The GDPR is a complex regulation, but at its most basic level it requires organizations to provide “data protection by design and default.” Inversoft’s Passport is built with a powerful REST API that gives developers the tools they need to adhere to the requirements of the GDPR with quickly and easily. On May 23 Inversoft’s CEO Brian Pontarelli presented to Colorado’s technology leaders about how the GDPR and data privacy will affect US companies, and went into detail about how the Passport API is well-suited to help companies stay GDPR compliant and avoid risks of fines and data restrictions for data protection violations.
If your inbox looks anything like mine, it’s currently full of messages from companies updating their privacy policies and terms of service. This is mainly due to a newly adopted EU regulation, the General Data Protection Regulation or GDPR, which goes into effect on May 25, 2018. The GDPR grants a set of “digital rights” to EU citizens, including a “right to erasure.” Basically, this means a user can request that their data be deleted, and there can be substantial fines if a company is not able to honor these requests.
In this post, we’ll show how to set up webhooks in Passport to delete all of a user’s data when they delete their account. In Passport, webhooks are used to subscribe or listen to events in the system, so we’ll create a webhook that listens to the
I have been talking with developers about JSON Web Tokens (JWTs) recently and a one question keeps coming up: “How do I revoke a JWT?”
If you poke around online, you’ll find that the most common answers are:
- Set the duration of the JWT to a short period (a few minutes)
- Implement complicated blacklisting techniques
There is not a simple solution because JWTs are designed to be portable, decoupled, identities. Once you authenticate against an identity provider (IdP) and get back a JWT, you don’t need to ask the IdP if the JWT is valid. This is particularly powerful when you use RSA public/private key signing. The IdP signs the JWT using the private key and then any service that has the public key can verify the integrity of the JWT.
Here’s a diagram that illustrates this architecture:
The Todo Backend can use the JWT and the public key to verify the JWT and then pull the user’s id (in this case the subject) out of the JWT. The Todo Backend can then use the user’s id to perform operations on that user’s data. However, because the Todo Backend isn’t verifying the JWT with the IdP, it has no idea if an administrator has logged into the IdP and locked or deleted that user’s account. Continue reading
At Inversoft, we like open source and we like Java.
When we built out our platform to support our new cloud product offerings we started using Chef to help us manage our deployment strategy.
When we began working on some new backend features for our cloud product offerings, I set out to find a Chef Client written in Java in order to simplify our integration.
As luck wouldn’t have it (yes you read that correctly), I was unable to find a Java library that really made my life easier. There are other Chef libraries out there, but all of them were very lightweight wrappers around HTTP calls. Some went so far as to return the JSON response from the Chef server as a String rather than right POJO.
Rather than limping along with a library that was essentially a glorified URLConnection, I did what any software engineer would do, I wrote it myself.
Behold Barista! A native binding for Chef that provides rich domain objects and REST bindings to work with a Chef server.
Building a properly authenticated HTTP request to Chef is not great fun, so I don’t suggest you do it yourself unless you enjoy the pain. We’ve done the heavy lifting for you and we did this without using any third party encryption libraries. This means you can pick up this library without dragging along any unnecessary dependencies like Bouncycastle.
We are honored to announce that Passport User Management won the DeveloperWeek 2016 Award for Top Innovator in API Services. We want thank everyone who voted and our team who works tirelessly to create high-quality software that real customers need and can rely on.