Skip to main content
Software Engineering

Questions tagged [authentication]

Ask Question

Authentication is the act of one entity proving its identity to another entity. Common examples involve public key cryptography. For example, proving that a banking web site actually belongs to the bank you think it does.

437 questions
Newest Active Bountied Unanswered
6 votes
2 answers
1k views

Since I started studying security in web applications, it seems that everyone always says to never store sensitive information (e.g., refresh tokens, access tokens, and so on) due to the risk of ...
ikiwq's user avatar
  • 165
4 votes
3 answers
226 views

We are designing a backend system for a large platform where users can interact with multiple products on behalf of different companies. We plan to use Keycloak as an external identity provider. The ...
ikiwq's user avatar
  • 165
2 votes
0 answers
158 views

when user login in my web application (Article Website) I'm using Redis to cache the refresh token. So when user login I will generate refresh token and send it to him. While caching in my Redis the ...
Osama Assi's user avatar
  • 21
0 votes
2 answers
108 views

Suppose a user can have multiple emails. A given email may be held by at most one user. Is email a good pick for login purposes (so that it's used instead of the username)? Should an authentication ...
Sergey Zolotarev's user avatar
  • 2,030
3 votes
1 answer
115 views

I am developing a home-grade web application (server-client, based on Nuxt and nuxt-auth-utils). I am using the opportunity to learn something about oAuth (and OpenID). One of the issues I face is ...
WoJ's user avatar
  • 1,661
-1 votes
1 answer
189 views

I have a REST API with protected endpoints, which require an AccessToken for access. For the user to receive the AccessToken, they need to access the login endpoint and with the correct credentials (...
Joao's user avatar
  • 11
0 votes
1 answer
119 views

I'm trying to design a database for supporting a multi-step registration flow. The registration flow goes like this: the user logs in via OAuth (which creates a session and user), then they're asked ...
Kyle Richards's user avatar
  • 123
2 votes
3 answers
1k views

I'm quite new to the world of access and refresh tokens, so bear with me. Client uses its refresh token to get a new access token. The server invalidates the just used refresh token and contextually ...
Fabio A.'s user avatar
  • 125

15 30 50 per page
1
2 3 4 5
30