We built the SlashID infrastructure so that your user data is globally distributed.

Our architecture helps applications using SlashID benefit from dramatically reduced latency, high availability and comply with data protection laws without fragmented identity silos or extra fees.

In this comprehensive blog post, we delve into the publicly available data on large-scale passkeys rollouts, examining results, conversion rates, and implementation challenges as documented in engineering blogs by companies like Kayak and Yahoo Japan.

A number of security issues have been discovered recently caused by the reliance on the email claim when using OpenID Connect (OIDC) for SSO.

In this blog post we'll review some of the major OIDC providers to discuss how to retrieve the claim safely

Social logins and OpenID Connect (OIDC) are an extremely effective way to register new users with low friction.

There are many libraries out there that implement OIDC with several providers, however the implementation is very error-prone and can expose an application to account takeover attacks.

In this article, we’ll discuss the common security issues found in OAuth 2.0/OIDC login flows and best practices on how to avoid them.

We’re excited to announce first-party Remix support in SlashID with @slashid/remix. We've borrowed the power of our React SDK and aligned it with Remix's unique design patterns.

The Remix SDK makes authentication for Remix easy and seamless.

Firebase Authentication and Google Identity Platform are the two Google products that offer identity management.

Both products suffer from a vulnerability that allows an attacker to enumerate users on an application powered by Firebase Authentication or Google Identity Platform.

In this article, we’ll show how this vulnerability can be used and what the impact is.

Effortless GDPR compliance out of the box. Notify users about your intent to use cookies and request their consent.

Protect your API against unauthorized access without changing your application.

Our newest Gate plugin automatically enforces OpenAPI security checks, so you can implement fine-grained access control for your APIs and workloads without writing any extra code.

Rate limiting is a key defense against bots and threats for APIs and backends. Traditional IP-based rate limiting techniques are insufficient today because they can be easily bypassed.

In this article, we discuss the state of the art when it comes to rate limiting and how we have implemented a modern, distributed, identity-based rate limiting plugin for Gate.