FusionAuth Blog

Get the latest updates on FusionAuth, identity and access management, security, general coding and major geekery here.

  • What's new in OAuth 2.1?

    Hey look! OAuth is getting spiffed up a bit. The original OAuth 2.0 specification was released in October 2012 as RFC 6749. It replaced OAuth 1.0, released in April 2010. There have been some extensions over the years. A new OAuth specification has been proposed and is currently under discussion. As of this blog post’s writing, the specification was most recently updated on March 8, 2020. If approved, OAuth 2.1 will obsolete certain parts of Oauth 2.0 and mandate additional security best practices. The rest of the OAuth 2.0 specification will be retained.

  • How to securely implement OAuth in Angular

    In this post, we’ll walk through setting up an Angular app to securely authenticate with an OAuth2 server. We’ll use a proxy server between the Angular application and the OAuth server, in order to use the authorization code grant (rather than the insecure implicit grant).

  • How to integrate with FusionAuth using PHP

    FusionAuth is a ubiquitous authentication, authorization, and user management solution that can be deployed on any platform and integrated with any programming language. In this tutorial, we’re going to demonstrate how to integrate FusionAuth with PHP.

  • How to Securely Implement OAuth in React

    In this post, we’ll walk step-by-step through implementing the OAuth Authorization Code Grant in a React app. This is the most secure way to implement OAuth and often overlooked for single-page applications that use technologies like React. We’ll use FusionAuth as the IdP and also show you how to configure FusionAuth for this workflow.

  • Introducing FusionAuth Reactor™ with Breached Password Detection

    We said we would be cranking on new features and we meant it. Version 1.15.0 is now available and introduces an exciting new component called FusionAuth Reactor™.