Authlete

The Authlete OAuth 2.0 and OpenID Connect solution enables organizations to build secure application services and APIs faster and quicker. By relying on Authlete to provide critical security functions, developers can focus on building more powerful applications and rapidly delivering them to market.

Leveraging Authlete’s dedicated solution, developers can save weeks or months implementing and maintaining authorization functions. An authorization server can be up and running in just three clicks, giving our customers a key time-to-market advantage.

Latest Tweets from @authlete

  • Authlete provides a set of APIs so that you can build OAuth/OIDC servers while not implementing the protocol specific operations. Check out our reference implementations to understand how you can leverage the APIs using programming languages of your choice
    ,
  • Need a JWT for testing purposes? Authlete's mkjose helps you create a JOSE (JSON Object Signing and Encryption) object from a given payload and JWK easily. You will like its features: templates, many signing algorithms, automatic key generation, and so on.
    ,
  • On receiving an API request with an access token, a resource server (RS) checks its scopes and determines how to respond. Authlete's introspection feature checks validity of the token based on its status and scopes so that the RS can be simplified.
    ,
  • One of the lesser-known responsibilities of authorization servers is to generate appropriate error messages and provide them using protocols defined in the OAuth 2.0 specs. Authlete's “Fail” API can automagically prepare the messages and the transmission.
    ,
  • RFC 8628 (OAuth 2.0 Device Authz Grant) defines “Device Flow” to issue access tokens with end user consent, to devices with no Web browsers and/or that have limited capability for inputting text. You can implement it using Authlete as simple as possible.
    ,

Related Verticals