#authorization

Chris Wood 2 Oct 2025 10 min read

Can AI work with open finance? If you know something about AI, and especially AI agents, you may have read the title of this post and be thinking, “yes, of course it can, stupid!”. The use case for AI and AI agents in the context of financial services generally is significant, with agents having the ...

blogsecurityai agentsapi securityauthorization

Keith Richards 29 Nov 2023 4 min read

A tool for Identity Federation Security Assertion Markup Language, or SAML, is an open standard for exchanging authentication and authorization data between two parties. It’s a common strategy for single sign-on (SSO), allowing users to sign in once and authenticate with multiple third party applications. Similar to OAuth2.0, SAML promotes data security by preventing direct […] The post SAML Protocol…

authenticationauthorizationprotocolsaml

Keith Richards 18 Jul 2023 5 min read

Adding AuthN to OAuth2.0 OpenID Connect (OIDC) is an authentication protocol that sits on top of the OAuth2.0 protocol. It provides a standardized way for clients to authenticate users and obtain information about their identity. In simple terms, OpenID Connect allows users to log in to different applications using a single set of credentials. It […] The post OpenID Connect…

authauthenticationauthorizationoauthoauth 2.0

Keith Richards 22 Mar 2023 5 min read

Demystifying authentication and authorization When you hear the term Auth, what comes to mind? You probably think of signing into a system with your username and password, and you’re half right. But auth is bigger than that. The bucket term also includes everything you can do in a system once you submit those credentials. Auth […] The post AuthN vs…

authauthenticationauthorizationauthnauthz

Manoj Vignesh K M 23 Mar 2022 8 min read

source: https://www.freeimages.com/download/private-property-no-trespassing-1205389 I dentity and A ccess M anagement system deals with “who” should get “what” level of access to an object (entity) or a function. The subsystem that defines “who” is called Authentication (Identity), while the subsystem that defines “what” level of access is called Authorization (Access). Building an IAM system can get very complex quickly. No wonder “Broken…

information-securityaccess-controlauthorizationidentity-and-accessaccess-management

Schakko 8 Feb 2012 3 min read

After some years of working with (and fighting against) Subversion I decided to setup a Git repository for our company. Every developer should decide on their own what Version Control System he wants to use. Jeremy Skinner wrote an excellent article about hosting a Git repository on Windows which was […] The post Windows Server 2016 or 2019 as a…

active directory ldapapachescmauthenticationauthorization