Learn how to improve single sign-on (SSO) experiences using OpenID Connect (OIDC) and SCIM for streamlined authentication and user management.

Azure can yield very powerful tokens while Google limits scopes, reducing the blast radius. Register for Huntress Labs' Live Hack to see live Microsoft 365 attack demos, explore defensive tactics, and ...

API keys are a simple authentication method, essentially a unique code used to identify an application. However, as an ...

The new contract is designed to evolve the service into a next-generation, modular architecture enabling identity proofing, credentialing and authentication.

Identity should mirror its environment—too far ahead of the curve and you risk friction, too far behind it and you risk vulnerability. In this new era of human-machine collaboration, businesses must ...

The OpenID Foundation has published two new papers proposing a standardized framework to help U.S. financial institutions accept mobile driver’s licenses (mDLs) and other verifiable credentials for ...

The Backend-for-Frontend pattern addresses security issues in Single-Page Applications by moving token management back to the ...

You’ve probably noticed a requirement to enter a temporary passcode sent through email or text message after giving your password to log into one of your online ...

Your passkey future requires an authenticator, but which type is best - platform, virtual, or roaming? We help make sense of your options.

Managed Apple Accounts and federated authentication are becoming the backbone of Apple’s enterprise strategy, simplifying ...

Often referred to as password managers (even though they manage more than passwords), the market demand for virtual authenticators is supported by a long list of offerings, including but not limited ...