FusionAuth Blog

What's new in OAuth 2.1?

Hey look! OAuth is getting spiffed up a bit. The original OAuth 2.0 specification was released in October 2012 as RFC 6749. It replaced OAuth 1.0, released in April 2010. There have been some extensions over the years. A new OAuth specification has been proposed and is currently under discussion. As of this blog post’s writing, the specification was most recently updated on March 8, 2020. If approved, OAuth 2.1 will obsolete certain parts of Oauth 2.0 and mandate additional security best practices. The rest of the OAuth 2.0 specification will be retained.

READ MORE

How to securely implement OAuth in Angular

In this post, we’ll walk through setting up an Angular app to securely authenticate with an OAuth2 server. We’ll use a proxy server between the Angular application and the OAuth server, in order to use the authorization code grant (rather than the insecure implicit grant).

READ MORE

How to integrate with FusionAuth using PHP

FusionAuth is a ubiquitous authentication, authorization, and user management solution that can be deployed on any platform and integrated with any programming language. In this tutorial, we’re going to demonstrate how to integrate FusionAuth with PHP.

READ MORE

How to Securely Implement OAuth in React

In this post, we’ll walk step-by-step through implementing the OAuth Authorization Code Grant in a React app. This is the most secure way to implement OAuth and often overlooked for single-page applications that use technologies like React. We’ll use FusionAuth as the IdP and also show you how to configure FusionAuth for this workflow.

READ MORE

Introducing FusionAuth Reactor™ with Breached Password Detection

We said we would be cranking on new features and we meant it. Version 1.15.0 is now available and introduces an exciting new component called FusionAuth Reactor™.

READ MORE