Technical Article, Architecture, Access Management

SAML on the Rebound

Using SAML Federation as an alternative to the OAuth 2 SAML Extension Grant We were recently approached by a client to develop an API management solution which would allow distinct user communities to authenticate against their chosen identity provider, some of which would support the OIDC standard while others would rely on the SAML standard. […]

Read more

Technical Article, API, Access Management

What is an API Gateway?

The role of API Gateways in Modern Enterprise After my previous article on OAuth 2 scopes, several people contacted me to ask what exactly an API Manager is. In this article, I will aim to provide a clearer idea of why an organisation may choose to deploy an API Gateway solution and the associated benefits. […]

Read more

Technical Article, Access Management

Antisocial Social Networking

WHY OPENID CONNECT ISN’T THE IDENTITY FEDERATION SOLUTION YOU’RE LOOKING FOR Recently several clients have approached us to request our assistance in implementing so-called “social login” solutions, whereby a user is able to authenticate themselves by using their personal Facebook, LinkedIn or Google account. With the advent of OpenID Connect in 2014, we firmly believed […]

Read more