Archive of posts from June 2022
What is SCIM?
SCIM is a specification to add and remove users and groups using a standard protocol.READ MORE
Why is there no authentication in OAuth?
OAuth, a standard for securely delegating authorization information, and OIDC, a profile written on top of it to securely transmit user profile data, both rely heavily on authentication of the user (also known as the ‘resource owner’) at the authorization server. The authorization server issues tokens only after the user has been authenticated to its satisfaction.
However, there is next to no guidance about how to actually authenticate the user. Should I use a username and password? A magic link? Delegate to a third party? Require a TOTP code?
This question came up in a discussion amongst the FusionAuth team and I thought it was worth digging into a bit more.
Why exactly is ‘authentication’ undefined in OAuth/OIDC?READ MORE
ZanoCloud helps companies make the most of the cloud with FusionAuth
Dmitry Zanozin is a FusionAuth community member and Founder and CEO at ZanoCloud. He chatted with us over email about how he and his team are using FusionAuth to meet their auth needs.READ MORE
Why secure gamer's user accounts?
As the industry continues to grow, gaming is becoming a way for users to make money in addition to being a form of entertainment.
Gamers need to be able to track and save their progress to qualify for prize money, esports league salaries, or sponsorships, as well as add to their streaming content or videos on demand. Their unique user accounts are vital to their success.READ MORE