A deep dive comparing API Keys, OAuth 2.0, JWT, and HMAC for CTOs. Learn which api authentication method fits your enterprise SSO and IAM strategy.

A new report released today by application programming interface security startup Salt Security Inc. warns of significant vulnerabilities in several major online platforms’ social sign-in and Open ...

As identity and access management and single sign-on become more prevalent across government, IT pros should catch up on the differences between different security protocols. In April 2018, the Office ...

Some Microsoft applications are vulnerable to an authentication issue that could enable Azure account takeover. A vulnerability in the way Microsoft applications use OAuth for third-party ...

Any substantial website is going to need to customize itself for individual users. Thus, it is going to have to authenticate those users — that is, let them log in. As a software developer, it is your ...

Microsoft warns that financially-motivated threat actors are using OAuth applications to automate BEC and phishing attacks, push spam, and deploy VMs for cryptomining. OAuth (short for Open ...

Cybercriminals, including state-sponsored threat actors, are increasingly abusing Microsoft’s OAuth 2.0 device code authentication flow to take over Microsoft 365 accounts.

Nginx on Tuesday released its latest product offering, the Plus R8, which includes an initial release of OAuth 2-based authentication. Nginx CEO Gus Robertson said that many of today's most popular ...

Using React Native authentication to verify user identities is a relatively painless and straightforward process that not only protects your company’s data and your user’s privacy, but also improves ...

A vulnerability that exposed millions of airline customers to potential account takeovers has highlighted the significant risks organizations face from misconfigured OAuth authentication processes.