Security Boulevard

SAML vs OIDC vs OAuth: The 60-Second B2B Playbook

TL;DR (read this first): OAuth 2.0 is authorization (a valet key for APIs). OIDC is authentication built on top of OAuth 2.0 (modern login for web, mobile, and SPAs). SAML 2.0 is a separate, XML-based ...
GitHub

Okta Spring Boot Starter

Version 3.0.10+ adds full support for Spring Boot 4.x and Spring Security 7.x while maintaining compatibility with Spring Boot 3.x. If you're using Spring Boot 3.x and upgrading to 4.x, review the ...
Security Boulevard

Security Vulnerabilities in SAML, OAuth 2.0, OpenID Connect, and JWT

Modern SSO protocols allow users to authenticate with one identity provider and gain access to multiple services. The most common standards are: Despite their widespread adoption, each of these has ...
GitHub

Java EE REST API + Security

This example app shows how to build a Java EE REST API and secure it with JWT and OIDC. Please read Build a Java REST API with Java EE and OIDC to see how this app was created. Okta has Authentication ...
InfoWorld

How to secure REST with Spring Security

Setting up authentication and access control in Spring Security is painstaking, but you can draw on very powerful capabilities. Here’s how to get started. Securing web applications is an inherently ...