In the first two articles, we discussed how to design your system in order to build strong access control. We looked at how you can strike the right balance in terms of what information is associated with your access token, and we looked at balancing identity and local permissions. This article will take a look at how to configure a client in order to get a token, and how we handle sessions.| securityblog.omegapoint.se
As independent security consultants we have had the opportunity and privilege to help our customers selecting and implementing a plethora of different solutions.In this article we aim to share with you some of the key factors to consider when selecting the right IdP solution for you, a central part of your architecture and IAM solution.| securityblog.omegapoint.se
This article will show how to implement our six-step model for building APIs highlighting key aspects for creating APIs that are secure by design. Example code is available on GitHub.| securityblog.omegapoint.se
This article presents a test-driven approach to application security and shows how we can write automated tests to prove that our defenses work as expected.| securityblog.omegapoint.se