Check out the free virtual workshops on how to take your SaaS app to the next level in the enterprise-ready identity journey!

Implement Client Credentials with Kong Konnect and Okta

Implement Client Credentials with Kong Konnect and Okta

Using Kong’s OpenID Connect (OIDC) plugin, Kong and Okta work together to solve three significant application development challenges: Connectivity Authentication Authorization The OIDC plugin enables Kong, as the API gateway, to communicate with Okta via the OAuth/OIDC flows. That way, your app teams don’t have to configure and diagnose authentication and authorization for each service individually. With these challenges solved, app teams have more time to build and innovate. Table of Contents Kong Konnect and...

Read more

Better Testing with Spring Security Test

Better Testing with Spring Security Test

Integration testing in modern Spring Boot microservices has become easier since the release of Spring Framework 5 and Spring Security 5. Spring Framework’s WebTestClient for reactive web, and MockMvc for servlet web, allow for testing controllers in a lightweight fashion without running a server. Both frameworks leverage Spring Test mock implementations of requests and responses, allowing you to verify most of the application functionality using targeted tests. With Spring Security 5, security test support provides...

Read more

R2DBC and Spring for Non-Blocking Database Access

R2DBC and Spring for Non-Blocking Database Access

Reactive APIs are a powerful way to handle and serve large amounts of data and large numbers of requests in a web application. They rely on a “server-side event” model in which the client (e.g. your browser) subscribes to “events” on the server, and the server “pushes” events to the client as they become available. For simple CRUD applications this is not very useful. However, in situations with millions of “subscribers” it can offer improved...

Read more

How to Use Client Credentials Flow with Spring Security

How to Use Client Credentials Flow with Spring Security

The client credentials grant is used when two servers need to communicate with each other outside the context of a user. This is a very common scenario—and yet, it’s often overlooked by tutorials and documentation online. In contrast, the authorization code grant type is more common, for when an application needs to authenticate a user and retrieve an authorization token, typically a JWT, that represents the user’s identity within the application and defines the resources...

Read more

Auth0 Joins Forces with Okta

Auth0 Joins Forces with Okta

Yesterday, Okta announced that we have finalized the acquisition of Auth0. You are probably looking at this blog post wondering what happens next for both companies. The post you are looking for, with a lot more details and information, is on the Auth0 blog. Please read it for more details and information, including ways to join us as we explore what the future holds. TL;DR: Over the next couple of weeks, the Okta and Auth0...

Read more

Elasticsearch in Go: A Developer's Guide

Elasticsearch in Go: A Developer's Guide

Elasticsearch is a popular datastore for all types of information. It is distributed for speed and scalability and can index many types of content which makes it highly searchable. It uses simple REST APIs for ease of access. Go has an official Elasticsearch library which makes it simple for Go developers to work with data stored in Elasticsearch programmatically. Today we’re going to take a look at how you can easily build a simple app...

Read more

Use Kong Gateway to Centralize Authentication

A customer once asked me: “Hey – Can Okta integrate with Kong?” Spoiler alert: You totally can integrate Kong with Okta using its OpenID Connect plugin. Still stuck wondering what an API gateway even is? Here’s a metaphor that works for me: You know that sci-fi movie trope in which you have a centralized hub that “jumps” you to other places in the galaxy? In that kind of system all the screening and security happens...

Read more

Build a Secure NestJS Back End for Your React Application

Build a Secure NestJS Back End for Your React Application

NestJS is a node.js framework that boasts the ability to build efficient, reliable, and scalable applications. A NestJS application can serve as the backend for your SPA. In this tutorial, you will use React, one of the most popular javascript front-end libraries available to build your SPA, and then use NestJS for your server. To secure everything, you will level Okta’s simple and powerful single sign-on provider. You will learn how to authenticate a user...

Read more

Fast Java Made Easy with Quarkus and JHipster

Fast Java Made Easy with Quarkus and JHipster

Quarkus is a Kubernetes-native, Java framework for building high-performance web, serverless, and native apps. It uses Ahead of Time (AOT) compilation and aggressive optimizations like classpath scanning, configuration reloading, and application bootstrap pre-configuration during the build process. This results in impressive startup performance. In other words, a Quarkus app starts up super fast! Like Spring and Micronaut, Quarkus can take advantage of GraalVM to transform a JVM-based application into a native executable, improving the overall...

Read more

The Ultimate Guide to Password Hashing in Okta

The Ultimate Guide to Password Hashing in Okta

As more of our critical work and personal functions go online, the risk of data and security breaches continues to increase. In 2019, there were over 1400 data breaches reported that exposed nearly 165 million records, many of which included passwords and personal information. While security specialists bear much of the responsibility in ensuring their organizations are handling sensitive data properly, web developers at all levels must take part as well. By understanding fundamental concepts...

Read more

« Prev Page: 18 of 74 Next »