From custom-made to plug-and-play forms of authentication, Ruby developers have plenty to choose from these days. Yet, as you may know, building your own solution can be costly and dangerous. If Devise is the de facto standard for most teams, an alternative might simplify the lives of most. This article will cover the setup and use of Auth0 in a Ruby on Rails application, including everything you need to get going properly, from handling roles to relying on multiple providers to authenticate users.

Technology is booming now more than ever, and every day brings new products and functionality for every unimaginable task. It is not just about mobile apps and computers anymore; instead, it is all about embedded systems and Internet-of-Things (IoT) devices that have quickly become so commonplace, both in our day-to-day lives and in industries like industrial automation.

In a previous blog post, we discussed the prevalence of bearer tokens (or access tokens) to restrict access to protected resources, the challenges the sheer nature of bearer tokens present, and available mitigations. To recap, presenting a bearer token is proof enough of an authorization grant to avail the service and access resources protected by the token. This poses many security risks such as using stolen or leaked tokens to gain unauthorized access.

Securing your software is essential in this day and age when cyber dangers may be found anywhere on the internet. Take a look at these concerning numbers: These numbers demonstrate the need for proactive security testing services like penetration testing, a.k.a. pen testing. Pen testing imitates real attacks on your applications to identify weaknesses before nefarious actors use them.

Organizations deploying Siemens SIMATIC PLCs (Programmable Logic Controllers) will logically want to track and manage PLC metrics. Exactly how these metrics are managed will depend upon the specific needs of the organization. For instance, organizations that would like to send PLC data directly to a Microsoft SQL Server database can use the TDS (Tabular Data Stream) protocol. But what if you wanted to subsequently access this data via a REST API?

With mobile apps expected to reach more than 183.7 billion installations globally, there has also been an increase in mobile app security threats. Today’s cyberattacks are highly sophisticated, requiring constant vigilance due to many unknown or emerging threats. These threats require a proactive approach to mobile application security. End users can take steps to protect sensitive data on their devices, such as avoiding unprotected public Wi-Fi and setting up multi-factor authentication.

In today’s digital world, APIs have become key to connect apps and services, both internally and externally. However, when integrating with external entities like partners and service providers, API security is a major concern for businesses. And from a user’s perspective, traditional authentication approaches in mobile apps or digital channels often deliver a less-than-ideal digital experience.

Application developers want to provide the most secure and seamless login experience for their users, but even when following OAuth and OpenID Connect (OIDC) best practices, user experience issues can still be a problem. In this article, we will walk through how developers can provide a secure and seamless login experience to users by providing the login functionality natively within the app itself.