Guide

Run your own OAuth2 Server

Photo of Aeneas Rekkas
Aeneas RekkasFounder, CTO

In this guide, you will set up a hardened, fully functional OAuth2 Server and OpenID Connect provider using open source only. It will take you about ~10 minutes. We will use Ory Hydra (open source), a security-first OAuth2 and OpenID Connect server written in Golang.

Read

Guide

Hop-by-hop Header Vulnerability in Go Standard Library Reverse Proxy

Photo of Patrik Neu
Patrik NeuSoftware Developer

Hop-by-hop header vulnerability in go standard library reverse proxy description and how to fix it

Read



Guide

Custom email templates with Ory

Photo of Vincent Kraus
Vincent KrausDeveloper Advocate

Customize email templates for all out-of-band communication. With code examples!

Read







Guide

How I built LoginWithHN using Ory Hydra

Photo of Vadosware
Vadosware

How Vadosware built LoginWithHN, an OAuth2+OpenID Connect provider for HackerNews using the Ory Hydra open source project.

Read

Guide

Add Authentication to your Flutter Web Applications with Ory Kratos

Photo of IGLU
IGLU

Add login, registration, user and profile management to Flutter web applications in minutes using the Ory Kratos open source project. Includes code examples for Dart!

Read


Guide

How to secure your Ory Network account with Yubikey

Photo of Vincent Kraus
Vincent KrausDeveloper Advocate

Use hardware tokens like Yubikey to secure Ory Network admin accounts.

Read

Guide

Why you probably do not need OAuth2 / OpenID Connect

Photo of Aeneas Rekkas
Aeneas RekkasFounder, CTO

Adding OAuth2 / OpenID Connect to your application is a complex process. This article will help you understand why you do not need OAuth2 / OpenID Connect in most cases!

Read

Guide

Add Custom Login, Registration, User Settings to Your Next.js & React Single Page Application (SPA)

Photo of Aeneas Rekkas
Aeneas RekkasFounder, CTO

Build custom login, registration, user settings, password recovery, email and phone verification pages to your Next.js React Single Page Application (SPA) using the ORY Kratos open source project. Includes code examples for TypeScript and Docker, and end-to-end tests!

Read

Guide

Add Authentication to your Next.js / React Single Page Application (SPA)

Photo of Aeneas Rekkas
Aeneas RekkasFounder, CTO

Add login, registration, user and profile management to Next.js Single Page Applications in minutes using the ORY Kratos open source project. Includes code examples for TypeScript and Docker, and end-to-end tests!

Read



Guide

Add Authentication to your React Native App

Photo of Aeneas Rekkas
Aeneas RekkasFounder, CTO

Add login, registration, user, and profile management to React Native mobile and desktop apps using the Ory Kratos open source project. Includes code examples for TypeScript and Docker!

Read

Guide

Keeping Covid19 in check with Ory Dockertest

Photo of Vincent Kraus
Vincent KrausDeveloper Advocate

This article gives a short introduction to Dockertest and how Google is using it against Covid19, also an overview about the open-source virus response in general.

Read

Guide

Choose Argon2 Parameters for Secure Password Hashing and Login

Photo of Patrik Neu
Patrik NeuSoftware Developer

Pick recommended Argon2 (Argon2id, Argon2i) parameters (iteration, memory, parallelism) for secure login and password hashing, following security best practices using only open source.

Read


Guide

Write Better Migrations with SQL Tests

Photo of Patrik Neu
Patrik NeuSoftware Developer

Learn how to test SQL migrations in any environment. This guide will point out all the considerations we at ORY make when implementing SQL migration tests for our open source products.

Read

Guide

OAuth2 with PKCE for Mobile Apps and Single Page Apps

Photo of Aeneas Rekkas
Aeneas RekkasFounder, CTO

Read this guide to learn how to implement authentication and authorization for mobile, browser, and native apps with better user experience and buffed security.

Read

Guide

Approaching Access Control on the Web

Photo of Aeneas Rekkas
Aeneas RekkasFounder, CTO

This is the first blog post of a multi-part series about control on the web. The goal of this series is to be the go-to guide for anyone that needs help with setting up access control (authentication & authorization) for their web application.

Read

Guide

Accurate Code Coverage in Go

Photo of Aeneas Rekkas
Aeneas RekkasFounder, CTO

Get accurate Golang (Go) code coverage reports using go-acc. Your test might perform better than you think!

Read