentials Flow

The OAuth Resource Owner Password Credentials Flow Explained.

OAuth Device Flow

OAuth Device Flow

The OAuth Device Flow Explained.

OAuth Refresh

OAuth Refresh

The OAuth Refresh Flow Explained.

OAuth Revoke Flow

OAuth Revoke Flow

The OAuth Revoke Flow Explained.

Videos

Using Custom Token Issuers in the Curity Identity Server

Using Custom Token Issuers in the Curity Identity Server

Developer How-to's

OAuth Tokens As Your Identity API

OAuth Tokens As Your Identity API

Live presentations

Scalable API Security Using OAuth

Scalable API Security Using OAuth

Live presentations

Securing APIs in a Cloud Native Environment Using OAuth

Securing APIs in a Cloud Native Environment Using OAuth

Live presentations

Financial Grade APIs Using OAuth and OpenID Connect

Financial Grade APIs Using OAuth and OpenID Connect

Live presentations

Securing APIs and Microservices with OAuth and OpenID Connect

Securing APIs and Microservices with OAuth and OpenID Connect

Live presentations

REST API Overview with Integration of CLI & UI

REST API Overview with Integration of CLI & UI

Developer How-to's

OAuth 2.0 is the industry-standard protocol for authorization and access delegation. It specifies a process for resource owners to authorize third-part access to their resources without sharing their credentials. OAuth facilitates fast and secure authentication and authorization for users to APIs, servers, devices and apps. It does this without sharing password information and instead uses access tokens to prove an identity, keeping user credentials safe.