Best of OAuthJuly 2024

  1. 1
    Article
    Avatar of communityCommunity Picks·2y

    Casdoor · An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, RADIUS, Googl

    Casdoor is a UI-first Identity and Access Management (IAM) and Single-Sign-On (SSO) platform. It supports multiple authentication protocols including OAuth 2.0, OIDC, SAML, and others. Casdoor offers a frontend-backend separation architecture, multi-language support, and easy setup. It also supports third-party application login and direct sign up, making it a versatile tool for authentication needs in various projects.

  2. 2
    Article
    Avatar of devtoDEV·2y

    POST only? Let's end this absurd API design debate

    Addressing the debate on 'POST only' APIs, the post explains the misconceptions about POST-only designs, distinguishing between HTTP methods and API design styles. It highlights the principles of effective API design and compares RESTful and RPC API styles, emphasizing the appropriate scenarios for each. REST focuses on resources and standard operations, making it ideal for web services; RPC simplifies remote calls to resemble local function calls, suitable for internal services or complex operations. The ultimate goal should be clear, consistent, and efficient API design tailored to specific project needs.

  3. 3
    Article
    Avatar of newstackThe New Stack·2y

    4 API Security Best Practices

    APIs are crucial to modern digital solutions, making API security a top priority. Key points include utilizing an API gateway to enforce policies and secure endpoints with HTTPS, and using access tokens like JWTs for robust authorization. These measures help mitigate common risks such as broken object-level authorization and unrestricted resource consumption. Implementing OAuth or OpenID Connect can enhance security further by centralizing the management of access tokens.

See all OAuth archives