Curity Code Examples

Backend Agent with A2A Authorization

Tue, 10 Mar 2026 00:00:00 GMT

The enables A2A clients (like internet applications) to send natural language commands to A2A servers (API entry points). The A2A server can be a backend AI agent that integrates with a Large Language Model (LLM) from a cloud provider. The LLM can…
Read the full code example on curity.io

Idura Authenticator

Mon, 02 Mar 2026 00:00:00 GMT

This code example provides an Idura Authenticator plugin for the Curity Identity Server. It adds functionality to the Curity Identity Server that allows users to log in using an eID solution offered by Idura, like the Swedish or Norwegian BankID. The Curity Identity Server can be…
Read the full code example on curity.io

Secure an OpenAI ChatGPT App

Fri, 06 Feb 2026 00:00:00 GMT

The initial code example demonstrates how to put together a working Model Context Protocol (MCP) authorization flow. As a result, AI agents can onboard and gain a restricted level of access to APIs. Users approve the AI agent's level of access, which…
Read the full code example on curity.io

AuthZEN Authorization Manager

Wed, 28 Jan 2026 00:00:00 GMT

The OpenID AuthZEN Working Group is standardizing fine-grained authorization and simplifying integration. Vendors have previously implemented their own protocols for client-to-server communication and especially the format of the request and response. The standa…
Read the full code example on curity.io

OpenID AuthZEN Token Procedure

Wed, 28 Jan 2026 00:00:00 GMT

This example Token Procedure plugin implements an integration with . As part of the token issuance process, the token procedure only issues access tokens based on the authorization response from an external PDP. Installing the Plugin Build the…
Read the full code example on curity.io

Implement MCP Authorization

Wed, 05 Nov 2025 00:00:00 GMT

The draft specification enables an open ecosystem where AI agents securely connect to APIs using OAuth. The article explains the security considerations when organizations expose sensitive API data to…
Read the full code example on curity.io

Token Exchange With External IdP

Wed, 24 Sep 2025 00:00:00 GMT

A common use case is the need to exchange tokens issued by external or 3rd party IdP's for a token issued by the Curity Identity Server. There are several different scenarios that can drive this type of use case: A user authenticates with an external IdP and needs a Curity…
Read the full code example on curity.io

SAML 2.0 Website

Tue, 12 Aug 2025 00:00:00 GMT

The tutorial explains how to configure the Curity Identity Server as a SAML Identity Provider. You can clone the…
Read the full code example on curity.io

Javascript SPA using OAuth Assistant Library

Fri, 18 Jul 2025 00:00:00 GMT

Curity provides a JavaScript assistant for OAuth that supports the Assisted Token-, Implicit- and Code Flow as well as logout and session management. The…
Read the full code example on curity.io

Securing a .NET API with JWTs

Sun, 01 Jun 2025 00:00:00 GMT

This tutorial explains how to secure API endpoints with access tokens in the JSON web token (JWT) format and implement claims-based authorization. The example API uses the and .
Read the full code example on curity.io

Kotlin Android App using HAAPI

Mon, 14 Apr 2025 00:00:00 GMT

This tutorial summarizes the behavior of a Kotlin app that implements OAuth 2.0 and OpenID Connect using the Hypermedia Authentication API (HAAPI). The flow is API-driven and enables a pure native login user experience, after which the app receives a correct access token with…
Read the full code example on curity.io

Swift iOS App using HAAPI

Mon, 14 Apr 2025 00:00:00 GMT

This tutorial summarizes the behavior of an iOS Swift app that implements OAuth 2.0 and OpenID Connect using the Hypermedia Authentication API (HAAPI). The flow is API-driven and enables a pure native login user experience, after which the app receives a correct access token…
Read the full code example on curity.io

React Native App using HAAPI

Fri, 21 Feb 2025 00:00:00 GMT

This tutorial shows how to run a code example that implements mobile OpenID Connect in a React Native App using the Hypermedia Authentication API (HAAPI). See also the tutorial for an introductory guide to HAAPI that runs a simple web client. The code…
Read the full code example on curity.io

Securing API Events using JWTs

Thu, 16 Jan 2025 00:00:00 GMT

Intro The architecture article explains how to use token exchange to resume asynchronous flows while maintaining sensitive values in a digitally verifiable manner. This tutorial provides an example implementation that you can run end-to-end on a development…
Read the full code example on curity.io

Exchange Opaque Token to JWT

Wed, 07 Aug 2024 00:00:00 GMT

This example presents a Token Procedure plugin that implements an exchange from an opaque token into a JWT. The OAuth Token Exchange token procedure is compliant with RFC 8693. Installing the Plugin You can build the plugin by issuing the command mvn package. This will produce a…
Read the full code example on curity.io

SPA using Token Handler

Fri, 14 Jun 2024 00:00:00 GMT

This code example explains the code you need to write in your single page application (SPA), to integrate with the . You then get…
Read the full code example on curity.io

Token Handler Deployment Example

Thu, 13 Jun 2024 00:00:00 GMT

This tutorial explains how to run an SPA code example that uses token handler backend components, for an end-to-end security solution. Token handler components from Curity implement the difficult security. If you are new to the token handler pattern, start with the
Read the full code example on curity.io

iProov Authentication Action

Thu, 28 Sep 2023 00:00:00 GMT

iProov’s Genuine Presence Assurance® technology provides an effortless and secure identity verification for user onboarding. This technology can be used to authenticate an already enrolled user. This Authentication Action is implemented in such a way that it is meant to be…
Read the full code example on curity.io

Microblink BlinkID Authentication Action

Fri, 30 Jun 2023 00:00:00 GMT

One form of Identity proofing is ID document scanning. This approach can be coupled with user authentication to further proof that the user is who they claim to be. This example authentication action can be coupled with any authenticator to perform a scan of a supported ID…
Read the full code example on curity.io

Choose Account Authentication Action

Wed, 17 May 2023 00:00:00 GMT

This tutorial describes an example implementation of an authentication action that allows the user to easily switch accounts that they previously logged in with. The action displays the user all the active Single-Sign On (SSO) sessions that they currently have in the Curity…
Read the full code example on curity.io

Testing Zero Trust APIs

Thu, 11 May 2023 00:00:00 GMT

The article on describes the main steps involved in using OAuth 2.0 to secure APIs and microservices. End-to-end flows that involve APIs often also involve a web or mobile client and a user. The client runs a to sign the user in and get an…
Read the full code example on curity.io

Long-Lived Tokens on Refresh Procedure Plugin

Mon, 06 Mar 2023 00:00:00 GMT

This example presents a Token Procedure plugin that implements the refresh token procedure and adds the following features to the refresh token flow (at the token endpoint): If the request to the endpoint contains the query parameter long_lived_token with value set to true, then…
Read the full code example on curity.io

Nonce Authenticator

Tue, 21 Feb 2023 00:00:00 GMT

An authenticator plug-in for the Curity Identity Server, to enable Single Sign-On (SSO) across applications, when SSO cookies cannot be used. See the for architecture details, or get the code from the GitHub.
Read the full code example on curity.io

Open Policy Agent Authorization Manager

Tue, 17 Jan 2023 00:00:00 GMT

As of version 7.3 of the Curity Identity Server it is possible to develop custom Authorization Manager plugins using the . An Authorization Manager can be configured to handle fine-grained access to several exposed APIs such as the GraphQL APIs for both user…
Read the full code example on curity.io

OpenID Connect Client with .NET

Wed, 11 Jan 2023 00:00:00 GMT

Overview is the industry-standard protocol for modern authentication in web applications. OpenID Connect provides a flexible and secure way to authenticate users. This code example covers how to integrate OpenID Connect into a .NET website. It shows how to…
Read the full code example on curity.io