<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>JWT &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/jwt/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Mon, 17 Jun 2024 18:01:58 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>SaaS tenant isolation with ABAC using AWS STS support for tags in JWT</title>
		<link>https://noise.getoto.net/2024/06/17/saas-tenant-isolation-with-abac-using-aws-sts-support-for-tags-in-jwt/</link>
		
		<dc:creator><![CDATA[Manuel Heinkel]]></dc:creator>
		<pubDate>Mon, 17 Jun 2024 18:01:58 +0000</pubDate>
				<category><![CDATA[Advanced (300)]]></category>
		<category><![CDATA[AWS STS]]></category>
		<category><![CDATA[JWT]]></category>
		<category><![CDATA[SaaS]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[Tags]]></category>
		<category><![CDATA[Technical How-to]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=91051cd801658004afea3c0416e1cec3</guid>

					<description><![CDATA[As independent software vendors (ISVs) shift to a multi-tenant software-as-a-service (SaaS) model, they commonly adopt a shared infrastructure model to achieve cost and operational efficiency. The more ISVs move into a multi-tenant model, the more concern they may have about the potential for one tenant to access the resources of another tenant. SaaS systems include […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>How to protect HMACs inside AWS KMS</title>
		<link>https://noise.getoto.net/2022/04/20/how-to-protect-hmacs-inside-aws-kms/</link>
		
		<dc:creator><![CDATA[Jeremy Stieglitz]]></dc:creator>
		<pubDate>Tue, 19 Apr 2022 22:57:30 +0000</pubDate>
				<category><![CDATA[*Learning Levels]]></category>
		<category><![CDATA[announcements]]></category>
		<category><![CDATA[AWS KMS]]></category>
		<category><![CDATA[digital signature]]></category>
		<category><![CDATA[HMAC]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[JWT]]></category>
		<category><![CDATA[security]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[Technical How-to]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=0f09f416f8ac373ce1b46a8e3f1caf68</guid>

					<description><![CDATA[Today AWS Key Management Service (AWS KMS) is introducing new APIs to generate and verify hash-based message authentication codes (HMACs) using the Federal Information Processing Standard (FIPS) 140-2 validated hardware security modules (HSMs) in AWS KMS. HMACs are a powerful cryptographic building block that incorporate secret key material in a hash function to create a […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Security practices in AWS multi-tenant SaaS environments</title>
		<link>https://noise.getoto.net/2022/01/31/security-practices-in-aws-multi-tenant-saas-environments/</link>
		
		<dc:creator><![CDATA[Keith P]]></dc:creator>
		<pubDate>Mon, 31 Jan 2022 20:20:51 +0000</pubDate>
				<category><![CDATA[cognito]]></category>
		<category><![CDATA[Expert (400)]]></category>
		<category><![CDATA[IAM]]></category>
		<category><![CDATA[JWT]]></category>
		<category><![CDATA[SaaS]]></category>
		<category><![CDATA[SaaS lens]]></category>
		<category><![CDATA[security]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[Tenant isolation]]></category>
		<category><![CDATA[VPC]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=361c5e13c931f36d82e94adf8f197631</guid>

					<description><![CDATA[Securing software-as-a-service (SaaS) applications is a top priority for all application architects and developers. Doing so in an environment shared by multiple tenants can be even more challenging. Identity frameworks and concepts can take time to understand, and forming tenant isolation in these environments requires deep understanding of different tools and services. While security is […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Building fine-grained authorization using Amazon Cognito, API Gateway, and IAM</title>
		<link>https://noise.getoto.net/2021/05/21/building-fine-grained-authorization-using-amazon-cognito-api-gateway-and-iam/</link>
		
		<dc:creator><![CDATA[Artem Lovan]]></dc:creator>
		<pubDate>Fri, 21 May 2021 19:22:59 +0000</pubDate>
				<category><![CDATA[Advanced (300)]]></category>
		<category><![CDATA[Amazon API Gateway]]></category>
		<category><![CDATA[Amazon Cognito]]></category>
		<category><![CDATA[Amazon DynamoDB]]></category>
		<category><![CDATA[authorization]]></category>
		<category><![CDATA[AWS IAM]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[custom authorizer]]></category>
		<category><![CDATA[JWT]]></category>
		<category><![CDATA[Oauth]]></category>
		<category><![CDATA[RBAC]]></category>
		<category><![CDATA[SAML]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[Token]]></category>
		<category><![CDATA[апи]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=bca00f935848a7b631a841ad8138449b</guid>

					<description><![CDATA[June 5, 2021: We’ve updated Figure 1: User request flow. Authorizing functionality of an application based on group membership is a best practice. If you’re building APIs with Amazon API Gateway and you need fine-grained access control for your users, you can use Amazon Cognito. Amazon Cognito allows you to use groups to create a […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 34/152 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-09 13:55:12 by W3 Total Cache
-->