Check out the free virtual workshops on how to take your SaaS app to the next level in the enterprise-ready identity journey!

JWT vs Opaque Access Tokens: Use Both With Spring Boot

JWT vs Opaque Access Tokens: Use Both With Spring Boot

The topic of validating an OAuth 2.0 access tokens comes up frequently on this blog. Often we talk about how to validate JSON Web Token (JWT) based access tokens; however, this is NOT part of the OAuth 2.0 specification. JWTs are so commonly used that Spring Security supported them before adding support for remotely validating tokens (which is part of the OAuth 2.0 specification.) In this post, you will build a simple application that takes...

Read more

Arm Up Your Java: Performance Benchmarks

Arm Up Your Java: Performance Benchmarks

Arm processors have been in the news lately, and it’s causing confusion and worries about processor performance for some folks. After Apple announced its plan to switch to Arm-based processors, I heard people (incorrectly!) speculating the performance would be similar to a Raspberry Pi. Java on Arm is nothing new, but we are seeing increased Arm investment from cloud vendors. Amazon recently updated its Arm offerings, and Microsoft is working on porting the JVM to...

Read more

Announcing the New Okta Developer Certification

Announcing the New Okta Developer Certification

Over the past few months, I have been working on a side project that I am really excited about. If you know me well, you probably know I enjoy using my side projects to help other teams meet their goals (and if you don’t, I am a Senior Security H@X0R at Okta. Check out my blog posts here.) So, when the Okta certification team asked me to help them build a cool developer certification experience,...

Read more

Easy Xamarin Essentials with Web Authenticator

Easy Xamarin Essentials with Web Authenticator

Authentication is an important part of today’s mobile applications, but securely implementing authentication in a mobile app can be a daunting task. In this article, you will learn how to create a basic cross-platform application with Xamarin.Forms and use the WebAuthenticator class from Xamarin.Essentials together with Okta to quickly and easily add user login to your mobile app. To continue you will need: A basic knowledge of C# Visual Studio 2019 An Okta Developer Account...

Read more

Build Awesome APIs with Entity Framework Core

Build Awesome APIs with Entity Framework Core

.NET Core version 3.1 just came out as of writing this article. It includes a new version of Entity Framework (EF) Core, the next generation of Microsoft’s tried and tested Object Relational Mapper (ORM). Entity Framework has been used alongside ASP.NET for years and has developed a reputation for being an essential tool in any developer’s toolbox for .NET Framework, and now .NET Core. .NET Core now also includes a built-in dependency injection system and...

Read more

Build a Spring Boot Application Using Java Modules

Build a Spring Boot Application Using Java Modules

Java is one of the most mature and persistent development languages that exists. Recently, it shifted to a 6-month release schedule, enabling it to deliver more frequent updates to the language. One of the changes introduced in Java 9 was the modular system. The Java Platform Module System (JPMS) adds two fundamental capabilities when building Java apps: Reliable configuration - replacing the brittle, error-prone class-path mechanism with a means for program components to declare explicit...

Read more

Introducing JPaseto: Security Tokens For Java

Introducing JPaseto: Security Tokens For Java

PASETO is a new security token format designed to be easy to use and free from the issues inherent with JSON Web Token (JWT) related specifications. Platform Agnostic SEcurity TOkens (PASETO) is a draft RFC spec created by Scott Arciszewski. PASETO reduces the scope of the JavaScript Object Signing and Encryption (JOSE) family of specs (which JWT is a part of), while still providing the functions that secure applications need. PASETO is everything you love...

Read more

Identity: A First Class Architectural Citizen?

Identity: A First Class Architectural Citizen?

When I decided to transition away from being a Principal Enterprise Architect into a specialized identity engineering role, a number of my colleagues asked me why. My answer has always been this: Because, for the last five or six years, every project I’ve done has been an identity project—we just didn’t know it when we started. That response is usually met with a nodding head and a resigned, weary shrug. Too often, it fails to...

Read more

Build Easy User Sync Webhooks with Okta

Build Easy User Sync Webhooks with Okta

Okta is an identity platform focused on making authentication easy to build with minimal code, and you’ll often hear us say that by using Okta you’ll never have to build authentication again. A lot of companies benefit from using our platform, which allows them to easily prompt for multi-factor authentication (MFA) based on contextual policies, offer self-service password resets and registration, and of course authentication, including federation to enterprise identity providers and social media accounts....

Read more

Build A Secure Node.js API with KoaJS

Build A Secure Node.js API with KoaJS

Koa is a web framework from the makers of Express. Koa is designed to be middleware-driven and extremely lightweight. It is so lightweight that it comes without any middleware on its own. But not to fear, there are plenty of packages available for basic functionality such as routing, authentication, body parsing, and more. You can also write your own custom middleware— I’ll show you how in this tutorial. Koa prides itself on using async functions...

Read more

« Prev Page: 27 of 74 Next »