With today’s announcement from Facebook of its plans to take its Facebook Connect program into the mobile sphere with Single Sign-on, it started to raise some questions from across various points. On ...

Authentication and authorization are critical parts of any application. They evolved over the years to meet the challenging requirements of the modern Web. OAuth2.0 and OpenID Connect offer a ...

Apps that wish to implement SMART on FHIR need to invest in dedicated and ongoing expertise in complex standards like OAuth and OpenID Connect, implement user consent management, and securely manage ...

USAccess complies with the Homeland Security Presidential Directive 12: Policy for a Common Identification Standard for ...

Advanced API Security is a complete reference to the next wave of challenges in enterprise security--securing public and private APIs. API adoption in both consumer and enterprises has gone beyond ...

The future of authentication will not rely on SAML, but with OpenID Connect and OAuth 2 instead, Dave Kearns contends in a blog post for KuppingerCole. SAML, or Security Assertion Markup Language, is ...

As you may already know, Single sign-on (SSO) is the facility by which a user can gain access to multiple sites using just a single log in. The simplest mechanism to enable SSO is through cookies but ...

At WWDC 2019, Apple was largely praised for turning privacy from an add-on feature to a service. The biggest proof of that was its "Sign in with Apple", its attempt to overthrow Google and Facebook ...

The new contract is designed to evolve the service into a next-generation, modular architecture enabling identity proofing, ...

* or one access token with multiple audiences? The scenario I'm thinking of is when apis are developed in separate product organisations, all being registered in the same identity service, but with ...