© 2026 Hashnode
When we talk about IAM or Identity and Access Management, we often see the terms MFA(Multi-factor Authentication) and 2FA(Two-factor authentication). When developers need to check certain flows involving service providers and local and outbound authe...

When we talk about OAuth2 and OpenID Connect(OIDC), we cannot talk about how those two operate by providing access to the client applications without talking about grant types. In simple terms, grant type is a mechanism to provide access to protecte...

The WSO2 Identity Server is mainly comprised of two frameworks, authentication framework and provisioning framework. One of the most important components in the authentication framework is the local authenticators. The local authenticators are used t...

WSO2 Identity Server allows you to alter user store operations by registering an event listener for them. These listeners are executed at specific points in the user store process, and users can design listeners that implement the logic they want to ...

User stores are places where you store user information. However, sometimes, the default user store schema might not work with your use cases. For instance, suppose you have a company that already has a user database and only needs to authenticate th...

The eventing framework of the WSO2 Identity Server can be used to trigger events for user operation events like PRE_ADD_USER and POST_ADD_USER. Furthermore, it can also be used to do operations upon a triggered event. For instance, an event handler c...

Introduction Overview of WSO2 Application Troubleshooting Troubleshooting complex application frameworks like WSO2 is an essential skill for developers and system administrators. WSO2, a middleware architecture, integrates various components such as ...

🧬 Introduction Form Post Response mode is an additional response mode defined by the OAuth2.0 specification which allows Authorization Response parameters to be sent to clients as HTML form values via an HTTP POST request. Normally, if you are using...

🧬 Introduction We have already discussed how you can gain access via the Authorization Code Grant flow. In this article, we will look at an extension of that, how to use Authorization Code Grant flow with PKCE. PKCE is an acronym for Proof Key for C...
