Documentation: Security

Securing Liberty apps with cross-domain single sign-on on Bluemix

A set of tutorials on developerWorks that describe how to use Liberty's built-in support for Security Assertion Markup Language (SAML) to enable cross-domain single sign-on...

Configuring an HTTP server to use Liberty as OpenID Connect Provider

Say you're building a static website with content that users must log in to view and you host the site on an Apache server. Instead...

Microservices and WAS Liberty

Home to Microservices and WAS Liberty resources, which provide background information, getting started guidance, best practices, and methodologies.

Using access tokens to secure microservices

This sample application demonstrates how to use OpenID Connect and access tokens to secure an application that makes calls to other applications on behalf of...

Using signed JSON Web Tokens (JWTs) to secure microservices

This sample application demonstrates how to use OpenID Connect and JWTs to secure an application that makes calls to other applications on behalf of the...

Using API keys to secure your microservice

Using API keys to identify the service making the call, authenticating the service making the call, and checking that data received has not been changed.

Using SSL Certificate Authentication with batchManager on WAS Liberty

Liberty's batchManager command-line utility authenticates with the batch REST API using either HTTP Basic Authentication or SSL Certificate Authentication. HTTP Basic Authentication requires the...

How to learn and use WAS Liberty OpenID Connect

OpenID Connect (OIDC) is the new Internet Single Sign-on (SSO) protocol based on OAuth 2.0 specifications. Using OIDC, a client can request the user’s identity...

Google OpenID Connect for applications on WebSphere Liberty

Enable users to log in with their Google accounts to applications running on WebSphere Liberty. A short video showing how to set up Google authentication...

Single sign-on with Google on Liberty

OpenID Connect 1.0 (OIDC) is a simple identity protocol over OAuth 2.0. You can configure your Liberty applications to use Single Sign-on with Google so...