Check out the free virtual workshops on how to take your SaaS app to the next level in the enterprise-ready identity journey!

Easy Distributed Tracing with Spring Cloud Sleuth

Easy Distributed Tracing with Spring Cloud Sleuth

Spring Cloud Sleuth allows you to aggregate and track log entries as requests move through a distributed software system. In a monolithic system, it’s relatively easy to track requests as they move through the codebase because all requests can easily be logged to the same log file. You can generally just filter the log by the thread ID. But in a distributed system, a single client request may sprawl across any number of discrete cloud...

Read more

How to Write a Secure Python Serverless App on AWS Lambda

How to Write a Secure Python Serverless App on AWS Lambda

Modern authentication systems generate JSON Web Tokens (JWT). While there are several types of JWTs, we’re concentrating on access tokens. When a user successfully logs in to an application, a JWT is generated. The token is then passed in all requests to the backend. The backend can then validate the token and reject all requests with invalid or missing tokens. Today, we are going to build a simple web application that uses the Okta authentication...

Read more

Easy Xamarin Forms Auth with PKCE

Easy Xamarin Forms Auth with PKCE

OAuth 2.0 is a protocol that controls authorization to access a secured resource such as a native app, web app, or API server. For native applications, the recommended method for controlling access between your application and a resource server is the Authorization Code flow with a Proof Key for Code Exchange (PKCE). In this article, you will learn how to build a basic cross-platform application with Xamarin.Forms and implement Authorization Code flow with PKCE using...

Read more

The Rails Guide to Securing an API

The Rails Guide to Securing an API

In this tutorial we are going down a different track then our last Ruby Post (bad pun intended). Instead diving into building a very simple API that, of course, we will secure with access tokens minted by our very own Okta OAuth server. We’ll make requests to this API via Postman to keep things nice and simple. Now let’s get chugging along. (OK, that’s the last pun for a bit.) Prerequisites for this blog post...

Read more

Discovering macOS Settings with PlistWatch

Discovering macOS Settings with PlistWatch

In the Apple operating systems macOS and iOS, software applications store essential configuration data in an information property list (plist) files. The plist files are managed by the operating system. Although macOS does have utilities for reading and writing plist files, they are low level. It’s a manual and time-consuming process working with plist files. There is, however, a little known tool called PlistWatch that enables changes to plist files to be monitored in real...

Read more

A Quick Guide to Elasticsearch for .NET

A Quick Guide to Elasticsearch for .NET

Implementing search functionality in your .NET Core apps doesn’t have to be hard! Using Elasticsearch makes it easy to develop fast, searchable apps. In this post, I’ll walk you through building a simple web application using Okta (for user authentication), Elastic Cloud (the official Elasticsearch hosting provider), and the fabulous Elasticsearch NEST SDK. Why Use Elasticsearch? Elasticsearch is an analytics and search engine based on the Apache Lucene library. It is developed in Java, following...

Read more

Create a Secure Chat Application with Socket.IO and React

Create a Secure Chat Application with Socket.IO and React

The HTTP protocol powers the web. Traditionally, HTTP is a request-response protocol. This means that a client requests data from a server, and the server responds to that request. In this model, a server will never send data to a client without having been queried first. This approach is suitable for many use cases that the web is used for. It allows loose coupling between clients and servers without the need to keep a persistent...

Read more

Faster Spring Boot Testing with Test Slices

Faster Spring Boot Testing with Test Slices

We know unit testing is a vital part of the software development process. We also know us developers love to debate techniques, frameworks, strategies, and how different layers and components need testing. Unit tests are the most valuable when they are stable, fast, and reproducible. Spring Boot is known to reduce boilerplate code and make development extremely efficient, but it can come with a cost when it comes down to the testing. Without prior optimization,...

Read more

Update App Secrets with Jenkins CI and .NET Core

Update App Secrets with Jenkins CI and .NET Core

Introduction Jenkins is a free and open-source application that makes it easy to create CI/CD pipelines in almost any language or environment. Jenkins features a vast number of plugs to help create a CI/CD environment that is tailored to your technologies. In this application, you will create a .NET5 MVC web application and check it into a git repository. You will secure this application with Okta. Finally, you will set up a Jenkins project to...

Read more

Developers Guide to GPG and YubiKey

Developers Guide to GPG and YubiKey

Setting up a new YubiKey as a second factor is easy—your browser walks you through the entire process. However, setting up a YubiKey to sign your Git commits and Secure Shell (SSH) authentication is a very different experience. In this post, I’ll walk through configuring a YubiKey and highlight some of the things I’ve learned along the way. I’ve used GPG for years, but it didn’t really "click" for me until I sat down and...

Read more

« Prev Page: 16 of 74 Next »