Posts by Lindsay Brunner

StormHack 0x01

Last week was AWESOME at Stormpath. OK, I’ll admit it, every week is awesome at Stormpath. BUT. Last week was awesome-er because last week was StormHack 0x01! What is StormHack? StormHack is a place where dreams come to fruition and awesome concepts come to life! No, seriously, StormHack is our internal company hackathon, and it’s pretty rad. …

A Beginner’s Guide to JWTs in Java

New to token authentication, OAuth, or JSON Web Tokens? This is a great place to start! First, what is a JSON Web Token, or JWT (pronounced “jot”)? In a nutshell, a JWT is a secure and trustworthy standard for token authentication. JWTs allow you to digitally sign information (referred to as claims) with a signature …

3 Classic User Management Mistakes (And How to Avoid Them)

Thinking about rolling your own user management system? It’s not as easy to get right as you might expect, and getting it wrong could spell disaster for your application. Consumer loyalty is dropping, and users are becoming more sensitive to privacy and security concerns relating to their personally identifiable information (PII). As these user concerns …

The Complete Guide to Authentication

Authentication describes any of the processes by which an application confirms the truth of a user’s identity. Applications authenticate using a wide variety of protocols, from the standard passwords and single sign-on solutions to signature matching, RFID tags, fingerprint scanning, and more. Authentication is important to your application because in order to both secure your …

Token Authentication: The Secret to Scalable User Management

At Stormpath, we’re in the business of authentication and authorization, which means we have lots of conversations with developers about user management, sessions, and scalability in web and mobile applications. We think token authentication (or token-based authentication) is one of the core elements of scalable identity and authorization management. Token authentication is stateless, secure, mobile-ready, …

Healthcare Application Development: Is Your App Subject to HIPAA?

The healthcare application market is one of the most rapidly growing sectors, expected to be a $60 billion market by 2020. For developers in this surging healthcare application development space, HIPAA-compliant user management, including authentication and authorization, is mission critical. What is HIPAA? The Health Insurance Portability and Accountability Act (HIPAA), set forth in 1996, was …

Developer-Friendly SAML Single Sign On Support

Stormpath recently added support for SAML (Security Assertion Markup Language) user management including both Service Provider (SP) initiated and Identity Provider (IdP) initiated authentication. (SAML is an XML-based standard for securely exchanging authentication and authorization information between entities.) Instead of working with XML or even directly with SAML itself (which none of us wants to do), …