FusionAuth Blog

Get the latest updates on FusionAuth, identity and access management, security, general coding and major geekery here.

  • We'll see you at LFI 2023

    Learning From Incidents is a community focused on, well, learning from incidents. They are having a conference in Denver next week, on February 15 and 16. There will be hundreds of SREs, software engineers and others looking to learn best practices around incident management. The FusionAuth team will be among them, and we’d love to see you.

  • Adding single sign-on to your Django web application using OIDC

    Single sign-on (SSO) is a session and user authentication technique that permits a user to use one set of login credentials to authenticate with multiple apps. SSO works by establishing trust between a service provider, usually your application, and an identity provider, like FusionAuth.

  • What happens to the tokens after an OAuth Authorization Code grant?

    At the end of the OAuth Authorization Code grant, after a user presents their credentials at login, a code is returned which can be exchanged for one or more tokens at the token endpoint.

    These tokens include an access token, an optional refresh token, and an optional id token. The access token is used to get access to different APIs and protected resources. The refresh token lets you mint new access tokens, and the id token is used by the client to display information about the user.

  • FusionAuth is a 2023 Best Place to Work

    FusionAuth has been named a Best Place to Work and Best Startup to Work from BuiltinDenver. It was our first time applying for the awards, and we are honored to be included in the 2023 list.

  • OIDC vs SAML: What's the Difference?

    It’s essential for digital platforms to keep their data and resources secure, which is why authentication protocols are so necessary. Authentication protocols are sets of rules used to determine the identity of an entity (such as an end user, application, or device) before granting access. This differs from authorization in that authentication is concerned with identity, while authorization is concerned with permissions. Although authentication is followed by authorization, the reverse is not typically true.