With today’s announcement from Facebook of its plans to take its Facebook Connect program into the mobile sphere with Single Sign-on, it started to raise some questions from across various points. On ...

Authentication and authorization are critical parts of any application. They evolved over the years to meet the challenging requirements of the modern Web. OAuth2.0 and OpenID Connect offer a ...

Today, Google and Plaxo released a hybrid protocol that combines OpenID, the open online identity standard, with OAuth, the secure data portability standard. Too often, when a Website wants to import ...

A security researcher has uncovered serious security vulnerabilities in the technologies used by many websites to authenticate users via third-party websites. A blog posted late last week revealed the ...

The future of authentication will not rely on SAML, but with OpenID Connect and OAuth 2 instead, Dave Kearns contends in a blog post for KuppingerCole. SAML, or Security Assertion Markup Language, is ...

As you may already know, Single sign-on (SSO) is the facility by which a user can gain access to multiple sites using just a single log in. The simplest mechanism to enable SSO is through cookies but ...

* or one access token with multiple audiences? The scenario I'm thinking of is when apis are developed in separate product organisations, all being registered in the same identity service, but with ...

Modern technology is constantly making our lives easier. Our phones and the applications we use make it more convenient to work, play and listen. If you need door-to-door ground transportation, you ...

The recent Heartbleed scare caused a huge stir, even though it was effectively fixed before it even happened. There are other sorts of security holes, however, which can't be plugged so readily, and ...