Blog
Security
/ 8 Jan, 2025Protecting against malicious OAuth 2.0 applications
Several Chrome extension developers were compromised in recent weeks by an attack seeking to create a backdoor in the extensions. The root cause of the breach was a phishing email that leveraged OAuth 2.0/OIDC to steal the user credentials. This blog post explores the details of such attacks and how SlashID can help detect them and contain the blast radius.
Security
/ 8 Jan, 2025Protecting against malicious OAuth 2.0 applications
Several Chrome extension developers were compromised in recent weeks by an attack seeking to create a backdoor in the extensions. The root cause of the breach was a phishing email that leveraged OAuth 2.0/OIDC to steal the user credentials. This blog post explores the details of such attacks and how SlashID can help detect them and contain the blast radius.
Tutorial
/ 18 Sep, 2023No-code anti-phishing protection of internal apps with Passkeys
Phishing is one of the most common causes of data breaches. According to Verizon's DBIR report, over 50% of incidents start with phishing or stolen credentials. WebAuthn/Passkeys are an effective way to stop phishing and credential stealing attempts on their tracks. In this article, we’ll show how you can use Gate to enforce Passkeys authentication for users without modifying the application code.
Tutorial
/ 14 Sep, 2023Firewalling OpenAI APIs: Data loss prevention and identity access control
Large Language Models (LLMs) have taken the world by storm, and they are now used for many tasks by consumers and enterprises alike. However, the risk of accidentally disclosing sensitive data to the models is very high as the recent Samsung case shown. In this article, we’ll show how you can use Gate to detect sensitive data in requests sent to the OpenAI APIs, as well as enforcing access control so that only users with certain roles can access the APIs.
New Feature
/ 12 Sep, 2023Ditch your organizations table
Suborgs make it effortless and secure to implement complex identity structures such as multi-tenancy B2B apps and multi sided marketplaces.
Tutorial
/ 5 Sep, 2023Protecting Exposed APIs: Avoid Data Leaks with SlashID Gate and OPA
Adequately protecting APIs is key to avoid data leaks and breaches. Just recently, an exposed API allowed an attacker to scrape over 2.6 million records from Duolingo. In this article, we’ll show how you can use Gate to detect, respond to, and prevent these kinds of incidents.
Open Source
/ 28 Aug, 2023Docusaurus - Authentication and authorization with SlashID
The latest docusaurus-slashid-login theme adds finer grained access control to your Docusaurus website.
New Feature
/ 25 Jul, 2023Authenticate your Shopify customers with SlashID
The new SlashID Login app for Shopify lets your customers authenticate seamlessly using quick and safe methods like passkeys, social login and magic links.
New Feature
/ 20 Jul, 2023Synchronous Webhooks
We are excited to release synchronous webhooks, the latest addition to our webhooks features. With synchronous webhooks, you can extend SlashID Access to suit your business needs in a few simple steps, in whatever language and environment makes sense for you.
Tutorial
/ 16 Jul, 2023Building a React Login Page Template
Discover how to create a secure login page for your React app with authentication and styling using SlashID.
New Feature
/ 10 Jun, 2023SlashID Analytics Webhooks
We are excited to release SlashID analytics and webhooks, providing greater visibility and actionable insights into your authentication flows.
