Browser-Based OAuth Client: The architecture you shouldn't be using
Of all possible browser-based OAuth architectures, the Browser-Based OAuth Client (BBOC) pattern is the least secure. Despite this, BBOC remains the most...
June 3, 2026
Token-Mediating Backend: An alternative to the BFF architecture
This post discusses the Token-Mediating Backend (TMB) authentication architecture for OAuth 2 applications. It covers how secure TMB is, when to use it, and...
May 7, 2026
Announcing FusionAuth 1.65 - Tenant Manager SSO Tasmanian Mountain Skink
In the Northern Hemisphere, the world awakens with springtime splendor: the earth turns a vibrant emerald, daffodils burst into bloom, and FusionAuth marks the...
April 30, 2026
Announcing FusionAuth 1.64 - The Secret Shibe
Happy zero-th birthday, FusionAuth 1.64.0! This version includes Lambda Secrets, dynamic discovery for OAuth endpoints, codes for email passwordless login, and...
March 19, 2026
Announcing FusionAuth 1.63 - The Proof Pangolin
We're excited to release FusionAuth 1.63.0. This version includes Demonstrating Proof-of-Possession (DPoP), enhancements to the MFA Lambda, improvements to the...
February 26, 2026
Showing 1 to 5 of 5 results