Sécurité

   

Why using Oauth2-openID Connect for mobile apps ?

Why using Oauth2-openID Connect for mobile apps ? Quite often mobile applications tend to store the user credentials to connect to the application on the mobile device itself.

What if your mobile get lost or stolen ? It means that one that anybody could access directly to your apps, get hold of all your private information with the devastating effect you can imagine
This one is a major security breach.

Know more +

 

Refresh token lifecycle in OpenAM – Any version

Refresh token lifecycle in OpenAM could be very tricky, not easy to understand and implement. So that we share in this document our experiences.

1. Description
Refresh Token is a feature provided with Oauth2 Authorization code or Resource Owner Password Credentials Grant. The refresh token has long time life cycle, whereas the access token is very short.

Know more +