authentication
Safeguard articles tagged "authentication" — guides, analysis, and best practices for software supply chain and application security.
46 articles
How to implement OAuth 2.0 securely
A step-by-step guide to implementing OAuth 2.0 securely: PKCE, redirect URI validation, token storage, and the vulnerabilities to avoid.
How to implement password policy best practices
A step-by-step guide to implement password policy best practices: aligning with NIST guidelines, dropping outdated complexity rules, and rolling out passwordless authentication.
FastAPI Authentication Best Practices in 2026
Practical, opinionated guidance on authentication in FastAPI: token formats, dependency patterns, refresh flows, and the mistakes we still see in production code reviews.
What Is Password Salting? Why Two Identical Passwords Should Never Match
Password salting adds a unique random value to each password before hashing, so identical passwords produce different hashes and precomputed attacks fall apart.
Web Session Security: A Practical Guide
Web session security is the set of controls that keep a logged-in user's session token from being stolen, guessed, or reused by an attacker — and most of it comes down to a handful of cookie flags and lifecycle rules teams routinely skip.
What Is a Nonce? The Number Used Once in Cryptography
A nonce is a value used a single time to keep cryptographic operations fresh and stop attackers from replaying old messages. Small idea, outsized importance.
MCP Server Authentication and Authorization: Securing the AI Tool Layer
The Model Context Protocol enables AI agents to interact with external tools and data sources. Securing MCP servers requires authentication, authorization, and input validation patterns specific to the AI agent context.
What Is Mutual TLS (mTLS)? Two-Way Authentication Explained
Mutual TLS makes both sides of a connection prove their identity with certificates, not just the server. It is the backbone of zero-trust communication between services.
What Is a JWT (JSON Web Token)
A JWT is a compact, signed token that carries claims like who a user is between parties. Learn its three parts, how signing works, and the common security pitfalls.
What Is SAML
SAML lets an identity provider vouch for you to other applications using signed XML assertions. Learn how it powers enterprise single sign-on and how it works.
What Is OpenID Connect (OIDC)
OpenID Connect adds a real identity layer on top of OAuth 2.0. Learn how it proves who a user is, what an ID token contains, and how it differs from plain OAuth.
What Is Authentication
Authentication is how a system proves you are who you claim to be. Here is what it means, how it works, the factors involved, and why it is the foundation of every access decision.