Defend Against Broken Access Control: Protect Your Application Today
What is Broken Access Control? Clear examples, API/IDOR scenarios, and a practical prevention checklist (RBAC/ABAC, deny-by-default, testing). Updated for the coming OWASP Top 10 2025.
How OAuth 2.0 Works: A Developer's Guide (2026)
OAuth 2.0 is the standard behind "Sign in with Google" and every major API. Here's exactly how it works, with diagrams and code.
Authentication for ASP.NET apps with Authgear and OpenID Connect
This blog post demonstrates how to add authentication features to ASP.NET apps with Authgear by implementing an OpenID Connect flow.
Get Notified in Slack for Every New User Sign Up With Authgear
This article will guide you through the process of integrating Authgear's Hooks and Events with Slack to send immediate notifications in Slack when a new user signs up.
Add Authentication to Any Web Page in 10 Minutes
This post demonstrates how to easily add authentication to any Javascript Single Page Application (SPA) using Authgear.
How Profile Enrichment can boost your product
Explore how enriching user profiles work, their benefits, and how you can enable it using Authgear to boost your product usage by understanding who your customers are.
Authentication for Spring Boot App with Authgear and OAuth2
Learn how to add authentication to your Java Spring Boot application using OAuth2 with Authgear as the Identity Provider.
Simplifying Authentication Integration For Developers With Authgear SDKs
Authgear SDK libraries make it easy for developers to integrate and interact with Authgear.
Password Spraying: What It Is and How to Prevent It?
Learn more about password spraying and the different methods to protect your users from it with Authgear.
What Is Session Management: Threats and Best Practices
Session management is the process of handling interactions between a user and a web application. To understand its importance, consider that HTTP, the protocol underlying the web, is stateless. This means each request from a user is treated independently, and the server has no inherent way to remember or track a user's actions across multiple requests. Session management addresses this by creating a session—a series of related user interactions within a specific timeframe. By managing sessions effectively, web applications can maintain user state, personalize experiences, and enhance security. In this article, we'll delve into the complexities of session management, explore potential threats, and provide best practices to safeguard your web application.
Credential Stuffing: What It Is and How to Prevent It?
Credential stuffing is a type of cyberattack involving use of stolen credentials and bots to gain access to user accounts. Learn more about it and how to prevent it with Authgear.
4 Things We Learned Supporting Passkeys
Passkeys have the potential to completely replace passwords, but it isn't perfect yet. Learn more about what you might encounter when supporting them.
From Login to Lockdown: Building Secure Authenticated Applications
Master the art of building secure authenticated applications. Learn about authentication methods, access tokens, and implement robust security with Authgear. Your comprehensive guide to safeguarding user data.
What is Salting in Security and How Does it Work?
Password salting is a security method that strengthens password protection by adding unique, random data (a "salt") to a password before it is hashed. This ensures that every password hash stored in a database is unique, effectively defending against attacks that use precomputed tables, such as rainbow table attacks.
Password Reset Best Practices: Avoid Common Pitfalls and Secure Your Users
Discover essential password reset best practices to safeguard your authentication system. Learn how to prevent common security breaches, protect user data, and enhance user experience. Bolster your application's security with expert insights and actionable tips.