All Posts In API Security & Digital Identity Category

Post Image

SAML 2.0 Bearer Assertion Profile for OAuth 2.0

Introduction
This blog provides an overview of using SAML (Security Assertion Markup Language) assertion as means for requesting an OAuth 2.0 access token. Here, Ping Federate acts as an OAuth 2.0 Authorization Server accepting the user authentication and authorization details from the …

Post Image

2-Legged OAuth using DataPower

DataPower provides support for Client Credential (client_credentials) grant type authorization specified under OAuth 2.0 specification. Under this specification, client hits OAuth token endpoint with client_secret & client_id and get access token.  Later access token goes along with request to resource …

Post Image

Consider OWSAP and Comprehensive security as part of API development guidelines

Hu-Bot enforcing Secure Coding practice
 
With the recent increase in attack vector and threats,  an enormous amount of sensitive, personally identifiable data of consumers has been captured by unknown hackers, so organizations needs to build the necessary cyber resilience. As the organizations allow REST based programmatic access …

Social Icons