Exploring client-side certificates as a simpler, more secure alternative to OAuth for API authentication.
Announcing OpenIddict 3.0 beta1, a major rewrite of the OpenID Connect server and validation library for .NET with new features and broader framework support.
How to configure an additional HttpClient in Blazor WebAssembly to call unprotected APIs and avoid AccessTokenNotAvailableException errors.
A tutorial on setting up a React application and integrating Firebase, including project initialization and obtaining API keys.
A guide to implementing custom authorization policies to secure the Hangfire Dashboard in an ASP.NET Core application.
A beginner's tutorial on implementing Sign in with Apple authentication for a website using the Vapor 4 server-side Swift framework.
Explores secure credential management in Azure using Managed Identities to avoid storing secrets in code or configuration.
Tutorial on implementing Firebase email authentication in a React Native chat app using react-native-firebase.
An introduction to Azure Active Directory B2C, explaining its concepts and outlining a detailed tutorial series for developers.
A beginner-friendly guide to implementing user authentication and authorization in Vapor 4 using sessions and JWTs, written in Swift.
A developer's guide to implementing Sign-in with Apple, focusing on challenges with one-time profile data and security considerations.
Explains how to use the OAuth 2.0 device authorization grant for secure user authentication in desktop applications.
A tutorial on implementing GraphQL resolver middleware for handling authentication and permission checks in a Node.js application.
Explains how to use OpenIddict 3.0's degraded mode to create a minimalist OpenID Connect proxy server for delegating authentication.
Explores secure credential management for cloud apps using Azure Managed Identities to avoid hardcoded secrets in code and source control.
Explains how to retrieve access and refresh tokens from an ASP.NET Core authentication handler to make authenticated API calls.
A technical guide on creating a custom Django User model and integrating django-allauth for email-based authentication.
A review of 2019 security predictions, covering progress on Rust adoption, WebAuthn security keys, and TLS 1.3 deployment.
Developer updates on new projects: a secure key-value store, SourceHut SSO improvements, and PinePhone/Sway Mobile development.
A guide on testing Azure AD-protected APIs using Postman, focusing on client credentials and application permissions.
