Archive of posts from April 2022

  • Using Single Sign-on with Discord and FusionAuth

    Discord is a popular instant messaging and VoIP platform that allows users to form communities around common interests. There are a few reasons you might want to use Discord as your SSO identity provider. Discord is often used by hobby communities ranging from programming, gaming, and electronics to less technical things like finance and cooking. If there’s a community, there’s a good chance they have a Discord server. If you’re building a service aimed at one of these communities, using Discord as your SSO provider can make a lot of sense, allowing your users to log in with an account they already have rather than going through yet another registration process.

  • FusionAuth Secures SOC 2 Type 2 Certification

    FusionAuth, the authentication and authorization platform built for developers, today announced it has received its SOC 2 Type 2 certification. Achieving SOC 2 Type 2 compliance, which is focused on the security of an organization’s systems, illustrates to customers that FusionAuth is maintaining its adherence to one of the most stringent, industry-accepted auditing standards for service companies. FusionAuth, which was launched in 2018, achieved its SOC 2 Type 2 certification very early in its company lifecycle because it was focused on governance, risk and compliance practices since its inception.

  • Announcing FusionAuth 1.36

    We’re excited to announce the release of version 1.36 of FusionAuth. It shipped in mid April, 2022. The 1.36 releases include bug fixes, a new Identity Provider, and SCIM support.

  • FusionAuth achieves SOC2 Type II certification

    The FusionAuth team is proud to announce that we have completed the rigorous audit process and have now earned SOC2 Type II certification for our entire organization, including the FusionAuth product.

  • Spring Framework CVE: How it affects FusionAuth (TLDR: It doesn't)

    The recent announcement of CVE-2022-22965, where “a Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding,” has some folks asking if FusionAuth is affected. This CVE is also known as the “Spring4Shell” vulnerability.

    FusionAuth is not affected by this vulnerability in Spring. FusionAuth uses a different MVC framework, Prime, so there is no way that any FusionAuth applications could be compromised.

  • FusionAuth announces BioTech™

    FusionAuth is proud to announce a breakthrough in user security, BioTech™. This new technology will help users around the world more easily secure their accounts and data.