Archive of posts from June 2022

  • What is SCIM?

    What is SCIM?
    Dan Moore  |  Jun 27th, 2022

    SCIM is a specification to add and remove users and groups using a standard protocol.

    READ MORE
  • Why is there no authentication in OAuth?

    Why is there no authentication in OAuth?
    Dan Moore  |  Jun 14th, 2022

    OAuth, a standard for securely delegating authorization information, and OIDC, a profile written on top of it to securely transmit user profile data, both rely heavily on authentication of the user (also known as the ‘resource owner’) at the authorization server. The authorization server issues tokens only after the user has been authenticated to its satisfaction.

    However, there is next to no guidance about how to actually authenticate the user. Should I use a username and password? A magic link? Delegate to a third party? Require a TOTP code?

    This question came up in a discussion amongst the FusionAuth team and I thought it was worth digging into a bit more.

    Why exactly is ‘authentication’ undefined in OAuth/OIDC?

    READ MORE
  • ZanoCloud helps companies make the most of the cloud with FusionAuth

    ZanoCloud helps companies make the most of the cloud with FusionAuth
    Dan Moore  |  Jun 3rd, 2022

    Dmitry Zanozin is a FusionAuth community member and Founder and CEO at ZanoCloud. He chatted with us over email about how he and his team are using FusionAuth to meet their auth needs.

    READ MORE
  • Why secure gamer's user accounts?

    Why secure gamer's user accounts?
    Rabo James Bature  |  Jun 1st, 2022

    As the industry continues to grow, gaming is becoming a way for users to make money in addition to being a form of entertainment.

    Gamers need to be able to track and save their progress to qualify for prize money, esports league salaries, or sponsorships, as well as add to their streaming content or videos on demand. Their unique user accounts are vital to their success.

    READ MORE