Identity & Authentication

Broken authentication is consistently in the OWASP Top 10. We cover identity platforms, session management, and auth bypass techniques — including Cognito and Google Identity Platform.

1 article

Identity Platform Firebaseauthentication

Exploiting weak configurations in Google Identity Platform

How misconfigured Google Cloud Identity Platform (Firebase) applications can leak API keys and auth tokens, allowing unauthenticated users to query, modify, or delete backend identity data.

Appsecco · April 14, 2021 · 6 min

Want to know how we test for these issues in your product?

Get a Security Assessment