Blog

Product
Nov 18, 2024

Passkeys, a safer and simpler alternative to passwords

Passkeys allow you to log into your account using biometrics instead of a password. They are now available for free to all AuthKit customers.

Maria Paktiti
Read more
Product
Nov 20, 2024

Fine-Grained Authorization is now generally available

FGA is the most flexible and granular authorization system, built for product and engineering teams looking to quickly implement fine-grained permissions in their applications. Use FGA to centralize your authorization logic, implement complex authorization schemes like Google Docs-style permissions, and define precise access control that goes beyond RBAC.

Aditya Kajla
Nov 20, 2024
Product
Nov 19, 2024

Introducing Radar — real-time protection against bots, fraud, abuse

Radar enhances AuthKit with powerful security features to protect your application from abuse, fraud, and attacks. It automatically detects authentication patterns that indicate malicious or suspicious behavior and includes six built-in preventions that can be enabled with a single click.

Ryan Cooke
Nov 19, 2024
Categories
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Guides
Feb 21, 2025

How to stop bots with honeypots

Honeypots are traps you can set up at your website to catch bots. Read how you can implement one and what are the best practices to follow.

Maria Paktiti
Feb 21, 2025
Guides
Feb 20, 2025

The best feature flag providers for apps in 2025

This article examines five leading feature toggle providers in 2025—LaunchDarkly, Optimizely, Unleash, Split.io, and Eppo—each offering unique benefits for different technical and organizational requirements.

Zack Proser
Feb 20, 2025
Guides
Feb 20, 2025

AI agents are taking over: How autonomous software changes research and work

Interest in AI agents is exploding, and they're already transforming how we work and perform research. Learn how.

Zack Proser
Feb 20, 2025
Guides
Feb 20, 2025

How encryption works in a Data Vault using EKM

Keeping data safe, especially sensitive data like PII, is an increasingly difficult project. Read about Data Vaults and EKM and how enterprises can use them to ensure data integrity and confidentiality.

Maria Paktiti
Feb 20, 2025
Guides
Feb 20, 2025

What is the difference between Radix and shadcn-ui?

Radix and shadcn-ui are both component libraries for React, but which should you choose?

Feb 20, 2025
Guides
Feb 19, 2025

Session management best practices

If you think you’re done when you authenticate a user, think again. Proper session management can make or break your app, both security and UX-wise. We gathered some industry best practices to help you get started.

Maria Paktiti
Feb 19, 2025
Glossary
Feb 18, 2025

Relationship-based vs policy-based authorization: what's the difference and how do they work together?

Authorization rules can be expressed as policies, relationships, or both. Read how each one works, their pros and cons, and find the best for your case.

Maria Paktiti
Feb 18, 2025
Glossary
Feb 17, 2025

EKM vs KMS: An introduction to key management

Keeping your data safe by encrypting them is crucial, but how do you keep the encryption keys safe? Read what EKM and KMS are and how they work together to do exactly that.

Maria Paktiti
Feb 17, 2025
Guides
Feb 14, 2025

Top AI Agent frameworks and platforms in 2025

AI agent frameworks and platforms empower developers to build software that can reason, remember, and act independently. Which should you choose?

Zack Proser
Feb 14, 2025
Guides
Feb 14, 2025

Understanding the OAuth 2.0 Client Credentials flow

Learn how to use OAuth for secure machine-to-machine communication with the Client Credentials flow.

Maria Paktiti
Feb 14, 2025
Guides
Feb 13, 2025

What is Arcade.dev? An LLM tool calling platform

Large Language Models (LLMs) excel at producing text, but many applications need them to do more: raise GitHub issues, star a repository, or send Twilio messages in real time.

Zack Proser
Feb 13, 2025
Guides
Feb 13, 2025

RBAC best practices

Ensure the right people have the right access. Check out our RBAC best practices guide and avoid common pitfalls.

Maria Paktiti
Feb 13, 2025
Tutorials
Feb 12, 2025

How to build RBAC with WorkOS and Node

Step-by-step tutorial that walks you through the necessary steps to add role-based access control (RBAC) to your app using WorkOS and Node.

Maria Paktiti
Feb 12, 2025
Guides
Feb 11, 2025

The battle against bots: How to detect and stop them

Bots are everywhere. How can you distinguish the bad from the good, and how can you stop them? Read our guide for practical steps on how to stop bots and protect your app.

Maria Paktiti
Feb 11, 2025
Product
Feb 10, 2025

Scaling up: Why Fine-Grained Authorization is key as your product moves upmarket

When your goal is selling to enterprises, sooner or later, you will have to leave RBAC for a fine-grained authorization model. Read more about why that is and how you can make the move.

Maria Paktiti
Feb 10, 2025
We’re hiring

Our global team is growing and we’re hiring all types of roles.

View open roles
About us

WorkOS builds developer tools for quickly adding enterprise features to applications.

Learn more

This site uses cookies to improve your experience. Please accept the use of cookies on this site. You can review our cookie policy here and our privacy policy here. If you choose to refuse, functionality of this site will be limited.