Author: Peter Fernandez
-
Spotlight on the CIAM Token Storage Conundrum
Tokens lie at the heart of modern CIAM integrations, enabling scalable and secure authentication and authorization. However, their power makes them a target for attackers. Mismanaged tokens and token storage can undermine the security of even the most advanced identity systems, leaving applications and security-sensitive data vulnerable to attack.
-
AI Assist with Vibe Coded Auth for Your APIs
Microservice architectures, interconnected applications, and even AI — all enabled by APIs — mean secure access has become an increasingly complex challenge. See how Vibe coding with Copilot, NextAuth.js and Keycloak can help implement a solution using OAuth 2.0 that’s able to meet the challenge.
-
Why Account Linking Should Be Pivotal in your CIAM SSO
Account linking isn’t just a technical feature, it’s a strategic capability you’ll almost certainly want to employ. The ability to recognize and unify customer identities not only offers a competitive advantage, but in an SSO context is a necessity to unlocking the full potential of the user experience, data integrity, personalization, security, and compliance.
-
Vibe Coding Authentication via Authorization Code Flow
Developers frequently inquire about integrating CIAM Authentication via a standard like OIDC. Using Authorization Code Flow as the recommended best practice, this article explores using Vibe coding with Copilot AI to addresses the practical steps required in a Next.js application, leveraging NextAuth.js and Keycloak as part of the solution design.
-
Anatomy of a Password
Password authentication remains a cornerstone of Customer Identity and Access Management (CIAM) systems, but to be effective, it must be secure. Passwords must never be stored in plain text, proper encryption, hashing and salting techniques must be employed, and regular monitoring with periodic auditing is essential to keeping password data secure.
-
Architecting a CIAM Solution
CIAM architecture includes several core components all working together to deliver a seamless and secure experience for users. By adopting best practices in security, privacy, and user experience, B2C and B2B SaaS developers can build trust with their customers while ensuring compliance with evolving data protection regulations.
-
An API-First Approach to CIAM
Customer Identity and Access Management (CIAM) involves addressing a variety of scenarios in an increasingly complex digital landscape. Adopting an API-first approach offers several advantages, particularly when it comes to integrating with your existing management systems and doing so in the context of Continuous Integration (CI) and Continuous Deployment (CD).
-
Cooked to Perfection using WordPress, OpenFGA, and Keycloak
Building a SaaS application with CIAM integrated as a DIY option can be a challenging prospect. In this article I’m going to explore how I’m using WordPress, Keycloak and OpenFGA to build B2B SaaS solutions with comprehensive CIAM integrations.
-
B2C and B2B SaaS Authentication Architectures
The CIAM requirements for B2C and B2B SaaS differ significantly due to the varying needs for security, complexity, and user experience. B2C platforms emphasize ease of use and scalability, where B2B SaaS platforms focus on the addition of enterprise-level integrations and adaptive processes that provide greater flexibility, granular access control, and robust security.
-
The Benefits of Self-Service User Profile Management
Incorporating self-service user profile management into a CIAM integration provides significant benefits for both businesses and customers alike. By offering autonomy, convenience, and control over account details, it improves the user experience while also reducing operational costs and administrative overheads.
