Published inAuthressAre millions of accounts vulnerable due to Google’s OAuth Flaw?This article is a rebuttal to Truffle Security’s post on Millions of Accounts Vulnerable due to Google’s OAuth Flaw. (Alt link) Even more…Jan 15Jan 15
Securing your secrets in AWSSecrets and credentials are everywhere, we use them to access third party systems. Securing secrets and protecting our credentials and…Jul 24, 2024Jul 24, 2024
Published inAuthressHow does machine to machine authentication work?Machine to machine auth is how you ensure secure communication between individual services, and each service can authorize others to access…Dec 6, 2023181Dec 6, 2023181
Published inStandup & ProsperThe Devastating Failure of Technical LeadershipI’m going to tell you a story, one that may even have happened to you. The sad truth is this a very common story, and it starts with…Jul 10, 20231Jul 10, 20231
Published inAuthressAuthress Academy: Denylists and Invaliding user accessThis article is part of the Authress Academy and discusses the different ways to invalidate a user’s access and revoke their tokens.Jul 5, 2023Jul 5, 2023
Myths about API HTTP clientsHaving built many Product APIs in my experience for multiple companies, there are a number of Myths we’ve come to learn about APIs in…Jun 29, 2023Jun 29, 2023
You are probably testing wrongI love having to answer the questions that come up regarding testing. It’s amazing that something that is pure waste according to lean for…Feb 2, 202313Feb 2, 202313
Published inAuthressBreaking up the monolith: Breaking changesBefore we get into how to handle a breaking change, we should first identify what is even a breaking change.Aug 5, 2022Aug 5, 2022
Published inStandup & ProsperMeasuring team successIt should be a inevitable conclusion that you to need to measure the success of your teams. After all, we get what we measure. And having…Jun 28, 20221Jun 28, 20221
Published inStandup & ProsperThe Required team meetingsThere is no shortage of advice out there on knowing when to call a meeting. And in the remote-first world async communication is now the…Jun 24, 20221Jun 24, 20221
Published inAuthressAWS CloudWatch: How to scale your Logging infrastructureAn obvious story you might decide to tell yourself is Logging is easy. And writing to the console or printing out debugging messages may…May 30, 2022May 30, 2022
Published inAuthressStep-up authorizationStep up authorization is the process of converting a user’s auth from a base level to an elevated or privileged state.Apr 8, 2022Apr 8, 2022
Published inAuthressBreaking up the monolith: Zero downtime migrationsIt’s pretty common in monolith architectures to have to handle migrations. But this isn’t the only place. Microservices also frequently…Feb 27, 20221Feb 27, 20221
Published inAuthressAWS Step Functions: AdvancedThis is the advanced guide to using AWS Step Functions. Step functions enable complex state machines. They track state and execute lambdas…Dec 20, 20211Dec 20, 20211
Published inAuthressBreaking up the monolith: Magic identifiersA common pattern often found in software engineering is magic identifiers. These identifiers are used to quickly represent a concept in an…Oct 19, 20211Oct 19, 20211
Published inAuthressCan’t connect to service running in EC2One of the most annoying and often challenging issues is solve dreaded connection problems with services running in EC2 (in AWS and with…Sep 20, 2021Sep 20, 2021
Published inAuthressWhen to use AWS CredentialsNever. That’s the end of the story…Aug 21, 2021Aug 21, 2021
Published inStandup & ProsperThe Punishment of Building a Slack AppThree years ago, we set out at Rhosys to build the perfect tool for team performance and growth. Turns out lot’s of companies were…Aug 21, 20211Aug 21, 20211
Published inAuthressJWT access token misconceptionsIdentity providers solve the issue of identity verification, but never include solutions for IAM access management. These IAM providers…Aug 10, 2021Aug 10, 2021