OAuth is a powerful solution for many providers. As with any tool, however, it’s only as powerful as it is understood by the user who chooses it. Understanding what OAuth is and, at the very least, having a general overview of each particular flow is extremely important. In a recent blog post, Daniel Lindau, looked at OAuth, and gave a brief rundown of each flow type.

The 2018 edition of the Platform Summit took place in Stockholm 22-24 October. This was the biggest event to date with about 480 total attendees, as organizers of the event we’re obviously thrilled. An international speaker panel from a wide range of industries involved in APIs, discussed the best practices that will propel the global API industry into the future.

On November 19-23 Curity will attend GOTO Copenhagen, which we are proud sponsors of. During the conference you will be able to meet us in person at our booth and discuss API Security related questions.

On Tuesday November 20th (at 11:30) our CEO, Travis Spencer will give a talk on Securing APIs and Microservices with OAuth and OpenID Connect. In addition to this, Jacob Ideskog, Identity Specialist at Curity, is hosting a workshop on OAuth and OpenID Connect in Practice.

Come and meet us at the API Security for Open Banking Summit, taking place 21st November in London. Travis Spencer, our CEO, will give a session on OAuth and OpenID Connect for PSD2, Open Banking and Third-Party Access.

You will also be able to meet us in person at our booth and discuss API Security related issues

We are happy to announce the release of Curity 3.1.0 and 3.2.0. Though not a major update, this release includes a lot of fixes and features. In addition to the thousands of tests that run on each commit, we spent a lot of additional time during this release cycle on testing. We added a lot more tests and ways of testing to help us detect issues more quickly. We also made a lot of improvements to the core system, resulting in a more secure and performant base. We noticed that some flows ran over three times faster and were able to sustain 300% more concurrent users. If you're still on 2.X, you can expect a tremendous speed boost after upgrading!

A forthcoming version of the Curity Identity Server will include a supported Java Virtual Machine (JVM) from Azul Systems, alleviating customers' concerns about the changes to the Oracle JVM licensing model, support terms, and release cycle.

On September 24 – 26 Curity will attend the API Conference in Berlin, which we are proud sponsors of. During the conference you will be able to meet us in person at our booth and discuss API Security related questions.

Come and meet us next week at the API:World, the world’s largest API conference next week in San Jose, CA between September 10 and 12. Travis Spencer, CEO of Curity, will give a session on Advanced OAuth. Come and and discuss your API security challenges with us at booth #316.

On October 22nd, Curity will be hosting two workshops at Nordic APIs 2018 Platform Summit. Later on October 23rd – 24th we will have three speakers from Curity presenting on different API security topics.

On August 22nd, Curity will host a new Java Meetup together with Oracle, at their office on Söder Mälarstrand 29 in Stockholm.

This is our most featureful, documented, and performant release ever! 3.0 marks a tremendous step forward in terms of capabilities, standard-compliance, user experience, and functionality.

Curity will be joining Nordic APIs event The Austin API Summit in Austin, Texas, on June 11-13th.

Curity and Verisec, the company behind the mobile e-ID service Freja eID, enters into a technical partnership.

You may have heard about the new General Data Protection Regulation ("GDPR"), that comes into effect May 25, 2018. Our aim is to be as transparent as possible regarding how and why we process your personal data, and as such we have updated our Privacy Policy.

On April 11th – 13th Curity will be exhibiting at the API Conference which will be held at Business Design Centre in London. The CEO of Curity, Travis Spencer, will also be giving a talk: Secure Your APIs and Microservices Using OAuth & OpenID Connect.

Come by our booth and sign up to enter the lottery and you might go home with a Nintendo Switch!

At IETF 101 in London, we were presenting the recently suggested RFC to the OAuth working group that will allow developers to secure their SPA in a standardized way. Until now, there hasn’t been a way in OAuth for clients to request user authorization when using scripting languages such as JavaScript.

On March 22nd, Curity will host a half-day workshop on OAuth and OpenID Connect at Nordic APIs and Copenhagen Fintech’s event APIs for Banking and FinTech, in Copenhagen. If you are architecting your APIs, or doing back-end development, then this workshop is for you – previous experience with the technologies is not required to participate.

Curity is the proud organizer behind the Stockholm Java User Group meetup. The next meetup will be hosted together with Computer Futures. The meetup, with the theme Patterns and Performance, will take place at 6 pm on February 20th, at SUP 46’s offices on Regeringsgatan 65 in Stockholm. The meetup is free and we will have three speakers presenting.

We are happy to be attending API Days in Paris on January 30th, where our CEO Travis Spencer will be holding a session on Secure Your APIs with Phantom Tokens.

In his session, Travis will be talking about how it is not sufficient to simply follow the standards to secure your APIs. How do you properly handle PII and other sensitive data inside JWTs and what about of devs depending on the data where changes to the token format breaks the app? The presentation will show how this is resolved using Phantom Tokens in the Curity Identity Server, still being 100% OAuth 2 compliant and benefiting from JWTs in the API backend protected by normal Reverse Proxy.

We are very happy to announce that the Curity Identity Server is now OpenID Connect certified by the OpenID Foundation. Curity is a strong proponent of organizations following the OpenID Connect standard and the for many reasons and we’re proud to pass all test required for certification. The working being done in the OpenID Foundation is in the benefit of the entire Internet community. The conformance profiles are: Basic OP, Implicit OP, Hybrid OP and Config OP.