Posts tagged 'jwt'

  • What happens to the tokens after an OAuth Authorization Code grant?

    At the end of the OAuth Authorization Code grant, after a user presents their credentials at login, a code is returned which can be exchanged for one or more tokens at the token endpoint.

    These tokens include an access token, an optional refresh token, and an optional id token. The access token is used to get access to different APIs and protected resources. The refresh token lets you mint new access tokens, and the id token is used by the client to display information about the user.

  • Announcing FusionAuth 1.30

    We’re excited to announce the release of version 1.30.0 of FusionAuth. This version shipped on August 12, 2021. 1.30.0 includes a robust Advanced Threat Detection feature, adds 38 webhook events, resolves issues for FusionAuth community members, and more!

  • FITT Finder chose FusionAuth and left auth security to the experts

    Trevor Robinson is a FusionAuth community member and co-founder and CTO of FITT Finder, a meta-search and discovery engine for health and fitness activities. He chatted with us over email about how he and his team are using FusionAuth to meet their auth needs.

  • Additional JWT headers, verification emails, and disappearing registrations

    The FusionAuth community has an active online forum, and I wanted to highlight some of the recent topics.

    Forum discussions vary in topic and depth, but focus on FusionAuth, how to solve problems with it, and how to integrate auth systems with other software packages.

  • Softozor integrated FusionAuth with Hasura and Kubernetes and saved development effort

    Dr. Laurent Michel is a FusionAuth community member and product owner at Softozor. He chatted with us over email about how he and his team are using FusionAuth to meet their auth needs.

  • Securing a Ruby on Rails API with JWTs

    Ruby on Rails is a modern web framework, but also a great way to build an API. The ability to quickly jam out your business logic, the ease of creating and modifying data models, and the built-in testing support all combine to make creating a JSON API in Rails a no brainer. Add in a sleek admin interface using something like RailsAdmin and you can build and manage APIs easily.

    But you don’t typically want just anyone to consume your API. You want to ensure the right people and applications are doing so. In this tutorial, we’re going to build an API in Ruby on Rails 6, and secure it using JSON Web Tokens (JWTs).