Protect an MCP server with an Authorization Server
The Model Context Protocol (MCP) is rapidly becoming the standardized API for large language models (LLMs) to interact with business logic. Like the early days...
June 15, 2026
Tags
oauth
Browser-Based OAuth Client: The architecture you shouldn't be using
Of all possible browser-based OAuth architectures, the Browser-Based OAuth Client (BBOC) pattern is the least secure. Despite this, BBOC remains the most...
June 3, 2026
Token-Mediating Backend: An alternative to the BFF architecture
This post discusses the Token-Mediating Backend (TMB) authentication architecture for OAuth 2 applications. It covers how secure TMB is, when to use it, and...
May 7, 2026
Backend-for-Frontend: The most secure architecture for browser-based apps
On September 8, 2025, developer Josh Junon received what looked like a legitimate npm two-factor authentication (2FA) reset email. Within hours, malicious code...
April 22, 2026
Android App End-to-End Testing With FusionAuth
Utilizing OAuth2 with a browser popup for authentication can be challenging when implementing automated testing in an Android Emulator.
August 20, 2025
Multi-Platform Video Uploads: Using Identity Provider Links
In today's content-driven world, a regular requirement is to share content across multiple platforms to maximize reach and engagement. However, managing...
August 18, 2025
FusionAuth's CTO on the 3 Critical Areas of AI-Ready Authentication
As AI becomes part of how companies build, test, and scale their software, it's raising a new question: is your authentication strategy ready?
July 16, 2025
Showing 1 to 7 of 39 results