Category: Security
-
Secure Your Data at Rest with LUKS Disk Encryption in Couchbase
Couchbase now supports LUKS disk encryption to secure your data at rest. How secure is LUKS? Couchbase 7.0 puts a big focus on security, debuting support for both role-based access control (RBAC) for Scopes…
-
Couchbase Autonomous Operator vs MongoDB Enterprise Kubernetes Operator
A Kubernetes Operator is a software extension to Kubernetes that supports built-in capabilities to manage your Kubernetes applications in an automated fashion and that follows Kubernetes principles – especially the Control Loop pattern. Why…
-
![OIDC Authorization Code Flow for Client Authentication in Couchbase Sync Gateway [Part 3 of 3]](https://www.couchbase.com/blog/wp-content/uploads/sites/5/2026/05/openid-connect-authorization-code-flow-client-authentication-couchbase-sync-gateway-1024x536.jpg)
OIDC Authorization Code Flow for Client Authentication in Couchbase Sync Gateway [Part 3 of 3]
Couchbase Sync Gateway supports OpenID Connect or OIDC-based client authentication. In this context, clients may be Couchbase Lite clients that synchronize data with Sync Gateway over the Internet using the websockets-based replication protocol or…
-
![OAuth 2.0 & OIDC Fundamentals for Authentication & Authorization [Part 1 of 3]](https://www.couchbase.com/blog/wp-content/uploads/sites/5/2026/05/feature-1024x536.png)
OAuth 2.0 & OIDC Fundamentals for Authentication & Authorization [Part 1 of 3]
Developers and architects simply can’t build modern applications without running into issues of authorization and authentication. OAuth 2.0 is an industry standard for “delegated authorization” which is the ability to provide an application or client…
-
Node-to-Node Encryption with Couchbase Server 6.5
With security on everyone’s mind, organizations need to run sensitive workloads under stringent security and compliance standards. Couchbase 6.5 preview brings several new security capabilities, and node-to-node encryption has been a top wish list…
-
Azure Key Vault for Credentials
Azure Key Vault can store username and password and manage sensitive information in Azure. Once Azure Key Vaults stores the information, Azure services that you specify (and ONLY Azure services that you specify) can…
-
How to Create a Custom Token Store for Spring-Security-Oauth2 | OAuth Part 2
In the previous blog post, we discussed how to configure a simple OAuth2 authentication. However, our implementation has a major flaw in it: we are using an in-memory token store. In-Memory token stores should…
-
Authentication With X.509 Certificates
Data security is an important aspect of every modern data platform. With micro-service based architectures becoming more of a common pattern across every high-scale app, existing password based authentication mechanisms for user authentication is…
-
Couchbase Server 5.5: Log Redaction
With security already a hot topic in the data space, the Couchbase Server 5.5 release introduces a new feature – “Log Redaction”. Logs are an important part of every platform. Logs are used for multiple…
-
Authentication and Authorization with RBAC in .NET
Authentication and authorization are vastly improved in Couchbase Server 5.0. We’ve been blogging about the new RBAC features in the developer preview for a while. Now that Couchbase Server 5.0 Beta is released, I’m…
-
Authorization & Authentication with RBAC (Part 2)
Authorization and authentication are important to Couchbase. In March, I blogged about some of the new Role Based Access Control (RBAC) that we are showing in the Couchbase Server 5.0 Developer Builds. This month,…
-
Poodle bites and ends SSL3
SSL version 3 is no longer secure. Recently, a new vulnerability in the SSL v3 protocol called the ‘Poodle attack’ was discovered by folks at Google. At Couchbase, since we take the security of…