FusionAuth Blog

Get the latest updates on FusionAuth, identity and access management, security, general coding and major geekery here.

  • What is SCIM?

    SCIM, which stands for System for Cross-domain Identity Management, is a specification to add and remove users and groups using a standard protocol.

    READ MORE
  • Why is there no authentication in OAuth?

    OAuth, a standard for securely delegating authorization information, and OIDC, a profile written on top of it to securely transmit user profile data, both rely heavily on authentication of the user (also known as the ‘resource owner’) at the authorization server. The authorization server issues tokens only after the user has been authenticated to its satisfaction.

    However, there is next to no guidance about how to actually authenticate the user. Should I use a username and password? A magic link? Delegate to a third party? Require a TOTP code?

    This question came up in a discussion amongst the FusionAuth team and I thought it was worth digging into a bit more.

    Why exactly is ‘authentication’ undefined in OAuth/OIDC?

    READ MORE
  • ZanoCloud helps companies make the most of the cloud with FusionAuth

    Dmitry Zanozin is a FusionAuth community member and Founder and CEO at ZanoCloud. He chatted with us over email about how he and his team are using FusionAuth to meet their auth needs.

    READ MORE
  • Why secure gamer's user accounts?

    As the industry continues to grow, gaming is becoming a way for users to make money in addition to being a form of entertainment.

    Gamers need to be able to track and save their progress to qualify for prize money, esports league salaries, or sponsorships, as well as add to their streaming content or videos on demand. Their unique user accounts are vital to their success.

    READ MORE
  • How to migrate your user data from Google Firebase

    Firebase is a serverless offering from Google which includes customer identity and access management (CIAM) as well as other typical functionality needed for an application. As such, it offers authentication and authorization, a database, metrics and more.

    At FusionAuth, we talk to potential customers who are interested in migrating away from Firebase because of limitations, typically of standards or data control.

    READ MORE