FusionAuth Blog

Get the latest updates on FusionAuth, identity and access management, security, general coding and major geekery here.

  • FusionAuth Remix demo

    FusionAuth Remix demo
    Joyce Park  |  Jul 15th, 2022

    Remix is the new hotness in web development! It is an attempt to solve some of the performance issues of React by cleverly splitting up server-side code (called Loaders and Actions) from the functionality that absolutely must be shipped to the client, such as JavaScript and CSS for transitions. It also offers benefits in accessibility through a commitment to using web standards and progressive enhancement. Remix allows for almost all parts of the stack to be easily swapped out, e.g. you can choose from several different datastores that are pre-packaged with Remix for your convenience.

    However, new users should be aware that the authentication functionality currently shipped with the basic Remix package does not conform to current best practices.

    READ MORE
  • ClearSpend chose FusionAuth because of self-hosting and clear APIs

    ClearSpend chose FusionAuth because of self-hosting and clear APIs
    Dan Moore  |  Jul 7th, 2022

    Stephen Saucier is a FusionAuth community member and Head of UX Development at ClearSpend. He chatted with us over email about how he and his team are using FusionAuth to meet their auth needs.

    READ MORE
  • What is SCIM?

    What is SCIM?
    Dan Moore  |  Jun 27th, 2022

    SCIM is a specification to add and remove users and groups using a standard protocol.

    READ MORE
  • Why is there no authentication in OAuth?

    Why is there no authentication in OAuth?
    Dan Moore  |  Jun 14th, 2022

    OAuth, a standard for securely delegating authorization information, and OIDC, a profile written on top of it to securely transmit user profile data, both rely heavily on authentication of the user (also known as the ‘resource owner’) at the authorization server. The authorization server issues tokens only after the user has been authenticated to its satisfaction.

    However, there is next to no guidance about how to actually authenticate the user. Should I use a username and password? A magic link? Delegate to a third party? Require a TOTP code?

    This question came up in a discussion amongst the FusionAuth team and I thought it was worth digging into a bit more.

    Why exactly is ‘authentication’ undefined in OAuth/OIDC?

    READ MORE
  • ZanoCloud helps companies make the most of the cloud with FusionAuth

    ZanoCloud helps companies make the most of the cloud with FusionAuth
    Dan Moore  |  Jun 3rd, 2022

    Dmitry Zanozin is a FusionAuth community member and Founder and CEO at ZanoCloud. He chatted with us over email about how he and his team are using FusionAuth to meet their auth needs.

    READ MORE