Categoria: Security

AWS Local Authentication: Understanding Your Options and Using IAM User Long-Term Credentials Responsibly

When you’re working with AWS as a backend engineer — especially with Java and Spring Boot stacks — there will inevitably come a moment when you need to run commands against your AWS resources using the AWS Command Line Interface (CLI) or AWS SDKs. And that moment comes with a crucial question: “How do I…

julho 6, 2025
How to Securely Connect Your Spring Boot App to PostgreSQL with AWS Secrets Manager — No More Hardcoded Credentials

Hardcoding database credentials is a practice we all want to avoid — yet it still happens. With Spring Boot and AWS Secrets Manager, you can eliminate plain-text secrets in your application.properties while keeping your configuration simple and flexible.

junho 30, 2025
Protecting Your Spring Boot Application with OAuth2 Resource Server and Auth0

Secure your Spring Boot API with OAuth2 Resource Server and Auth0, using JWT authentication for protection

março 12, 2025
Mastering Request Interception in Spring Boot: Filters vs. Interceptors

Learn the key differences between Filters and Interceptors in Spring Boot and when to use each

março 5, 2025
OAuth2 for System-to-System Authentication: A Deep Dive into the Client Credentials Flow

Learn about OAuth2 Client Credentials Flow: system-to-system authentication

fevereiro 18, 2025
How OAuth2 Differs from API Keys: Understanding Secure API Authentication

Learn the key differences between OAuth2 and API Keys for secure API authentication

fevereiro 13, 2025
The Importance of API Security in Modern Software Integration

Discover common API security threats and best practices to protect your systems effectively

fevereiro 4, 2025
Understanding Cross-Site Request Forgery (CSRF) Attacks: How They Work and How to Prevent Them

CSRF exploits browser trust to hijack user actions. Learn how it works and how to defend your web apps

janeiro 23, 2025
OAuth2 Resource Owner Password Credentials Grant Type: Use Cases and Security Risks

ROPC simplifies OAuth2 but poses security risks; learn its use cases, risks, and best practices for safe use.

janeiro 16, 2025
OAuth2 Scopes and Claims: Fine-Grained Access Control

Master OAuth2 scopes and claims to secure APIs with fine-grained access control and build trust

janeiro 14, 2025