Authentication Service

Integrate a Single Page Application

One way to test your initial setup is with the OAuth Assistant. You can also use this as a boilerplate for integrating your Single Page Application (SPA). Our guide outlines the details of using the OAuth Assistant in a SPA.

Read guide

Set up an authentication action flow

Authentication Actions is a powerful yet easy way to make various actions happen in the authentication process, such as conditional MFA. One or several actions can run once the users' credentials are verified, but before the authentication is completed. You can pick and choose from the many built-in ones or create your own using the SDK. (You can read more about actions in the reference documentation.)

Learn more

Add a federated authentication

It's common to have some users federated in from another identity provider (using SAML or OIDC) but still allow these users to gain access tokens from Curity Identity Server that protect your APIs. See how this is accomplished in Azure Active Directory with OpenID Connect as an example.

Read tutorial

Brand your authentication screens

All the user-facing screens can be customized down to the last pixel. This guide explains how you can brand the screens differently, even on a per-client basis.

Learn how to customize branding

Authentication API

Enable the Authentication API

Curity provides an entirely new way to log in users without a browser that improves user experience and increases security at the same time. Read more about the Hypermedia Authentication API here and follow our guide to enable it and set up a demo client.

How to set up a demo client

Run the Authentication API in an Android app

The Authentication API comes with pre-built SDKs that will secure the usage of the API, based upon client attestation and proof-of-possessions tokens. Try out the Hypermedia API in your Android app as described in this how-to article.

Read article

Token Service

How do I use OAuth to protect my APIs?

If you're already familiar with OAuth's basics, test to set up the OAuth code flow or the OpenID Connect Hybrid flow in your Curity installation. If you don't have that much experience of OAuth yet, you may want to check out our getting started with OAuth and OpenID Connect course - a great way to learn more about the protocol.

Explore the OAuth Code flow

Customize your tokens

When you have issued your first tokens, learn more about how you can implement access control using claims and scopes. Read more about scopes and claims and how they relate to each other. This guide shows you how to add claim values from the authentication process.

Read guide

Verify your tokens with a gateway

It's common to combine the Curity Identity Server with an API Gateway to verify your access tokens externally, outside of your service. Curity recommends two alternative patterns when doing so, the Phantom Token pattern and the Split Token pattern. There are several guides available, for instance, for Azure API Management, the AWS API Gateway, and NGINX.

User Management Service

Test out SCIM in the User Management Service

SCIM is an excellent protocol for user provisioning and performs CRUD operations on user accounts. You can use SCIM to connect and sync with external directories and allow third parties to manage their users. Curity's User Management Service is built around SCIM. Follow our tutorial to set up SCIM and use this API to create and update users.

Explore user management with SCIM

Deployment and Operations

Set up a cluster

The Curity product is easy to deploy to fulfill the highest availability requirements and linearly scaling performance. Create your cluster with auto-scaling using familiar tools like: Docker, Kubernetes, and Helm. Follow our guide to learn how to set up a Curity cluster.

Read guide

Automate your configuration

The Curity Identity Server comes with many interfaces for configuration management. The Web UI is easy to use for initial setup. When adding the server into your CI/CD pipelines, etc., you may want to use the other interfaces for automation, the scriptable CLI, the standards-based REST (RESTCONF) API, or using XML configuration files.

Read an introduction to the CLI

Log management

Logging within the Curity product is based around Log4j. You can also integrate it with popular log management and monitoring tools. There are guides to do that with Splunk or Datadog, for example.

Log to Splunk

Other resources

Let’s Stay in Touch!

Get the latest on identity management, API Security and authentication straight to your inbox.

Keep up with our latest articles and how-tos using RSS feeds