API Security

Featured image for Aligning Cloudentity Components with XACML Terminology

Aligning Cloudentity Components with XACML Terminology

Cloudentity is frequently asked how our components and features align with those of the legacy XACML (eXtensible Access Control Markup Language), including Policy Administration Points (PAP), Policy Decision Points (PDP), Policy Information Points (PIP), and Policy Enforcement Points (PEP). In this article, we will describe what the Cloudentity components are and how they align with...
Read More
Featured image for Build a GraphQL client application to consume protected GraphQL API resources

Build a GraphQL client application to consume protected GraphQL API resources

This article is part 3 of our GraphQL application protection series. In this article, we will build a GraphQL client that is capable of invoking GraphQL API calls, obtain authorized access tokens from a Cloudentity authorization server and send the authorization token to underlying GraphQL services. Part 1: Externalized authorization for GraphQL using the Cloudentity...
Read More
Featured image for Protecting GraphQL applications through authorization and consent

Protecting GraphQL applications through authorization and consent

This article is part 2 of our GraphQL application protection series. In this article, we will build a GraphQL API server and protect its resources with externalized policies administered in the Cloudentity Authorization SaaS platform. We will also protect the GraphQL API endpoint data with a local policy enforcement/decision point for the app deployed within...
Read More
Featured image for Externalized Authorization for GraphQL

Externalized Authorization for GraphQL

This article is the first part of a series to explore usage of the Cloudentity authorization platform for externalized GraphQL runtime authorization along with policy based access controls for GraphQL native constructs. Modern applications require runtime and flexible authorization controls to manage the security and risk of data exposed using technologies like GraphQL to various...
Read More
Featured image for Identity and Authorization At Cloud Scale

Identity and Authorization At Cloud Scale

The future has a lot to answer for. For decades we’ve been promised super-cool inventions that we still haven’t received - flying cars, jetpacks and IAM platforms that provide security, scale and manageability- all with wrapped up with 21st century automation. George Jetson’s job had two settings ("Start" & "Stop") and the computer did the...
Read More
Featured image for OAuth at 100, 200...500k flows per second and Beyond

OAuth at 100, 200...500k flows per second and Beyond

OAuth and OIDC have become the center point of any API and Identity infrastructure.  OAuth2 created a framework allowing every user, device, person, service and thing to support their own distributed means of delegated authorization using a combination of scopes and grants.  From smart speakers to connected cars, OAuth and APIs connect everything in the...
Read More