Introducing The Glossary

The Glossary describes common security jargon, phrases, abbreviations , and concepts succinctly and in a way that makes sense to you.

The Web API Authentication guide, Signature Schemes

HTTP signature schemes provide integrity and authenticity on the application layer. Using them increase security but also incurs complexity.

Hello, my name is Daniel Szpisjak

Your time as a Software Engineer is valuable. I get it and respect it. This blog is designed to contain small, easily consumable drops of security knowledge essential for You.

Daniel Szpisjak

The Web API Authentication guide, Bearer tokens

Lots of modern web application utilize bearer tokens. They are ideal for backend integration, but can also be used on the frontend.

The Web API Authentication guide, Cookies

Cookies are the de-facto authentication between browser and server. For a good reason, they can provide full-blown session management with low complexity.

The Web API Authentication guide, Digest Auth

HTTP Digest Authentication was designed to completely replace Basic Auth. It provides increased security at the cost of significant complexity...