© 2022 Hashnode
#authorization
You are a developer working on your app, and while you know security is critical to building trust, you'd rather focus on the cooler features of your application. Why this post on Application Security…
While coming across the word ‘Authentication’, the first thought comes in our mind is the login page submitting our data to the web server and then checking it with the data base. Well, there is much …
What is PKCE? PKCE (Proof Key for Code Exchange) is an extension to the OAuth 2.0 protocol that prevents authorization code interception attacks. It is a simple, lightweight mechanism that can be impl…
I got the opportunity to integrate bearer token authentication into our system. As I started working on this task, I did some research to understand the basic concepts and workflow. I find it challeng…
What is Authorization? Authorization is all about answering the question “Is this user allowed to do a certain operation?”. This is different from Authentication in which we answer the question “Whic…
We’re excited to announce the stable version of https://authorizer.dev with the most significant updates 🥳. The most complex part of your application, i.e. auth has never been this simple in the open…
When I was building my application Grow Media, I was thinking about how private routing is done, while going to each component through their specified URL and having the authorized cookie in the brows…
Let's first understand some fundamental terms in order to understand OPAL. Identity management: Organizations use this to maintain track of employees' identities and the departments in which they ar…
For a long time, ever since I started learning about JSON Web Tokens I have been wondering how is it that we validate JWT's? I understood that we sign the token and that we use that signed token to va…
When we are creating a website that requires user authentication and authorization and then only show the protected data to the user there are several ways to do that. 1) Local Storage 2) Session Storage 3) HttpOnly Cookies Firstly we have…
