FusionAuth Blog

Get the latest updates on FusionAuth, identity and access management, security, general coding and major geekery here.

  • Adding single sign-on to your Django web application using OIDC

    Single sign-on (SSO) is a session and user authentication technique that permits a user to use one set of login credentials to authenticate with multiple apps. SSO works by establishing trust between a service provider, usually your application, and an identity provider, like FusionAuth.

    READ MORE
  • What happens to the tokens after an OAuth Authorization Code grant?

    At the end of the OAuth Authorization Code grant, after a user presents their credentials at login, a code is returned which can be exchanged for one or more tokens at the token endpoint.

    These tokens include an access token, an optional refresh token, and an optional id token. The access token is used to get access to different APIs and protected resources. The refresh token lets you mint new access tokens, and the id token is used by the client to display information about the user.

    READ MORE
  • FusionAuth is a 2023 Best Place to Work

    FusionAuth has been named a Best Place to Work and Best Startup to Work from BuiltinDenver. It was our first time applying for the awards, and we are honored to be included in the 2023 list.

    READ MORE
  • OIDC vs SAML: What's the Difference?

    It’s essential for digital platforms to keep their data and resources secure, which is why authentication protocols are so necessary. Authentication protocols are sets of rules used to determine the identity of an entity (such as an end user, application, or device) before granting access. This differs from authorization in that authentication is concerned with identity, while authorization is concerned with permissions. Although authentication is followed by authorization, the reverse is not typically true.

    READ MORE
  • Announcing FusionAuth 1.42

    FusionAuth version 1.42 shipped on December 7, 2022. This release includes the ability to force MFA, rehashing of passwords on password change, and to allow users to unlock their account by changing their password, and more.

    READ MORE