Download and Install Passport Tutorial

Inversoft CIAM

Download and Install Passport Main

Designed to save developer time and effort, there are only a few simple steps to download and install Passport in your test or production environment. The following tutorial will explain how to install Passport on a Linux system and be up and running in just a few minutes. This is one aspect that makes Passport unique. Most existing identity technologies have a complex hierarchy of realms, principals, and distinguished names that restricts where they can be installed and requires extensive configuration. Passport will install and run on a wide variety of systems including:

Continue reading

Security Alert: SAML Single Sign-On Is Vulnerable

Brian Pontarelli

Security Alert by Inversoft Passport Cleanspeak

On February 27, Duo Security reported SAML single sign-on has a vulnerability that could enable attackers to easily take over a victim’s account. Vendors impacted by the vulnerability such as Okta, OneLogin, OmniAuth, Clever Inc and the Shibboleth Consortium have been alerted, although it’s difficult to identify and notify all users who could be at risk.

Continue reading

Storing User Data in Passport

John Philips

Storing User Data in Passport

Storing user data in Passport is not difficult and can save data essential to a user’s experience. This article will walk you through the basic steps of storing and retrieving user data in Passport.

To get started, clone or download the Passport example template from GitHub. If you want to follow along with this how to, you’ll need to have node and npm installed on your machine. (It should work with older versions, but we used node v8.9.4 and npm 5.6.0 which are the current stable releases at the time of writing.)

Continue reading

Like your avatar? You can keep it.

Daniel DeGroff


Did you know that you can now bring your avatar with you when you log into Passport?

Gravatar provides users with a globally recognized avatar. If you already have a Gravatar account then you need not do anything else, we’ve taken care of everything. For those without a Gravatar account you’ll still see a randomly generated Gravatar. Everyone wins.

Continue reading

User Data Security: Everything You Need to Know

Kelly Strain

Software security is a big deal (167 million LinkedIn user account details are currently for sale on the dark web). Most applications fail to secure user data sufficiently, leaving them vulnerable to attacks resulting in dire consequences.

To combat this issue, we are excited to announce the release of our complete 2016 Guide to User Data Security. The guide compiles everything our development team knows about server and application security and delivers step-by-step code to help you secure your user data. It covers key concepts such as server architecture, firewalling, intrusion detection, password security, two-factor authentication, social hacks, SQL injections and more.

Continue reading