Blog Posts

Get the latest updates on FusionAuth, security, general coding and major geekery here.

  • Let's talk about JWTs baby!

    by

    Let’s talk about JWTs (JSON Web Tokens, pronounced “jot”). JWTs are becoming more and more ubiquitous. Customer identity and access management (CIAM) providers everywhere are pushing JWTs as the silver bullet for everything. JWTs are pretty cool, but let’s talk about some of the downsides of JWTs and other solutions you might consider.

    Read More
  • Is FusionAuth GDPR Compliant?

    by

    It’s been about a year since the General Data Protection Regulation (GDPR) became fully enforceable. Are you compliant yet? We started making FusionAuth GDPR compliant as soon as the regulation was adopted, although to be honest, there wasn’t a lot we needed to do. We fully agree with these regulations and feel they provide effective guidelines that any application should follow with their users’ personal data. If you are trying to catch up with the GDPR news, read our Developer’s Guide to the GDPR here and you’ll have a good idea of what you should be aware of. Our developers have been working with these concepts for years now, so it was exciting to see our caution around user data validated.

    Read More
  • Like your avatar? You can keep it.

    by

    Did you know that you can now bring your avatar with you when you log into FusionAuth? Gravatar provides users with a globally recognized avatar. If you already have a Gravatar account then you don’t need to do anything else, we’ve taken care of everything. For those without a Gravatar account you’ll still see a randomly generated Gravatar. Everyone wins.

    Read More
  • Stop Storing My Password in Plaintext

    by

    Believe it or not there are still companies emailing users with plaintext passwords. Worse yet, some systems are storing plaintext passwords in the database. Storing or emailing plaintext passwords can increase security vulnerabilities by as much as 10x. Just freaking stop!

    Read More
  • Keycloak and FusionAuth Comparison

    by

    Keycloak and FusionAuth are CIAM platforms designed to register, login and manage users in modern applications. They eliminate the risk, costly development and maintenance time required to build an in-house solution. Keycloak and FusionAuth share many features, but also have important differences. Use this information to compare the two and determine which matches your needs.

    Read More