Saurabh Adhaudevopsvoyager.hashnode.dev·Oct 18, 2024Configuring OIDC Provider with AWS Account to Access S3 Bucket from a Kubernetes Pod Using AWS Management ConsoleIntroduction Accessing AWS resources securely from applications running in Kubernetes is a common requirement. By using AWS IAM Roles for Service Accounts (IRSA) and OpenID Connect (OIDC), you can grant fine-grained permissions to your Kubernetes pod...Discuss·10 likesAWSAWS
Thomas DelafayeforCloud APIM's blogblog.cloud-apim.com·Oct 17, 2024🚀 Introducing Cloud APIM Authify - Instantly Integrate a Complete Authentication Solution with Zero HassleManaging authentication for your websites and apps can be time-consuming and complex. That’s where Cloud APIM Authify comes in 🤩 Authify is an all-in-one, easy-to-use authentication solution that enables you to securely manage user access to your ap...Discussauthify
Shohanur Rahmanshohanur.hashnode.dev·Sep 20, 2024What is SAML & OIDCOIDC (OpenID Connect) and SAML (Security Assertion Markup Language) are both widely used identity protocols for Single Sign-On (SSO) and authentication. While they share some similarities, there are key differences between them.. IdP (Identity Provi...DiscussOIDC
Sam Mesterton-Gibbonssamdbmg.hashnode.dev·Sep 12, 2024Implementing SSO with Traefiksamdbmg/ansible-traefik-auth-proxy combines the Traefik reverse proxy with thomseddon/traefik-forward-auth to provide HTTP reverse proxying, certificate handling with LetsEncrypt and SSO login, either as an Ansible role or a Docker Compose project. T...DiscussTraefik
Darko Bozhinovskidarkob.hashnode.dev·Aug 8, 2024"BuT, aUtH iS HaRd"I'm "I've used MD5 to hash passwords in PHP" years old. Sure, it was a horrible idea, even back in 2012. But, back then, I don't remember considering auth "hard." It was a pretty straightforward ordeal by itself - get an email or a username, get a pa...DiscussAuth
Alexey Poltorakalexeypoltorak.hashnode.dev·Jun 8, 2024OpenID Connect: From Implicit to Authorization Code with PKCE & BFFIntroduction This article will review the principles behind various OpenID Connect (OIDC) authentication flows, from the simplest to the most modern, highlighting the vulnerabilities present in each. We will explore each of the following OpenID Conne...Discuss·61 readsSecurity
Sitecore Groovesitecoregroove.hashnode.dev·May 28, 2024Sitecore Identity Server Behind TLS Termination ProxySitecore deployments can include TLS termination proxy between end user and the origin server, which decrypts incoming HTTPs traffic and forwards it further over plain HTTP. The main benefit is that origin server is offloaded from decryption and can ...Discuss·38 readsSitecore
Alan Taialantai.hashnode.dev·May 8, 2024FeaturedSecuring CI/CD pipelines with OIDC, GitHub Actions, and TerraformIn regulated industries, where trust is paramount, the security of CI/CD pipelines is a non-negotiable priority. Breaches within these pipelines can expose sensitive customer data and disrupt critical services, leading to devastating consequences. Tr...Akash Moradiya and 4 others are discussing this5 people are discussing thisDiscuss·35 likes·470 readsTerraform
Nipuna Upekshanipunaupeksha.hashnode.dev·Mar 11, 2024OAuth2 and OpenID Connect with WSO2 IS - Part 15🧬 Introduction Form Post Response mode is an additional response mode defined by the OAuth2.0 specification which allows Authorization Response parameters to be sent to clients as HTML form values via an HTTP POST request. Normally, if you are using...DiscussOAuth2 and OpenID Connect with WSO2 ISForm Post Response
Nipuna Upekshanipunaupeksha.hashnode.dev·Mar 11, 2024OAuth2 and OpenID Connect with WSO2 IS - Part 14🧬 Introduction We have already discussed how you can gain access via the Authorization Code Grant flow. In this article, we will look at an extension of that, how to use Authorization Code Grant flow with PKCE. PKCE is an acronym for Proof Key for C...DiscussOAuth2 and OpenID Connect with WSO2 ISOAuth2