Blog

Mar 21, 2025

New widgets available for user profiles and organization switching

We just released four new widgets to make your life easier: user profile, user sessions, user security, and organization switcher. They are now available for free to all AuthKit customers.

Lucas Motta

Product

Mar 20, 2025

New enterprise login integrations in AuthKit

With AuthKit enterprise logins are now easier than ever. We are announcing the addition of key B2B login providers, like LinkedIn, Slack, Xero, and more, giving your users seamless access to your platform with the credentials they already use.

Custom Metadata, External ID, and JWT Templates

Expand your WorkOS integration by customizing attributes on users, orgs, and session tokens.

Device Authorization Grant: Solving OAuth for screens without keyboards

A practical guide for developers implementing secure, user-friendly login flows on smart TVs, IoT devices, and CLIs.

Flipping the flow: How MCP sampling lets servers ask the AI for help

Explore how MCP transforms server logic with AI-powered completions, human approvals, and transparent workflows.

Email deliverability troubleshooting guide

A step-by-step guide to diagnose, fix, and prevent email delivery issues.

Why building your own BYOK is a trap

Enterprise customers want to bring their own keys. You don’t want to build the infrastructure to support it. WorkOS Vault bridges the gap with the fastest way to ship BYOK.

MCP Night 2025: When the AI infra community overflowed the Exploratorium in San Francisco

On May 14, 2025, we threw the first-ever MCP Night, at the Exploratorium in San Francisco, dedicated to one of the most exciting developments in applied AI: the Model Context Protocol (MCP).

Why implementing SAML from scratch is a terrible idea

SAML might look simple, but under the hood, it’s a legacy minefield of XML signatures, IdP quirks, and security pitfalls. Here’s why building it yourself is a guaranteed regret.

Your codebase is now addressable: Codex, Jules, and the Rise of agentic parallel coding

Platforms like OpenAI Codex and Google Jules are taking a swing at distributed cognition for software teams. What does this mean?

Agno: The agent framework for Python teams

Agno is an open-source framework that helps you build clean, composable and Pythonic agentic applications with tools, memory and reasoning capabilities.

Security threats in SPAs and how to defend against them

A developer’s guide to identifying and fixing the most common security flaws in Single-page applications.

How to sync users from Entra ID to your app using Node and WorkOS

Step-by-step tutorial that walks you through the necessary steps to add automated user provisioning to your app using SCIM, Entra ID, Node, and WorkOS, with just a few lines of code.

OAuth 2.1: What’s new, what’s gone, and how to migrate securely

Learn what’s changed in OAuth 2.1, including the removal of implicit flow, mandatory PKCE, and modern refresh token strategies. This guide walks you through the security upgrades and offers a clear migration checklist to help you stay compliant and secure.

Secure by design: How engineers should build and consume APIs

A practical guide to avoiding common pitfalls and implementing security best practices across both internal and third-party API integrations.

What is NIST and why should developers care?

What if the most practical security guidance didn’t come from a startup, but from a government agency? Read how NIST’s peer-reviewed frameworks are powering real-world security.

Maria Paktiti

May 12, 2025