Stormpath Blog

Introducing the Client API—Simplified Authentication for Mobile and Frontend Developers

Today, we’re excited to announce the launch of the Stormpath Client API, a brand new set of tools for frontend and mobile developers using Stormpath. As the ways in which developers build applications have evolved, we’ve worked hard to evolve with them. The Client API complements the backend focused Stormpath REST API, allowing frontend and …

The Problem with Secure User Authentication in WordPress

WordPress is a great tool for website developers. As of today, it powers over a quarter of the Internet, so clearly the team at WordPress is doing a few things right! With all the great features and support that WordPress provides, there are a couple problems that make secure user authentication in WordPress a challenge. …

Protecting JAX-RS Resources with RBAC and Apache Shiro

Security is probably the most important thing for your application, but it doesn’t have to be the hardest thing. Today I’ll show you how to use Shiro’s wildcard permissions to enable fine grained Role-Based Access Control (RBAC) which makes granting user permissions trivial (a single line). This will also make your application’s security policy more …

Add Gulp Inject to Your AngularJS Application

When developing an AngularJS application, one of the best things you can do for yourself is to streamline your workflow. If you’ve configured your build tools elegantly you can get in the flow and write code without refreshing your browser or worrying about adding new JavaScript files to your index.html. This article shows you how …

JAX-RS vs Spring for REST Endpoints

REST endpoints are used just about everywhere you need to decouple your web service and client. Many developers have used Spring or JAX-RS for this purpose. Some have used one but not the other, in this post I’ll go over the the differences between the two using basically the same code. In future posts I’ll …

5 Tips for Building an API in ASP.NET Core

These days users expect a fluid, app-like experience on the internet. Thus, the new web is being built with APIs and single-page frontends. This means it’s more important that ever to build APIs that are easy to use, reliable, and scalable. ASP.NET Core makes it easy to build great APIs, but there are a few …

The Ultimate Guide to Deploying Static Sites on AWS

Static sites are the best. They’re fast, they’re simple, and they’re practically free to host. Since late January 2016, Amazon Web Services (AWS) has become one of the best static web hosting providers of all time due to their release of AWS Certificate Manager (ACM). Using AWS, you can now: Deploy your static site into …

2016 Year in Review — New Tools Broaden Authentication & User Management Support

2016 was an awesome year for the team here at Stormpath! We hit the ground running in January and rapidly scaled both our internal staff and resources, as well as our service offerings around authentication and user management. None of this could have happened without the invaluable support, input, and feedback from our customers and …

What the Galactic Empire Could Learn From OWASP

Security is crucial for any project, whether you’re building a hobby application on the terrestrial internet or a fully operational battlestation in a galaxy far, far away. That said, security isn’t easy. Every few years, the OWASP group publishes the Top Ten list, which reviews the most common security mistakes in applications across the internet. …

Angular and Microservices at The Rich Web Experience 2016

As a Developer Evangelist at Stormpath, I’m tasked with developing our integrations, as well as showing developers how to use them. I do this through blog posts and speaking at conferences/meetups. It’s been a great ride so far and I’ve really enjoyed creating our JHipster integration and our initial Angular 2 support. I’ve been speaking …