FusionAuth Blog

Get the latest updates on FusionAuth, identity and access management, security, general coding and major geekery here.

  • Log4j CVE: How it affects FusionAuth (TLDR: It doesn't)

    The recent announcement of CVE-2021-44228, which allows for “arbitrary code loaded from LDAP servers when message lookup substitution is enabled” through a vulnerability in log4J has many people double checking the dependencies of their Java applications. This CVE is also known as the “Log4Shell” vulnerability.

    FusionAuth is not affected by this vulnerability in Log4j. FusionAuth uses a different logging framework, Logback, so there is no way that any FusionAuth applications could be compromised.

  • How to Set Up Single Sign-On Between FusionAuth and WordPress

    User authentication is one of the most important parts of building any application, and almost every application features some sort of authentication. However, it quickly gets difficult to manage authentication when you have multiple related but independent applications to maintain.

  • We'll see you at AWS re:Invent

    AWS re:Invent is one of the largest technical conferences in the world. In the cloud space, it is the go-to event. This year there will be tens of thousands of attendees in Las Vegas, NV the week after Thanksgiving. The FusionAuth team will be among them, and we’d love to see you.

  • Announcing FusionAuth 1.31

    We’re excited to announce the release of version 1.31.0 of FusionAuth. This version shipped on November 18, 2021. 1.31.0 includes a ton of bug fixes and improvements to the Identity Providers feature.

  • Talent Funnel chose FusionAuth because it was API first and developer friendly

    David Billings is a FusionAuth community member and CTO at Talent Funnel. He chatted with us over email about how he and his team are using FusionAuth to meet their auth needs.