Authress has always supported all those annoying OAuth credentials flow. However, now it also supports storing and retrieving access tokens generated by refresh tokens, without making any changes to configuration.
Your offline and refresh token access will automatically be available when requested:
Some CI/CD platforms which build your solutions provide easy ways to authenticate to your cloud provider. Most Don't. And even when they do like Gitlab, the JWT isn't quite right. Authress now provides a seamless strategy so your CI/CD can use JWT to log in and not have to rely on access tokens or secrets.
We use AWS Lambda heavily, and even when we don't it was difficult to find a full featured library to validate incoming requests to our service.
It's always critical to validate user inputs, but as an API first product it's also important for this to be done right. It has to match our api docs exactly or else users are going to complain.
That's why we are happy to release the open source request validator which utilizes any OpenAPI spec for validation: OpenApi Validator
Hope that helps the community, make great apis!
We've completely redesigned our API UI to power our users security implementation. Before it was just a poor swagger-ui integration, but we hated that. And so did our users. So instead we've decided to open source a really pretty API explorer. We're using it, and we hope everyone of our users like it too.
Also we're sharing it with IndieHackers because we don't want anyone to have to build their own API explorer like we did:
Move over Firebase and Cognito, you've got nothing on Authress Login. Today Authress releases user login, adding much anticipated authentication to the portfolio of authorization security already provided.
Now you can easily aggregate your login providers in just one place. And even better there's no limit on the number of applications or connections you create. Go to town!
And just like that, we released the ability to select your product's preferred software region. Hosting software solutions usually comes with legal requirements such as GDPR or CCPA. To help keep compliance with your regulations, Authress supports your region. Right now EU and US are configured. Our technology is fully automated, so if you have a preferred region outside of here, just let us, we'll enable it for your application.
Authress now contains a knowledge base of different articles relevant to application security specifically geared to Indie Hackers. Any one can find important references to concepts such as authentication, authorization, identity management, and whatever else they might be searching for. We hope to improve the article list over time.
These articles include primers on new concepts at different levels, specific details on how to implement different concepts, as well as quick start guides for interacting with Authress.
We hope it will be useful for everyone.
We've finally have been able to focus on delivering our Authorization as a service provider. We've named it Authress, as we found it to be fitting.
Authress offers the best of the standard authorization practices, RBAC, ABAC, Policies, etc... So that any software application can protect user assets just by integrating with Authress. We hope that this will really reduce the overhead that has for so long prevented attention to security.
Whenever we build a service, we try to think how to make it just a bit more generic. Normally we try to avoid building anything we can buy, but it turned out you really can't buy an Authorization as a Service provider. We weren't sure why nothing that existed before, so we built one internally. After a successful launch of some of our other products, we decided to make the necessary changes to offer it externally.
Would it be something others are looking for too?
We started investigating the best practices in security, specifically focused on authorization. It really is amazing how many concerning mindsets exist out there and few products think about security early. Maybe there is an opportunity to deliver something awesome to the community!
Plug in security integration to your software app. APIs to manage users, permissions, groups, roles, and lots more.
Security doesn't stop at user login, use Authress to fill the gaps.