Security Boulevard

What are Refresh Tokens? Complete Implementation Guide & Security Best Practices

Learn how refresh tokens work in enterprise SSO. This guide covers implementation, rotation, and security best practices for CIAM systems.
Security Boulevard

Bearer Tokens Explained: Complete Guide to Bearer Token Authentication & Security

Learn how bearer tokens work in OAuth 2.0 and CIAM. A complete guide for CTOs on bearer token authentication, security risks, and best practices.
heise online

No Chance for Token Theft: The Backend-for-Frontend Pattern

The Backend-for-Frontend pattern addresses security issues in Single-Page Applications by moving token management back to the server. Martina Kraus has been involved in web development since her early ...
Dark Reading

Unprotected Session Tokens Can Undermine FIDO2 Security

Many organizations that have implemented passwordless authentication via the FIDO2 standard may be undermining some of the security benefits of the approach by not properly securing the sessions that ...
Statetechmagazine

Security Authentication Tokens Can Help Counter Government Cyberthreats

With no shortage of cybersecurity risks in state and local government, state CIOs expect enterprise identity and access management solution adoption or expansion to be the cybersecurity initiative ...
Cyber Defense Magazine

SAML → OIDC Migration: The Hidden Gotchas

In many enterprises, Security Assertion Markup Language (SAML) is the glue that holds legacy single sign-on together. It has ...
Redmond Magazine

Microsoft Alters Azure Active Directory Refresh Token Settings

Microsoft has changed the default settings for Azure Active Directory refresh tokens, but just for new tenancies. Refresh token expirations were causing access frustrations for end users, Microsoft ...