Category: General

Hacktoberfest at Stormpath

Finally, it’s October! It is the time of the year, that the leaves begin to start changing colors and the month that contains one of my favorite holidays, Halloween! My wife and I go all out decorating our house. We even hand-spun our own 20-foot spiderweb and topped it off with ‘bodies’ on which the …

Announcing: Multi-Factor Authentication in Stormpath!

Today, we’re announcing an exciting new addition to Stormpath: multi-factor authentication. We’ve heard time and time again from customers about the demand for this feature, and are proud to have built one of the best solutions for MFA. With many ways for users to accidentally expose their passwords, whether in a breach or against phishing …

How to Gracefully Store User Files

When you build a web application, one thing you may need to think about is how you plan to store user files. If you’re building an application that requires users to upload or download files (images, documents, receipts, etc.) — file storage can be an important part of your application architecture. Deciding where you’ll store …

Watch: No-Code SAML Support for SaaS Applications

SAML (Security Assertion Markup Language) is an XML-based standard for securely exchanging authentication and authorization information between entities — specifically between identity providers, service providers, and users. Stormpath supports SAML login without any XML. You simply configure the appropriate language or framework-specific SDK and the Stormpath Admin Console. From there, your application can consume SAML …

Stormpath and Nginx – OAuth 2.0 at the Gateway

At Stormpath, we care – a lot – about the craft of API development. We want to help developers focus on building robust, intuitive and scalable APIs, and let go of the worry and hassle of authenticating those services. Stormpath has long supported Token Authentication and API key management, so developers can offload API access …

Why Video Documentation Isn’t the Answer

Writing software documentation is hard. No joke. Companies typically start with developer-written documentation but quickly realize it’s not a great experience for the users reading it. The typical path out of this situation is to hire a tech writer, who can come at the documentation from a user’s perspective. But recently, I heard a different …

Feature Announcement: Custom Data Search with Stormpath

Today, we’re excited to announce the Beta release of Custom Data Search. In a nutshell, Custom Data Search gives you the ability to search for accounts based on the custom attributes you define in your application. Adding customized search of this magnitude (millions of JSON objects in a schemaless database) represents a huge milestone for …

How To Participate in Open Source Projects

Some huge startup successes in recent years have come from the open source community (think Cloudera, MongoDB, Mulesoft, or SugarCRM), but many developers are still hesitant to devote much (or any) of their spare time to new open source projects. For those that do recognize the value, there’s still the question of how to participate, …

Time to Swap Out Your Homegrown Identity Service?

Developers who stop by our conference booths frequently say “We wish we had known about Stormpath a year ago before we started our project.” Fortunately, it’s actually easy to switch out a homegrown identity service to an Identity API. When they first scope out a new web or mobile application, engineering teams often choose to …

Encode and Decode JWTs with jsonwebtoken.io and java.jsonwebtoken.io!

We’re excited to announce our first two StormHack projects to the world: jsonwebtoken.io and java.jsonwebtoken.io! These two sites are open source developer tools we created to make it easy to both encode and decode JWTs and generate a corresponding code sample. Encode or Decode JWTs Decode: Paste an existing JWT in order to decode its …