Modern Web Architecture and Security This was a new term for me as I started putting together my most recent study guide. SPA, which stands for Single-Page Application. While it sounds like a simple website, an SPA represents a fundamental shift in how web applications function, bringing unique challenges to the world of information security. Read More …
Tag: oidc
OIDC – OpenID Connect
Adding Identity to the Authorization Layer In the journey through information security, you will frequently encounter OAuth 2.0. While OAuth is excellent at authorization, it was never actually designed for authentication. To solve this, OIDC, or OpenID Connect, was created. Think of it this way: OAuth 2.0 is the key to a hotel room, while OIDC Read More …
PKCE – Proof Key for Code Exchange
Securing OAuth 2.0 for the Modern Web In the world of Information Security, acronyms often act as gatekeepers to critical concepts. One of the most vital for modern identity management is PKCE (pronounced “pixie”), which stands for Proof Key for Code Exchange. If you are new to the field, you likely know that OAuth 2.0 Read More …